Go modules · proxy.golang.org
github.com/spondon16/wcvs
DNS / OAST exfiltration: matched "burpcollaborator.net"
Why PkgRadar flagged v0.0.0-20260321092031-a89b410c935e
| Severity | Signal | Evidence |
|---|---|---|
| high | DNS / OAST exfiltration | matched "burpcollaborator.net" · github.com/spondon16/[email protected]/pkg/techniques.go |
| medium | Remote Payload | matched "curl " · github.com/spondon16/[email protected]/go.mod |
| medium | Remote Payload | matched "curl " · github.com/spondon16/[email protected]/go.sum |
| medium | Tls Verification Disabled | matched "InsecureSkipVerify: true" · github.com/spondon16/[email protected]/pkg/request_smuggling.go |
| medium | Remote Payload | matched "Curl " · github.com/spondon16/[email protected]/pkg/requests.go |
| medium | Tls Verification Disabled | matched "InsecureSkipVerify: true" · github.com/spondon16/[email protected]/pkg/utils.go |
Scanned versions
| Version | Verdict | Score | Scanned (UTC) |
|---|---|---|---|
v0.0.0-20260321092031-a89b410c935e | High risk | 78 | 2026-06-20 |
v0.0.0-20260618092256-461aa70476f8 | High risk | 78 | 2026-06-20 |
Block this in CI
pkgradar gate --ecosystem go github.com/spondon16/[email protected]