target-reconlisted

# Target Recon -- Finding High-Quality Audit Targets ## When to Use Starting a new research cycle. Need fresh targets with high CVE potential but low existing researcher attention. ## Target Sweet Spot The ideal target is a package that: - Is widely used (>100K weekly downloads on npm) - Handles untrusted input (parsing, validation, file processing) - Is small enough to audit in a day (< 10K lines of code) - Has few existing CVEs (< 5) - Is actively maintained (last commit within 6 months) - Has 500-15K GitHub stars ## Avoid - **Mega-packages** (lodash, axios, moment, express, django, rails) -- too many researchers - **Full frameworks** (Next.js, Nuxt, Laravel) -- too large, too audited - **>20K stars AND >10 prior CVEs** -- over-audited territory - **Abandoned packages** (no commits in 2+ years) -- CVE may not be assigned - **Alpha/beta packages** -- maintainer may not issue CVE ## Search Strategies ### npm Search ```bash # Search by category npm search xml parser npm search csv parse npm search template engine npm search file upload npm search schema validator # Check weekly downloads on npmjs.com # Look for packages with 100K-10M weekly downloads ``` ### GitHub Search ```bash # Search repos by language and star count gh search repos "xml parser" --language javascript --stars 500..15000 gh search repos "yaml" --language python --stars 500..10000 gh search repos "template engine" --language javascript --stars 500..15000 gh search repos "archive extract" --language