Alternatives and similar repositories for pypi-scan:

Users that are interested in pypi-scan are comparing it to the libraries listed below

• cve-search / CveXplore
  CveXplore
  ☆35Updated last week
• hannob / pypi-bad
  Bad packages from the pypi repository
  ☆9Updated 6 years ago
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆75Updated 3 weeks ago
• lyvd / bandit4mal
  A fork of Bandit tool with patterns to identifying malicious python code.
  ☆24Updated 2 years ago
• in-toto / supply-chain-compromises
  ☆22Updated 3 years ago
• rsc-dev / pypi_malware
  PyPI malware packages
  ☆58Updated 6 years ago
• IQTLabs / software-supply-chain-compromises
  A dataset of software supply chain compromises. Please help us maintain it!
  ☆127Updated 2 years ago
• s3c2 / vfcfinder
  VFCFinder: Searching for the Missing Vulnerability Fixing Commits
  ☆26Updated last year
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆141Updated 11 months ago
• jordan-wright / ossmalware
  ☆93Updated 2 years ago
• purs3lab / Argus
  ☆43Updated 7 months ago
• lookfwd / getting-started-clusterfuzz-local-in-aws
  ☆15Updated 4 years ago
• AppThreat / vulnerability-db
  Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…
  ☆104Updated last month
• securisec / glorifiedgrep
  Static code search python lib
  ☆18Updated 4 years ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆44Updated last year
• DataDog / malicious-software-packages-dataset
  An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
  ☆177Updated this week
• jgamblin / cve.icu
  CVE.ICU code.
  ☆39Updated this week
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆60Updated this week
• Samsung / CredData
  CredData is a set of files including credentials in open source projects. CredData includes suspicious lines with manual review results a…
  ☆32Updated this week
• ForAllSecure / mayhem-examples
  Mayhem example templates for programming languages and fuzzers that you love!
  ☆28Updated last year
• tsundokul / pyradamsa
  Python bindings for calling radamsa mutators
  ☆26Updated 3 years ago
• osssanitizer / osspolice
  Identifying Open-Source License Violation and 1-day Security Risk at Large Scale
  ☆66Updated 7 years ago
• Aurore54F / JStap
  Modular static malicious JavaScript detection system
  ☆67Updated 4 years ago
• tree-wizard / fuzz-forest
  ☆25Updated last year
• ossf / security-reviews
  A community collection of security reviews of open source software components.
  ☆93Updated 11 months ago
• OTARIS / FirmwareCheck
  Automated dynamic security analysis by emulation of IoT firmware images in CI-pipelines.
  ☆11Updated 3 years ago
• rudyerudite / AngErza
  Toy implementation of a Automated Exploit Generation built on Angr; stiched using radare, pwntools, pyelftools, and Angrop.
  ☆18Updated 3 years ago
• joernio / query-database
  Default query sets for Joern
  ☆26Updated 3 years ago
• ace-ecosystem / yara_scanner
  A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara...with additional ca…
  ☆18Updated 2 years ago
• cyber-itl / citl-static-analysis
  CITL's static analysis engine for native code artifacts
  ☆20Updated 3 years ago