PkgRadar

Go modules · proxy.golang.org

github.com/renansj/ryofuzz

DNS / OAST exfiltration: matched "burpcollaborator.net"

Why PkgRadar flagged v1.0.8

SeveritySignalEvidence
highDNS / OAST exfiltrationmatched "burpcollaborator.net" · github.com/renansj/[email protected]/internal/vulns/ssrf.go
mediumTls Verification Disabledmatched "InsecureSkipVerify: true" · github.com/renansj/[email protected]/internal/behavioral/engine.go
mediumTls Verification Disabledmatched "InsecureSkipVerify: true" · github.com/renansj/[email protected]/internal/crawler/crawler.go
mediumTls Verification Disabledmatched "InsecureSkipVerify: true" · github.com/renansj/[email protected]/internal/engine/authclient.go
mediumTls Verification Disabledmatched "InsecureSkipVerify: true" · github.com/renansj/[email protected]/internal/engine/engine.go
mediumRemote Payloadmatched "cURL " · github.com/renansj/[email protected]/internal/oob/ngrok.go
mediumTls Verification Disabledmatched "InsecureSkipVerify: true" · github.com/renansj/[email protected]/internal/race/singlepacket.go
mediumRemote Payloadmatched "raw.githubusercontent.com" · github.com/renansj/[email protected]/internal/reporter/sarif.go
mediumRemote Payloadmatched "cURL " · github.com/renansj/[email protected]/internal/schema/openapi.go

Scanned versions

VersionVerdictScoreScanned (UTC)
v1.0.8High risk1092026-06-20
v0.7.6High risk782026-06-20
v0.4.0High risk662026-06-20
v0.7.0High risk782026-06-20
v1.0.2High risk1042026-06-20
v0.3.0High risk662026-06-20
v0.7.2High risk782026-06-20
v0.7.4High risk782026-06-20
v0.7.7High risk902026-06-20
v1.0.12High risk1142026-06-20
v1.0.5High risk1092026-06-20
v1.0.3High risk1042026-06-20
v0.7.12High risk1022026-06-20
v0.5.1High risk662026-06-20
v1.0.7High risk1092026-06-20
v1.0.16-0.20260618141548-16c776ede389High risk1142026-06-20
v0.2.0High risk662026-06-20
v1.0.10High risk1142026-06-20
v1.0.4High risk1042026-06-20
v0.7.9High risk902026-06-20
v0.1.0High risk662026-06-20
v1.0.15-0.20260618140837-2d952bef669bHigh risk1142026-06-20
v0.7.10High risk902026-06-20
v1.0.14High risk1142026-06-20

Block this in CI

PkgRadar gates github.com/renansj/ryofuzz (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/renansj/[email protected]
Start free — 25 scans / moView full evidence