This is my side project that exploits the permissions and vulnerabilities of **pip** packages, which is capable of sneaking in *sensitive information, source code, or any malware* into a local machine.
A ready-to-deploy Python package designed to stealthily integrate files within a machine, ensuring discreet and seamless file operations without detection. This project is nothing more than a lightweight & faster Python package that aims to highlight and improve security by demonstrating potential vulnerabilities in the system when connected with pip.
pip install matplotlib-visual
Note: The
matplotlib-visual
package has been implemented by Project Manager and has details specific to him, you are suggested to follow the steps above and fork the repository and upload a package.
python
from matplotlib_visual.models import display
display("<filename-without-extension>")
models
method displays source code in the console.
from matplotlib_visual.graph import display
display("<filename-without-extension>")
graph
method copies the source code to the system's clipboard.
from matplotlib_visual.piechart import display
display("<filename-without-extension>")
piechart
method writes the file in the root directory of execution.
from package_name.clp import grab
grab('url-name')
grab
method retrieves the clipboard's text content from the specified URL and displays it in the system console. If no content is found, a message indicating "nothing found" is returned.
We welcome all contributors to our project Sneaky-Package. Before contributing we request you to get familiar with the project. The project is beginner friendly and you can find features you would like to improve including bugs, enhancements or documentation. Here are steps to start contributing:
🍴 Fork the Repository
💻 Clone Your Fork
git clone https://github.com/ENTER-YOUR-USERNAME/Sneaky-package.git
🌿 Create a New Branch
git switch YOUR-BRANCH-NAME
🛠️ Make Your Changes
✅ Finalize Your Changes
💬 Commit Your Changes
git add .
git commit -m "Added feature X or Fixed issue Y"
📤 Push Your Changes
git push origin YOUR-BRANCH-NAME
🔄 Create a Pull Request (PR)
🔎 Review Changes
All tasks will be assigned various levels based on complexity and required skills. Each level provides different points:
It is important to adhere to the guidelines; violations can affect your profile. Review the guidelines here.
stash/
directory.graph.py
, models.py
, and piechart.py
are aliases to avoid detection of sensitive operations.Big thanks to all the contributors! 🎉
Thanks goes to these wonderful people:
We thank all the contributors for playing their part in the project, we really appreciate your efforts. We encourage other contributors to explore the package and help us enhance it, your contributions are valuable.
The project works by highlighting and improving security measure by demonstrating potential vulnerabilities when the system connected with pip. It is licensed under the GPL 3.0, allowing you to sneakily use and modify it as needed.
Happy sneaking! 🤫