Alternatives and similar repositories for pypi-scan

Users that are interested in pypi-scan are comparing it to the libraries listed below

• hannob / pypi-bad
  Bad packages from the pypi repository
  ☆9Updated 6 years ago
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆75Updated last month
• rsc-dev / pypi_malware
  PyPI malware packages
  ☆58Updated 6 years ago
• lyvd / bandit4mal
  A fork of Bandit tool with patterns to identifying malicious python code.
  ☆26Updated 2 years ago
• IQTLabs / software-supply-chain-compromises
  A dataset of software supply chain compromises. Please help us maintain it!
  ☆128Updated 2 years ago
• in-toto / supply-chain-compromises
  ☆22Updated 3 years ago
• jordan-wright / ossmalware
  ☆93Updated 2 years ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆46Updated 2 years ago
• SunLab-GMU / PySecDB
  The official repository of ICSME'23 paper "Exploring Security Commits in Python"
  ☆18Updated last year
• fabric8-analytics / cvejob
  A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).
  ☆12Updated 2 years ago
• securisec / glorifiedgrep
  Static code search python lib
  ☆18Updated 4 years ago
• usnistgov / swid-tools
  ☆13Updated 2 weeks ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆144Updated last year
• purs3lab / Argus
  ☆44Updated 10 months ago
• cve-search / CveXplore
  CveXplore
  ☆40Updated 2 months ago
• DataDog / malicious-software-packages-dataset
  An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
  ☆206Updated this week
• ajinabraham / libsast
  Generic SAST Library
  ☆131Updated 6 months ago
• lookfwd / getting-started-clusterfuzz-local-in-aws
  ☆15Updated 5 years ago
• grimm-co / delta-debugging
  Debugging library to quickly get the minimal crashing test case
  ☆37Updated 7 years ago
• Phat3 / CVE-analyzer
  Extract useful semantic from CVE descriptions usinig NLP
  ☆25Updated 2 years ago
• srcclr / efda
  Evaluation Framework for Dependency Analysis (EFDA)
  ☆43Updated 3 years ago
• ForAllSecure / mayhem-examples
  Mayhem example templates for programming languages and fuzzers that you love!
  ☆33Updated last year
• IQTLabs / AuraBorealisApp
  Do You Know What's In Your Python Packages? A Tool for Visualizing Python Package Registry Security Audit Data
  ☆19Updated 2 years ago
• Polydet / polydet
  Polyglot detector
  ☆21Updated last year
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆79Updated 6 months ago
• joernio / query-database
  Default query sets for Joern
  ☆27Updated 3 years ago
• jgamblin / cve.icu
  CVE.ICU code.
  ☆42Updated this week
• OWASP / cwe-tool
  A command line CWE discovery tool based on OWASP / CAPSEC database of Common Weakness Enumeration.
  ☆57Updated this week
• githubnext / amalfi-artifact
  Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"
  ☆44Updated 3 years ago
• gcve-eu / gcve
  A Python client for the Global CVE Allocation System.
  ☆13Updated this week