archer scans & analyses every package published to the node package manager. It's main goal is to identify and track on-going malware campaigns against the Node ecosystem. archer is a research project run by veryserious.systems
closed access — archer is not available for public use.
detected malicious behaviour is logged and analysed for research & reporting purposes.
patterns of behaviour & occurences of indicators are tracked.
trufflehog is used by archer to identify exposure and risk of public packages.
we use trufflehog to scan for leaked secrets, as part of this process trufflehog will automatically attempt to validate leaked secrets. veryserious.systems only uses the presence of leaked secrets and tokens to determine package risk.