PoC‖GTFO
Twitter
LinkedIn
GitHub
XTerm
English
עברית
Medžuslovjansky
Русский
Earlier this month, the maintainer of Cheating-Daddy discovered that a Y-Combinator-funded startup had copied their GPL-licensed codebase, stripped out the comments, and re-released it as “Glass” under an incompatible license. This isn’t an isolated incident; we see code theft and improper vendoring constantly during security assessments. So we built a tool to catch it automatically.
Vendetect is our new open-source tool for detecting copied and vendored code between repositories. It uses semantic fingerprinting to identify similar code even when variable names change or comments disappear. More importantly, unlike academic plagiarism detectors, it understands version control history, helping you trace vendored code back to its exact source commit.
This is an excerpt from the 
Atom Feed