TraceTree is a sophisticated runtime behavioral analysis tool designed to enhance security for a variety of executable formats such as Python packages, npm modules, DMG, and EXE files. It effectively identifies supply chain attacks that traditional install-time scanners often overlook.

How It Works

TraceTree operates by executing suspicious packages within a secure Docker environment. After starting the download process, it immediately disconnects the container’s network interface, enabling it to record any malicious outbound connection attempts without allowing harmful traffic to escape.

The tool utilizes a regex engine to parse the strace output, tracking critical system calls such as clone, execve, socket, and openat. With the collected data, it constructs a directed graph leveraging the NetworkX library. A RandomForestClassifier, trained on known malware patterns, assesses the graph structure to detect any anomalous behaviors indicative of threats.

Usage

TraceTree is controlled through a streamlined CLI interface built with Typer, allowing for flexible analysis of various package formats:

# Analyze a PyPI package
cascade-analyze requests

# Evaluate dependency files
cascade-analyze requirements.txt
cascade-analyze package.json

# Analyze compiled installers
cascade-analyze malicious_app.dmg
cascade-analyze payload.exe

Advanced Features

The tool includes an Online Training Pipeline, which can dynamically fetch and incorporate live malware samples from MalwareBazaar for ongoing improvements.

Local Training can also be performed using:

cascade-train

This command initiates a training session that prompts for a MalwareBazaar Auth Key and subsequently performs several steps to ingest new malware samples, sandbox them, and retrain the model for enhanced detection capabilities.

For automatic synchronization of the latest pre-trained models directly from cloud storage:

cascade-update

Target Audience

• Security Researchers focused on uncovering undocumented supply chain behavior.
• DevOps and DevSecOps professionals tasked with validating the runtime safety of their dependencies.
• Software Engineers interested in profiling the specific syscall requirements of their applications.

Architecture

TraceTree’s comprehensive architecture comprises six core modules:

1. /sandbox: Manages the Docker container lifecycle and network restrictions.
2. /monitor: Parses strace logs to map execution paths and network interactions.
3. /graph: Converts parent/child process relationships into a directed graph.
4. /ml: Processes graph features through a RandomForestClassifier for anomaly detection.
5. /mcp: Conducts security analysis of MCP servers through sandboxed execution and threat classification.
6. /cli: Serves as the entry point for user interactions via the terminal.

MCP Server Security Analysis

In response to the April 2026 MCP security crisis, TraceTree incorporates a dedicated MCP server analyzer that executes servers in a controlled Docker environment and simulates client interactions to verify security against command injection, credential exfiltration, and other attack vectors.

Threat Classification

The analysis categorizes threats based on severity and description, assessing risk factors such as command injection and unauthorized network connections.

Vigilance Against Evasive Malware

TraceTree is designed to counter advanced supply chain threats that attempt to evade detection through obfuscation. By examining the actual runtime execution graph, it reveals the genuine operations performed by a package, thereby uncovering hidden malicious activities entrenched within ostensibly legitimate code.

Contribution

Contributions are encouraged, provided they maintain a separation of new features across the existing framework.