aeneasr

aeneasr / was-i-axios-pwned

Public

Find out if your system was compromised by the recent axios supply chain attack.

19
1
100% credibility
Found Apr 05, 2026 at 19 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Go
AI Summary

A read-only diagnostic tool that checks computers for signs of compromise from malicious axios package versions published to npm.

How It Works

1
📰 Hear the Alert

You learn about a sneaky security problem with a popular software tool called axios that briefly released harmful versions.

2
🔍 Find the Checker

You search and discover this free safety scanner designed to check if your computer was affected.

3
📥 Get It Ready

You grab the scanner easily and prepare it to look around your files.

4
🛡️ Run the Safety Scan

You launch the scan, which quietly searches common spots for any leftover clues from the bad update.

5
Review Your Results
🟢
All Clear

No signs found – your machine is safe and sound.

🟡
Possible Risk

Hints of exposure appear, but no direct proof – dig deeper or clean up.

🔴
Confirmed Hit

Clear evidence of compromise – time to isolate and rebuild.

6
📄 Save a Report

You create a detailed summary of findings to share or review later if needed.

😌 Gain Peace of Mind

Now you know exactly if your computer was touched and the safe next steps to take.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 19 to 19 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is was-i-axios-pwned?

This Go CLI scans your host for traces of the 2026 axios npm supply chain attack (versions 1.14.1, 0.30.4), which dropped a RAT via plain-crypto-js. It checks lockfiles, node_modules, npm caches, logs, processes, network, and platform artifacts on macOS, Linux, or Windows, outputting verdicts like CONFIRMED, LIKELY_EXPOSED, or NO_EVIDENCE. Use `go install` then `was-i-axios-pwned --deep --report-dir ./out` for TSV reports to find out if GitHub tokens, emails, or repo URLs were at risk from C2 exfil.

Why is it gaining traction?

Zero-config defaults hit npm globals, home dirs, and caches; --deep mode covers roots for thorough triage. Exit codes (0-3) hook into scripts, range-risk warnings flag vulnerable specs like ^1.14.0, and raw snippets aid forensics—beats manual grep for attack IOCs. Cross-platform binaries via Go make it dead simple versus platform-specific scripts.

Who should use this?

Node devs auditing projects to find GitHub PATs or usernames potentially pwned in the attack. Secops triaging servers to find out Linux distribution, Ubuntu version, or motherboard logs hit by axios payloads. Teams rotating creds after suspicious installs around March 31, 2026.

Verdict

Solid one-off triage tool with clear docs and e2e tests, but 19 stars and 1.0% credibility score signal early maturity—run it now if exposed, watch for updates. Worth the 30s install for affected hosts.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.