Automic VaultAutomic Vault

brew

使用 Homebrew, Nix 安装 badkeys

查看 badkeys 的安装路径、可执行文件、元数据以及面向 AI 代理工作流的安全说明。

安装

其他安装命令

macOS

Homebrew已验证 · 100%
brew install badkeys

local Homebrew formula metadata

Linux

Nix已验证 · 92%
nix profile install nixpkgs#badkeys

nixpkgs package indexes · pkgs/by-name/ba/badkeys/package.nix · 来源: api.github.com

概览

软件包摘要

Tool to find common vulnerabilities in cryptographic public keys

命令和别名

  • badkeys

历史

项目历史与用法

badkeys is a Python tool and library for checking cryptographic public keys against known vulnerability patterns and blocklist data. It sits in the practical security-tooling niche between certificate/key parsers and vulnerability scanners.

项目历史

The badkeys GitHub repository was created in January 2022. Its README says the tool checks public keys in multiple formats for known vulnerabilities, with a public web version at badkeys.info.

The README credits Hanno Boeck as author, says the work was initially funded in 2022 through the CIDI project and CISAT at the IT University of Copenhagen, and notes later 2025/2026 support from NLnet's NGI0 Core Fund.

采用历史

The project is distributed through PyPI and appears in Homebrew and Nix in the batch package metadata. The README also points users to Repology for distribution packages, suggesting upstream expected operating-system packaging beyond Python-only installation.

Release names show the project expanding its checks over time, including DKIM support in 2024, parser robustness and return-code improvements in 2026, and a 'Post-Quantum Edition' release in June 2026.

使用方式

badkeys users first download blocklist data with badkeys --update-bl, then scan key, certificate, CSR, SSH public key, TLS host, or SSH host material. The README documents return codes that distinguish application errors, parser problems, and vulnerable keys.

Its command-line use is intentionally automation-friendly: quiet output when no vulnerable keys are found, an all-keys output flag for audits, and bitmask return codes for CI or batch scans.

为什么软件包爱好者会关心

badkeys is package-nerd relevant because it turns a pile of cryptographic failure cases into a reusable CLI and library with data updates. Packaging it gives security teams a repeatable way to scan public keys without copying ad hoc scripts around.

It also illustrates a modern security package pattern: a small Python CLI, external vulnerability/blocklist data, optional network scanning modes, and package-manager availability for workstation and CI installation.

时间线

  • 2022: Public GitHub repository created and initial CIDI/CISAT funding period described by upstream.
  • 2024: v0.0.7 and v0.0.9 releases published; v0.0.9 added DKIM support.
  • 2025: Upstream README notes NLnet NGI0 Core Fund support across 2025/2026.
  • 2026: v0.0.19 'Post-Quantum Edition' released.

Related projects

  • badkeys is adjacent to OpenSSL, SSH host-key audit tooling, TLS scanners, DKIM key checking, and certificate linting tools.
  • The README notes Paramiko as an optional dependency for SSH scanning.

安全态势

尚未找到受保护工具覆盖

没有找到 badkeys 的匹配本地密钥处理 manifest。Nucleus 软件包元数据仍在此发布,以便未来覆盖拥有稳定的软件包 URL。

安装行为

  • formula 元数据中未记录 Homebrew post-install 钩子。
  • Homebrew bottle 元数据适用于 6 个平台目标。
  • 安装时包含 5 个运行时依赖。

建议审查

在无人值守的代理使用前,请检查该工具是否读取明文凭据、写入远程状态、发布制品或调用插件。

可执行文件

已安装的可执行文件

命令类型暴露范围备注
badkeyscli全局可执行文件

新鲜度

版本和新鲜度

这些信号区分页生成时间、软件包管理器活动和上游发布比较。只有存在证据 URL 和可比较版本时,才会提示版本落后。

页面生成时间2026-07-08
管理器版本0.0.19
管理器更新时间2026-06-17
本地数据OK
上游not checked
检测到的最新版本未检测到

https://badkeys.info

  • 信息Release/tag comparison is only available for GitHub repositories.https://badkeys.infonone 置信度

安装元数据

软件包元数据

软件包键brew:badkeys
版本0.0.19
软件包管理器Homebrew
软件包管理器页面https://formulae.brew.sh/formula/badkeys
主页https://badkeys.info
仓库https://github.com/badkeys/badkeys
上游文档https://badkeys.info/
许可证MIT
源码归档https://files.pythonhosted.org/packages/bd/a7/b222a5f0db2bc9e765252a109da1ab1baeed0da6e0b050e2baa3208650c4/badkeys-0.0.19.tar.gz
最后更新2026-06-17T09:59:35Z
Pulseupdated
依赖cryptography, gmp, libmpc, mpfr, python@3.14
Bottle可用 (于 arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux)
Homebrew post-install未定义
服务未声明

注册表事实

源数据库详情

Source DatabaseHomebrew formula API
Taphomebrew/core
Full Namebadkeys
Version Scheme0
Revision0
Head VersionHEAD
Bottle Stable Root URLhttps://ghcr.io/v2/homebrew/core
Deprecatedno
Disabledno
Keg Onlyno
URL Keys
  • head
  • stable

源数据库匹配

其他软件包管理器记录

匹配项来自外部软件包管理器索引,并与本地 Automic Vault 软件包链接分开显示。

Nix95%

badkeys

nix profile install nixpkgs#badkeys
  • normalized package name match
  • 匹配方式:Badkeys
nixpkgs package indexes · api.github.com · nixpkgs package indexes: pkgs/by-name/ba/badkeys/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

来源线索

由仓库数据生成

此页面由 av-webscripts/generate-pkg-sqlite.py 生成的私有软件包 SQLite 工件提供。

使用的来源

  • Geiger risk classifier
  • Nucleus package database
  • av.db category and tag curation
  • cross-ecosystem install command graph
  • curated package history
  • external package-manager database matches
  • package relationship graph
  • package version freshness
  • package-page enrichment