Workflow

Picosnitch

Latest version: v1.0.3

Safety actively analyzes 715032 Python packages for vulnerabilities to keep your Python projects secure.

Scan your dependencies

Page 4 of 8

0.10.1

- rewrite bandwidth monitor with bcc, no longer depends on bpftrace
- add bpf program to cache dns queries (check before reverse lookups)
- add internal version checks to enable these features if supported
- users of Ubuntu based distros may want to add [this PPA](https://launchpad.net/~hadret/+archive/ubuntu/bpfcc) to their system

0.10.0

- new feature: bandwidth monitor (see [kernel requirements](https://github.com/iovisor/bpftrace/blob/master/INSTALL.md#linux-kernel-requirements))
- changed sql database structure (will auto update)
- changed log structure

0.9.1

- improvements to executable detection reliability (so that extremely short-lived ones are less likely to evade hashing)
- get dev + inode of running executable directly using bpf program (then confirm it matches the file descriptor once opened)
- open file descriptors to every running executable as soon as they're seen instead of waiting for connections
- if the executable itself still manages to evade being hashed (unlikely), it is logged as the child of its parent
- add warning if running on system with btrfs and ignore dev since it behaves strangely with btrfs, relying on just inode (which also has the problem of not always being unique, with btrfs)

0.9.0

- log ignore improvements
- add support for domains and hashes
- drop support for process names since those can be impersonated
- add new experimental feature "Every exe (not just conns)"
- this feature will likely be forever "experimental" since it is slightly outside of the goals/scope of picosnitch, and difficult to improve upon with existing kernel and bpf features, but was trivial to add in its current form without interfering with other functionality
- it functions sort of like real time monitoring in traditional anti-malware software and may be useful for people who want greater intrusion detection coverage

0.8.2

- automatically try to find a human user to set for SUDO_UID and DBUS_SESSION_BUS_ADDRESS if not in environment

0.8.1

- improved initialization performance
- improved error messages
- improved virustotal retry logic

Page 4 of 8

Links

Releases

Has known vulnerabilities

Previous Next

© 2025 Safety CLI Cybersecurity Inc. All Rights Reserved.