Show HN: TraceTree – Sandboxed behavioral analysis for NPM and PyPI packages
Category: security
Tags: security, supply-chain, malware-analysis
Score: 6.3/10 (Innovation: 6, Technical: 7, Documentation: 6, Utility: 6)
TraceTree is a sandboxed behavioral analysis tool for NPM and PyPI packages that uses system call tracing, graph analysis, ML anomaly detection, and YARA signature matching to identify malicious behavior. Its unique 'eight legs' architecture combining strace-based monitoring with temporal pattern detection and a NetworkX graph builder makes it interesting for security research and supply chain defense.
Target audience: security engineers, devops, data engineers
Repository: https://github.com/tejasprasad2008-afk/TraceTree · Python · 39 stars
View on Hacker News