FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git.

Related tags

Security related resourcesfosslight_scanner
Overview

FOSSLight Scanner

Analyze at once for Open Source Compliance.

FOSSLight Scanner is released under the Apache-2.0. Current python package version. REUSE status

FOSSLight Scanner performs open source analysis after downloading the source by passing a link that can be cloned by wget or git. Instead, open source analysis can be performed for the local source path. The output result is generated in FOSSLight Report format.

Contents

๐Ÿ“‹ Prerequisite

FOSSLight Scanner needs a Python 3.6+.

๐ŸŽ‰ How to install

It can be installed using pip3. It is recommended to install it in the python 3.6 + virtualenv environment.

$ pip3 install fosslight_scanner

๐Ÿš€ How to run

FOSSLight Scanner is run with the fosslight command.

Parameters

    -h                        Print help message
    -r                        Keep raw data 
    -p 
   
                     Path to analyze source
    -w 
                     Link to be analyzaed can be downloaded by wget or git clone
    -o 
                   Output Directory or file
    -f 
     
                     Output file format (excel, csv, opossum)
    -c 
      
                       Number of processes to analyze source
    -d 
       
         Additional arguments for running dependency analysis

Ex 1. Local Source Analysis

$ fosslight -p /home/source_path -a "-a 'source /test/Projects/venv/bin/activate' -d 'deactivate'"

Ex 2. Download Link and analyze

$ fosslight -o test_result_wget -w "https://github.com/LGE-OSS/example.git"

๐Ÿ“ Result

$ tree
.
โ”œโ”€โ”€ fosslight_log
โ”‚   โ”œโ”€โ”€ fosslight_log_20210924_022422.txt
โ””โ”€โ”€ FOSSLight-Report_20210924_022422.xlsx
  • FOSSLight_Report-[datetime].xlsx : OSS Report format file that outputs source code analysis, binary analysis, and dependency analysis results.
  • fosslight_raw_data_[datetime] directory: Directory in which raw data files are created as a result of analysis

๐Ÿ‘ How to report issue

Please report any ideas or bugs to improve by creating an issue in fosslight_scanner repository.
Then there will be quick bug fixes and upgrades. Ideas to improve are always welcome.

๐Ÿ“„ License

FOSSLight Scanner is released under Apache-2.0.

Comments
  • does not work fosslight_scanner in Windows 10

    does not work fosslight_scanner in Windows 10

    Describe the bug does not work fosslight_scanner in Windows 10 Home 21H2

    To Reproduce fosslight_scanner What are you going to analyze? (1/2) 1. Links that can be cloned by git or wget 2. Local source path 1 Enter the link to analyze:https://github.com/LGE-OSS/example

    Expected behavior

    Enter the link to analyze:https://github.com/LGE-OSS/example Link to download: https://github.com/LGE-OSS/example

    • FOSSLight Downloader - Result :False module 'signal' has no attribute 'SIGALRM' Download failed: module 'signal' has no attribute 'SIGALRM'

    System environment (please complete the following information):

    • OS: Windows 10 Home 21H2
    • Python : python 3.9.12 (with Anaconda 3)
    bug 
    opened by kjhcav 3
  • Support yaml format of FOSSLight Report

    Support yaml format of FOSSLight Report

    Signed-off-by: Jiyeong Seok [email protected]

    Description

    Support yaml format of FOSSLight Report

    Type of change

    Please insert 'x' one of the type of change.

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [x] New feature (non-breaking change which adds functionality)
    • [ ] Documentation update
    • [ ] Refactoring, Maintenance
    • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
    enhancement 
    opened by dd-jy 2
  • Fix bug about dep. arg input when not dep. running

    Fix bug about dep. arg input when not dep. running

    Description

    • Fix bug about dep. arg input when not dep. running
    • Add importlib-metadata to requirement-dev.txt with specific version as a dependency for test on Python-3.7

    Type of change

    Please insert 'x' one of the type of change.

    • [x] Bug fix (non-breaking change which fixes an issue)
    • [ ] New feature (non-breaking change which adds functionality)
    • [ ] Documentation update
    • [ ] Refactoring, Maintenance
    • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
    bug 
    opened by bjk7119 1
  • Modify help msg if invalid input

    Modify help msg if invalid input

    Description

    • Modify help msg if invalid input

    Type of change

    Please insert 'x' one of the type of change.

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [ ] New feature (non-breaking change which adds functionality)
    • [ ] Documentation update
    • [x] Refactoring, Maintenance
    • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
    chore 
    opened by bjk7119 1
  • Change the required version of Python to 3.7

    Change the required version of Python to 3.7

    Description

    Change the minimum required version of Python to 3.7.

    Reason :

    • From ScanCode v31.0.1, Python 3.7+ is required. For this reason, the FOSSLight source scanner requires python 3.7.

    Type of change

    Please insert 'x' one of the type of change.

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [ ] New feature (non-breaking change which adds functionality)
    • [ ] Documentation update
    • [x] Refactoring, Maintenance
    • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
    chore 
    opened by soimkim 1
  • Change FL Reuse to FL Prechecker

    Change FL Reuse to FL Prechecker

    Description

    • Change FL Reuse to FL Prechecker

    Type of change

    Please insert 'x' one of the type of change.

    • [x] Bug fix (non-breaking change which fixes an issue)
    • [ ] New feature (non-breaking change which adds functionality)
    • [ ] Documentation update
    • [ ] Refactoring, Maintenance
    • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
    bug fix 
    opened by bjk7119 1
  • Print message when comparison rows are over 100.

    Print message when comparison rows are over 100.

    Signed-off-by: Jiyeong Seok [email protected]

    Description

    • Print message when comparison rows are over 100.
    • Add progress bar

    Type of change

    Please insert 'x' one of the type of change.

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [x] New feature (non-breaking change which adds functionality)
    • [ ] Documentation update
    • [ ] Refactoring, Maintenance
    • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
    chore 
    opened by dd-jy 1
  • Fix errors when parsing with path

    Fix errors when parsing with path

    Description

    Fix the bug caused by not initializing the variable that outputs the default OSS Name.

    Type of change

    Please insert 'x' one of the type of change.

    • [x] Bug fix (non-breaking change which fixes an issue)
    • [ ] New feature (non-breaking change which adds functionality)
    • [ ] Documentation update
    • [ ] Refactoring, Maintenance
    • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
    bug fix 
    opened by soimkim 1
  • Add a FOSSLight Binary

    Add a FOSSLight Binary

    Description

    • Add the FOSSLight Binary to run during analysis.
    • Add the v option to print the version.

    Type of change

    Please insert 'x' one of the type of change.

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [ ] New feature (non-breaking change which adds functionality)
    • [ ] Documentation update
    • [x] Refactoring, Maintenance
    • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
    enhancement 
    opened by soimkim 1
  • Add the -f option and change way to create output

    Add the -f option and change way to create output

    Description

    • Add the -f option to input the output file format.
    • Change it to use FL Util's functions when generating output.
    • Input Mode
      • AS-IS: If user just type enter, it asks user to re-enter (try 2 times). Source and dependency path to be analyzed are inputted respectively.
      • TO-BE: If user just type enter in the input mode, it is assumed that nothing has been inputted. Source and dependency path to be analyzed is input at once.

    Type of change

    Please insert 'x' one of the type of change.

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [ ] New feature (non-breaking change which adds functionality)
    • [ ] Documentation update
    • [x] Refactoring, Maintenance
    • [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
    chore 
    opened by soimkim 1
  • An error occurs when FOSSLight Util is 1.2.0

    An error occurs when FOSSLight Util is 1.2.0

    Describe the bug An error occurs when FL Util is 1.2.0.

    Expected behavior Specify the minimum version of FOSSLight Util required by FOSSLight Scanner.

    bug 
    opened by soimkim 1
Releases(v1.7.8)

  • v1.7.8(Jan 2, 2023)

  • v1.7.7(Nov 18, 2022)

  • v1.7.6(Nov 4, 2022)

    Changes

    ๐Ÿ› Hotfixes

    • Fix bug about dep. arg input when not dep. running @bjk7119 (#50)

    ๐Ÿ”ง Maintenance

    • Analyze current path if not input path @bjk7119 (#51)
    Source code(tar.gz)
    Source code(zip)

  • v1.7.5(Oct 6, 2022)

  • v1.7.4(Sep 15, 2022)

  • v1.7.3(Sep 1, 2022)

    Changes

    ๐Ÿš€ Features

    • Support 'xlsx' report for Compare mode @dd-jy (#46)

    ๐Ÿ”ง Maintenance

    • Change the required version of Python to 3.7 @soimkim (#45)
    Source code(tar.gz)
    Source code(zip)

  • v1.7.2(Aug 16, 2022)

  • v1.7.1(Jul 22, 2022)

  • v1.7.0(Jul 22, 2022)

    Changes

    ๐Ÿš€ Features

    • Add compare mode @dd-jy (#38)

    ๐Ÿ”ง Maintenance

    • Replace 'y' option to 'p' option. @dd-jy (#41)
    • Fix scanner support format and not to create csv. @dd-jy (#40)
    • Print message when comparison rows are over 100. @dd-jy (#39)
    Source code(tar.gz)
    Source code(zip)

  • v1.6.15(Jul 6, 2022)

  • v1.6.14(May 19, 2022)

    Changes

    ๐Ÿš€ Features

    • Run fosslight_source without installing it @soimkim (#34)
    • Add a Dockerfile @soimkim (#35)

    ๐Ÿ› Hotfixes

    • Fix a bug where part of the output file is not created without the -o option @soimkim (#36)
    Source code(tar.gz)
    Source code(zip)

  • v1.6.13(Apr 11, 2022)

    Changes

    ๐Ÿ› Hotfixes

    • Fix an errors when parsing with path @soimkim (#33)
    • Fix an error that occur when downloading link @soimkim (#30)

    ๐Ÿ”ง Maintenance

    • Add a commit message checker @soimkim (#31)
    Source code(tar.gz)
    Source code(zip)

  • v1.6.12(Mar 28, 2022)

  • v1.6.11(Mar 27, 2022)

  • v1.6.10(Mar 11, 2022)

  • v1.6.9(Feb 28, 2022)

    Changes

    ๐Ÿ”ง Maintenance

    • Change the result generation method to merging @soimkim (#25)
    • Add an inputable value to mode @soimkim (#24)
    • Update the README with additional Scanners @soimkim (#23)
    Source code(tar.gz)
    Source code(zip)

  • v1.6.8(Feb 10, 2022)

    Changes

    ๐Ÿš€ Features

    • Change the options when analyzing the source @soimkim (#19)
    • Support analysis mode @soimkim (#17)
    • Add a FOSSLight Reuse @soimkim (#16)
    • Add a FOSSLight Binary @soimkim (#14)

    ๐Ÿ› Hotfixes

    • Fix the bug that the raw folder is not deleted when analyzing with a link @soimkim (#21)

    ๐Ÿ”ง Maintenance

    • Modify to print output file name @bjk7119 (#22)
    • Create a result file of FOSSLight Source @soimkim (#20)
    • Move the binary analysis result file to output @soimkim (#18)
    Source code(tar.gz)
    Source code(zip)

  • v1.6.7(Nov 25, 2021)

  • v1.6.6(Nov 4, 2021)

  • v1.6.5(Oct 21, 2021)

    Changes

    ๐Ÿ”ง Maintenance

    • Add the -f option and change way to create output @soimkim (#10)
    • Change the parameters related to the scanner path @soimkim (#9)
    Source code(tar.gz)
    Source code(zip)

  • v1.6.4(Oct 7, 2021)

  • v1.6.3(Oct 6, 2021)

  • v1.6.2(Oct 5, 2021)

  • v1.6.1(Oct 1, 2021)

    Changes

    ๐Ÿ› Hotfixes

    • Add the FOSSLight Util minimum version @soimkim (#4)

    ๐Ÿ”ง Maintenance

    • Change the output path of log, source @soimkim (#5)
    Source code(tar.gz)
    Source code(zip)

  • v1.6.0(Sep 24, 2021)

Owner
FOSSLight
FOSSLight
GitHub Repository
Denial Attacks by Various Methods

Denial Service Attack Denial Attacks by Various Methods IIIIIIIIIIIIIIIIIIII PPPPPPPPPPPPPPPPP VVVVVVVV VVVVVVVV I::

Baris Dincer 9 Nov 26, 2022
A python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password

Hcoder This is a python base script from which you can hack or clone any person's facebook friendlist or followers accounts which have simple password

Muhammad Hamza 3 Dec 06, 2021
ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF->GetWebShell)

ProxyLogon For Python3 ProxyLogon(CVE-2021-26855+CVE-2021-27065) Exchange Server RCE(SSRF-GetWebShell) usage: python ProxyLogon.py --host=exchang

112 Dec 01, 2022
Simplify getting and using cookies from the browser to use in Python.

CookieCache Simplify getting and using cookies from the browser to use in Python. NOTE: All the logic to interface with the browsers is done by the Br

pat_h/to/file 2 May 06, 2022
Um script simples de Port Scan + DNS by Hostname

๐Ÿ–ฅ PortScan-DNS Esta รฉ uma ferramenta simples de Port Scan + DNS by Hostname... ๐Ÿ’ป | DNS Resolver / by Hostname: HOST IP EXTERNO IP INTERNO ๐Ÿ’ป | Port

AlbรขniaSecurity-RT 7 Dec 08, 2022
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

About Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-202

Evi1cg 500 Jan 06, 2023
Tool to decrypt iOS apps using r2frida

r2flutch Yet another tool to decrypt iOS apps using r2frida. Requirements It requires to install Frida on the Jailbroken iOS device: Jailbroken device

Murphy 146 Jan 03, 2023
IDA Python Script for anti ollvm

IDA Python Script for anti ollvm

Shocker 62 Dec 23, 2022
Receive notifications/alerts on the most recent disclosed CVE's.

Receive notifications on the most recent disclosed CVE's.

Ameliorate 7 Nov 24, 2022
IDA plugin for quickly copying disassembly as encoded hex bytes

HexCopy IDA plugin for quickly copying disassembly as encoded hex bytes. This whole plugin just saves you two extra clicks... but if you are frequentl

OALabs 46 Oct 30, 2022
SPV SecurePasswordVerification

SPV SecurePasswordVerification Its is python module for doing a secure password verification without sharing the password directly. Features The passw

Merwin 1 Feb 12, 2022
A script to extract SNESticle from Fight Night Round 2

fn22snesticle.py A script for producing a SNESticle ISO from a Fight Night Round 2 ISO and any SNES ROM. Background Fight Night Round 2 is a boxing ga

Johannes Holmberg 57 Nov 22, 2022
ไธ€ไธช่‡ชๅŠจๆŒ–ๆŽ˜ๆผๆดž็š„ๆก†ๆžถ๏ผŒๆ—ฅๅŽไผšๅ‘ๅฑ•ๆˆๅผบๅคง็š„ไฟกๆฏๆ”ถ้›†+ๆผๆดžๆŒ–ๆŽ˜่„šๆœฌ๏ผ

ไป‹็ป ๅทฅๅ…ทไป‹็ป ่ฟ™ๆ˜ฏไธ€ๆฌพ่‡ดๅŠ›ไบŽๅฐ†ๅ„็ฑปไผ˜็ง€่„šๆœฌ้›†ๅˆๅœจไธ€่ตท่ฐƒ็”จใ€่”ๅŠจ๏ผŒๆœ€็ปˆๅฏๅฝขๆˆ่ถ…็บงๆธ—้€่„šๆœฌ็š„ๅทฅๅ…ทใ€‚็›ฎ็š„ๆ˜ฏๆ‰ซๆๅˆฐๆ›ดๅ…จ็š„่ต„ไบงไฟกๆฏ๏ผŒๅ‘็Žฐๆ›ดๅคš็š„ๆผๆดžๅˆฉ็”จใ€‚ไฝ†ๆ˜ฏ่ฟ™ๆ˜ฏ้€š่ฟ‡็‰บ็‰ฒๆ‰ซๆ้€Ÿๅบฆๆฅๆๅ‡ๆ‰ซๆๅนฟๅบฆ็š„ใ€‚ๆ‰€ไปฅไธๅคช้€‚ๅˆ่ฆ่ฟ›่กŒ็ดงๆ€ฅไฟกๆฏๆ”ถ้›†ๅ’Œๆผๆดžๅˆฉ็”จ็š„ๆƒ…ๅ†ตใ€‚

Thinking rookie 23 Jul 05, 2022
A way to analyse how malware and/or goodware samples vary from each other using Shannon Entropy, Hausdorff Distance and Jaro-Winkler Distance

A way to analyse how malware and/or goodware samples vary from each other using Shannon Entropy, Hausdorff Distance and Jaro-Winkler Distance

11 Nov 15, 2022
Searches filesystem for CVE-2021-44228 and CVE-2021-45046 vulnerable instances of log4j library, including embedded (jar/war/zip) packaged ones.

log4shell_finder Python port of https://github.com/mergebase/log4j-detector log4j-detector is copyright (c) 2021 - MergeBase Software Inc. https://mer

Hynek Petrak 33 Jan 04, 2023
Community Repository for Unofficial Saltbox Add-ons

Saltbox Sandbox Repo Community Repository for Unofficial Saltbox Add-ons Requirements Saltbox Documentation Undetermined Roles List of roles can be fo

Salty Organization 31 Dec 19, 2022
Js File Scanner This is Js File Scanner

Js File Scanner This is Js File Scanner . Which are scan in js file and find juicy information Toke,Password Etc.

122 Dec 12, 2022
This is a repository filled with scripts that were made with Python, and designed to exploit computer systems.

PYTHON-EXPLOITATION This is a repository filled with scripts that were made with Python, and designed to exploit computer systems. Networking tcp_clin

Nathan Galindo 1 Oct 30, 2021
CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight;

CloakifyFactory CloakifyFactory & the Cloakify Toolset - Data Exfiltration & Infiltration In Plain Sight; Evade DLP/MLS Devices; Social Engineering of

3 Oct 18, 2022
Web Scraping com Python - Raspando Vagas para Programadores

Web Scraping com Python - Raspando Vagas para Programadores Sobre o Projeto Web

Kayo Libarino 3 Dec 30, 2021