Created
December 4, 2019 22:02
-
-
Save vesche/bee453e16c878254a9d59878293312fe to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python | |
| import json | |
| import crayons | |
| import requests | |
| PYPI_URL = 'https://pypi.org/pypi/{package_name}/json' | |
| homoglyphs = { | |
| 'a': ['ɑ'], | |
| 'c': ['ᴄ', 'ⅽ'], | |
| 'd': ['ⅾ'], | |
| 'f': ['ſ'], | |
| 'g': ['ɡ'], | |
| 'i': ['ⅰ'], | |
| 'l': ['I', 'Ⅰ', 'ⅼ'], | |
| 'o': ['ᴏ'], | |
| 'u': ['ᴜ'], | |
| 'v': ['ᴠ', 'ⅴ'], | |
| 'w': ['ᴡ'], | |
| 'x': ['ⅹ'], | |
| 'y': ['ʏ'], | |
| 'z': ['ᴢ'] | |
| } | |
| def get_top_packages(n=4000): | |
| with open('top-pypi-packages-365-days.json', 'r') as f: | |
| data = json.loads(f.read()) | |
| return [p['project'] for p in data['rows']][:n] | |
| def get_homoglyphs(package): | |
| hgs = [] | |
| for letter in package: | |
| if letter in homoglyphs: | |
| for new_letter in homoglyphs[letter]: | |
| hgs.append(package.replace(letter, new_letter)) | |
| return hgs | |
| def main(): | |
| packages = get_top_packages(n=100) | |
| for package in packages: | |
| hgs = get_homoglyphs(package) | |
| for homoglyph in hgs: | |
| url = PYPI_URL.format(package_name=homoglyph) | |
| response = requests.get(url) | |
| if response.status_code == 200: | |
| print(crayons.green(f'[+] {homoglyph} found!')) | |
| package_data = response.json() | |
| with open(f'{package}-{homoglyph}-data.json', 'w') as f: | |
| f.write(json.dumps(package_data, indent=2)) | |
| else: | |
| print(crayons.red(f'[-] {homoglyph} NOT found.')) | |
| if __name__ == '__main__': | |
| main() |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment