Go modules · proxy.golang.org

github.com/stormbane-security/beacon

Webhook Exfil Endpoint: matched "ngrok-free.app"

Why PkgRadar flagged v0.1.14

Severity	Signal	Evidence
high	Webhook Exfil Endpoint	matched "ngrok-free.app" · github.com/stormbane-security/[email protected]/internal/scanner/takeover/scanner.go
high	DNS / OAST exfiltration	matched "dig AXFR {asset} @$(" · github.com/stormbane-security/[email protected]/internal/report/verify.go
medium	Remote Payload	matched "curl " · github.com/stormbane-security/[email protected]/internal/agent/dropper.go
medium	Remote Payload	matched "curl " · github.com/stormbane-security/[email protected]/internal/analyze/analyzer.go
medium	Remote Payload	matched "curl " · github.com/stormbane-security/[email protected]/internal/chainengine/chains.go
medium	Remote Payload	matched "curl " · github.com/stormbane-security/[email protected]/internal/evasion/monitor.go
medium	Remote Payload	matched "curl " · github.com/stormbane-security/[email protected]/internal/postexploit/airflow.go
medium	Remote Payload	matched "curl " · github.com/stormbane-security/[email protected]/internal/postexploit/apache_rce.go
medium	Remote Payload	matched "curl " · github.com/stormbane-security/[email protected]/internal/postexploit/argocd.go
medium	Remote Payload	matched "curl " · github.com/stormbane-security/[email protected]/internal/postexploit/bamboo.go
medium	Remote Payload	matched "curl " · github.com/stormbane-security/[email protected]/internal/postexploit/bitbucket.go
medium	Remote Payload	matched "curl " · github.com/stormbane-security/[email protected]/internal/postexploit/cacti.go

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.1.14`	High risk	270	2026-06-10
`v0.1.15`	High risk	270	2026-06-10
`v0.1.10`	High risk	242	2026-06-10
`v0.1.9`	High risk	242	2026-06-10
`v0.1.13`	High risk	257	2026-06-10
`v0.1.11`	High risk	247	2026-06-10
`v0.1.8`	High risk	242	2026-06-10
`v0.1.5`	High risk	200	2026-06-10
`v0.1.0`	High risk	137	2026-06-10
`v0.1.2`	High risk	147	2026-06-10
`v0.1.6`	High risk	200	2026-06-10
`v0.1.1`	High risk	142	2026-06-10
`v0.1.16`	High risk	270	2026-06-10
`v0.1.3`	High risk	190	2026-06-10
`v0.1.7`	High risk	200	2026-06-10
`v0.1.12`	High risk	247	2026-06-10
`v0.1.4`	High risk	200	2026-06-10
`v0.1.17`	High risk	270	2026-06-10

Block this in CI

PkgRadar gates github.com/stormbane-security/beacon (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/stormbane-security/[email protected]