Professional security and developer tools in your terminal
# Install globally
pip install veribits
# Verify installation
veribits --version
# Check available commands
veribits --help# Create virtual environment
python3 -m venv venv
# Activate virtual environment
source venv/bin/activate # On macOS/Linux
# or
venv\Scripts\activate # On Windows
# Install VeriBits CLI
pip install veribits# Clone repository
git clone https://github.com/afterdarksystems/veribits-cli.git
cd veribits-cli
# Install in development mode
pip install -e .
# Or build and install
python setup.py installvb instead of veribits for faster commands!
The VeriBits System Client is a high-performance, multi-threaded file integrity monitoring tool designed for enterprise environments. It scans your entire system, generates cryptographic hashes (SHA-256 and SHA-512) for all files, and uploads the results to your VeriBits account for centralized security monitoring and baseline comparison.
# Download and extract
wget https://veribits.com/downloads/veribits-system-client-1.0.tar.gz
tar -xzf veribits-system-client-1.0.tar.gz
cd veribits-system-client-1.0
# Install Python dependencies
pip install -r requirements.txt
# Configure with your API credentials
cp config.json.example config.json
nano config.json # Edit with your email and API key
# Run a scan
python3 scan_system.py{
"endpoint_url": "https://veribits.com/api/v1/system-scans",
"email": "your-email@example.com",
"api_key": "vb_your_api_key_here_48_characters_long_hex"
}Establish file integrity baselines across your infrastructure
Meet regulatory requirements for file integrity monitoring
Compare against known malware signatures and detect anomalies
Monitor system changes and unauthorized file modifications
Decode, verify, and generate JWT tokens with signature validation
veribits jwt-decode "token..."
veribits jwt-sign --secret "key" \
--payload '{"user": "test"}'Test regular expressions with real-time matching
veribits regex "\\d{3}-\\d{3}-\\d{4}" \
"Call 555-123-4567"Scan code for exposed API keys, tokens, and credentials
veribits secrets ./config.yaml
veribits secrets ./src/*.jsGenerate MD5, SHA-256, SHA-512, and bcrypt hashes
veribits hash "password123" \
-a md5 -a sha256 -a sha512Validate Bitcoin and Ethereum addresses
veribits bitcoin 1A1zP1eP...
veribits ethereum 0x742d35Cc...Detect file types by magic number
veribits file-magic \
./unknown-file.bin| Command | Description |
|---|---|
file-magic FILE |
Detect file type by magic number |
bitcoin ADDRESS |
Validate Bitcoin address or transaction |
ethereum ADDRESS |
Validate Ethereum address or transaction |
| Command | Description |
|---|---|
jwt-decode TOKEN |
Decode and verify JWT token |
jwt-sign OPTIONS |
Generate new JWT token |
regex PATTERN TEXT |
Test regular expressions |
secrets FILE |
Scan for exposed secrets |
hash TEXT |
Generate cryptographic hashes |
| Command | Description |
|---|---|
config |
Show current configuration |
limits |
Check usage limits |
For unlimited usage and advanced features, set your API key:
export VERIBITS_API_KEY="your-api-key-here"Get your API key at: veribits.com/dashboard
# Decode a JWT token
veribits jwt-decode "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
# Decode and verify signature
veribits jwt-decode "token..." --secret "my-secret-key" --verify
# Generate a new JWT token
veribits jwt-sign \
--secret "my-secret-key" \
--payload '{"user_id": 123, "role": "admin"}' \
--expires 3600# Test email pattern
veribits regex "[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Z|a-z]{2,}" \
"Contact: john@example.com and jane@test.org"
# Test phone pattern with flags
veribits regex "\d{3}-\d{3}-\d{4}" "Call me at 555-123-4567" --flags "gi"# Scan a single file for secrets
veribits secrets ./config.yaml
# Scan multiple files
veribits secrets .env
veribits secrets ./src/config.js
# Scan all JavaScript files (use bash loop)
for file in src/**/*.js; do
veribits secrets "$file"
done# Generate multiple hashes
veribits hash "mypassword" -a md5 -a sha256 -a sha512
# Validate Bitcoin address
veribits bitcoin 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa
# Validate Ethereum address with checksum
veribits ethereum 0x742d35Cc6634C0532925a3b844Bc9e7595f0bEb
# Detect file type
veribits file-magic ./unknown-file.bin# Check your current configuration
veribits config
# Check usage limits and remaining scans
veribits limits#!/bin/bash
# scan-secrets.sh - Scan all source files for exposed secrets
echo "Scanning for secrets in source files..."
# Set API key if you have one
export VERIBITS_API_KEY="your-api-key"
# Find all relevant source files and scan them
find ./src -type f \( -name "*.js" -o -name "*.py" -o -name "*.yaml" \) | while read file; do
echo "Scanning: $file"
veribits secrets "$file"
done
echo "Scan complete!"#!/usr/bin/env python3
# validate_addresses.py - Validate crypto addresses from file
import subprocess
import sys
def validate_address(address, crypto_type):
"""Validate a cryptocurrency address using VeriBits CLI"""
try:
result = subprocess.run(
['veribits', crypto_type, address],
capture_output=True,
text=True,
check=True
)
return True
except subprocess.CalledProcessError:
return False
# Read addresses from file
with open('addresses.txt', 'r') as f:
for line in f:
address = line.strip()
if address.startswith('0x'):
valid = validate_address(address, 'ethereum')
print(f"Ethereum {address}: {'✅ Valid' if valid else '❌ Invalid'}")
elif address.startswith(('1', '3', 'bc1')):
valid = validate_address(address, 'bitcoin')
print(f"Bitcoin {address}: {'✅ Valid' if valid else '❌ Invalid'}")#!/bin/bash
# .git/hooks/pre-commit - Scan staged files for secrets before commit
echo "🔍 Scanning staged files for secrets..."
# Get list of staged files
STAGED_FILES=$(git diff --cached --name-only --diff-filter=ACM)
# Scan each staged file
SECRETS_FOUND=0
for file in $STAGED_FILES; do
if [[ -f "$file" ]]; then
echo "Scanning: $file"
if veribits secrets "$file" | grep -q "Secrets Found: [1-9]"; then
echo "❌ Secrets detected in $file!"
SECRETS_FOUND=1
fi
fi
done
# Abort commit if secrets found
if [ $SECRETS_FOUND -eq 1 ]; then
echo ""
echo "❌ COMMIT BLOCKED: Secrets detected in staged files!"
echo "Please remove sensitive data before committing."
exit 1
fi
echo "✅ No secrets detected. Proceeding with commit."
exit 0# Makefile - Integrate VeriBits into your build process
.PHONY: security-scan test build
security-scan:
@echo "Running security scans..."
@veribits secrets ./config
@veribits secrets ./src
@echo "Security scan complete!"
test: security-scan
@echo "Running tests..."
@pytest tests/
build: test
@echo "Building application..."
@docker build -t myapp:latest .name: Security Scan
on: [push, pull_request]
jobs:
security:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: Install VeriBits CLI
run: pip install veribits
- name: Scan for secrets
env:
VERIBITS_API_KEY: ${{ secrets.VERIBITS_API_KEY }}
run: |
veribits secrets ./src > secrets-report.txt
cat secrets-report.txt
- name: Upload scan results
uses: actions/upload-artifact@v3
with:
name: security-report
path: secrets-report.txtsecurity_scan:
stage: test
image: python:3.10
before_script:
- pip install veribits
script:
- veribits secrets ./src
- veribits secrets ./config
artifacts:
reports:
veribits: secrets-report.txt
only:
- branchespipeline {
agent any
stages {
stage('Security Scan') {
steps {
sh 'pip install veribits'
sh 'veribits secrets ./src'
sh 'veribits secrets ./config'
}
}
}
post {
always {
archiveArtifacts artifacts: 'secrets-report.txt'
}
}
}# Dockerfile - Include security scanning in your build
FROM python:3.10-slim AS security-scan
# Install VeriBits CLI
RUN pip install veribits
# Copy source code
COPY ./src /app/src
# Run security scan
RUN veribits secrets /app/src
# Continue with main build
FROM python:3.10-slim
COPY ./src /app/src
# ... rest of your Dockerfile