SEVEN.LEGEND // V4
Users Online: 1
Total Hits: 8,832
CODES // DATA STREAM
SECURITY CODE & SCRIPTS
« BACK
Tracer.Fody.NLog Vulnerability Scanner & Remover
POWERSHELL
A security utility designed to identify and remove the malicious typosquatted NuGet package 'Tracer.Fody.NLog'. It recursively scans .csproj and packages.config files in the current directory, flags matches, and provides an interactive prompt to safely excise the malicious references.
UPLOADED: 2026.02.06
ID: CVE-2025-TYPOSQUAT-01 //
LANG: Powershell //
LINES: 36
# Utility: NuGet Typosquatting Scanner - Tracer.Fody.NLog
# Purpose: Identifies and removes cryptocurrency wallet-stealing malware references
$maliciousPackage = "Tracer.Fody.NLog"
$searchPath = Get-Location
Write-Host "--- Initiating Scan for: $maliciousPackage ---" -ForegroundColor Cyan
# Locate project configuration files
$files = Get-ChildItem -Path $searchPath -Recurse -Include "*.csproj", "packages.config"
$foundCount = 0
foreach ($file in $files) {
$content = Get-Content $file.FullName
if ($content -match $maliciousPackage) {
$foundCount++
Write-Host "[!] ALERT: Malicious entry found in: $($file.FullName)" -ForegroundColor Red
# Interactive Choice Prompt
$title = "Remediation Required"
$message = "Remove '$maliciousPackage' from project file?"
$yes = New-Object System.Management.Automation.Host.ChoiceDescription "&Yes", "Deletes the malicious line."
$no = New-Object System.Management.Automation.Host.ChoiceDescription "&No", "Skips removal."
$options = [System.Management.Automation.Host.ChoiceDescription[]]($yes, $no)
$result = $host.ui.PromptForChoice($title, $message, $options, 1)
if ($result -eq 0) {
$newContent = $content | Where-Object { $_ -notmatch $maliciousPackage }
$newContent | Set-Content $file.FullName
Write-Host "[+] Reference purged successfully." -ForegroundColor Green
}
}
}
Write-Host "`nScan Finished. Total instances flagged: $foundCount" -ForegroundColor Cyan