Alternatives and similar repositories for pypi-scan

Users that are interested in pypi-scan are comparing it to the libraries listed below

• lyvd / bandit4mal
  A fork of Bandit tool with patterns to identifying malicious python code.
  ☆27Updated 2 years ago
• hannob / pypi-bad
  Bad packages from the pypi repository
  ☆9Updated 6 years ago
• rsc-dev / pypi_malware
  PyPI malware packages
  ☆58Updated 6 years ago
• IQTLabs / software-supply-chain-compromises
  A dataset of software supply chain compromises. Please help us maintain it!
  ☆129Updated 2 years ago
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆75Updated last month
• in-toto / supply-chain-compromises
  ☆22Updated 3 years ago
• jordan-wright / ossmalware
  ☆93Updated 2 years ago
• lookfwd / getting-started-clusterfuzz-local-in-aws
  ☆15Updated 5 years ago
• IQTLabs / AuraBorealisApp
  Do You Know What's In Your Python Packages? A Tool for Visualizing Python Package Registry Security Audit Data
  ☆19Updated 3 years ago
• securisec / glorifiedgrep
  Static code search python lib
  ☆18Updated 4 years ago
• cve-search / CveXplore
  CveXplore
  ☆40Updated 2 weeks ago
• abhinavbom / clara
  Serverless, real-time, ClamAV+Yara scanning for your S3 Buckets
  ☆31Updated this week
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆145Updated last year
• w8mej / Threat_Modeling_Bank
  A curated threat modeling library collection
  ☆22Updated last year
• DataDog / malicious-software-packages-dataset
  An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
  ☆211Updated this week
• nccgroup / yaml2yara
  Generate bulk YARA rules from YAML input
  ☆22Updated 5 years ago
• jgamblin / cve.icu
  CVE.ICU code.
  ☆42Updated this week
• oasis-open / cti-pattern-matcher
  OASIS TC Open Repository: Match STIX content against STIX patterns
  ☆44Updated 2 years ago
• NUS-Curiosity / VulZoo
  VulZoo: A Comprehensive Vulnerability Intelligence Dataset (ASE 2024 Demo)
  ☆51Updated 3 months ago
• Aurore54F / JStap
  Modular static malicious JavaScript detection system
  ☆70Updated 4 years ago
• CybercentreCanada / assemblyline-service-cuckoo
  Assemblyline 4 Malware detonation service (Cuckoo)
  ☆17Updated last year
• CyCat-project / cycat-taxonomy
  CyCAT.org taxonomies
  ☆15Updated 4 years ago
• s3c2 / vfcfinder
  VFCFinder: Searching for the Missing Vulnerability Fixing Commits
  ☆29Updated last year
• fabric8-analytics / cvejob
  A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).
  ☆12Updated 2 years ago
• mbrengel / yarix
  ☆59Updated 4 years ago
• fkie-cad / iva
  IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to sear…
  ☆66Updated 4 years ago
• Samsung / CredData
  CredData is a set of files including credentials in open source projects. CredData includes suspicious lines with manual review results a…
  ☆37Updated this week
• osssanitizer / maloss
  Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
  ☆134Updated 2 years ago
• CyFI-Lab-Public / Forecast
  Forecasting Malware Capabilities From Cyber Attack Memory Images
  ☆32Updated 2 years ago
• chainguard-dev / bom-shelter
  A place to systematically store software bill of materials (SBOM) documents.
  ☆46Updated 2 years ago