Alternatives and similar repositories for pypi-scan:

Users that are interested in pypi-scan are comparing it to the libraries listed below

• hannob / pypi-bad
  Bad packages from the pypi repository
  ☆9Updated 6 years ago
• IQTLabs / software-supply-chain-compromises
  A dataset of software supply chain compromises. Please help us maintain it!
  ☆127Updated 2 years ago
• in-toto / supply-chain-compromises
  ☆22Updated 3 years ago
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆73Updated last month
• rsc-dev / pypi_malware
  PyPI malware packages
  ☆58Updated 6 years ago
• jordan-wright / ossmalware
  ☆93Updated 2 years ago
• osssanitizer / osspolice
  Identifying Open-Source License Violation and 1-day Security Risk at Large Scale
  ☆66Updated 6 years ago
• Phat3 / CVE-analyzer
  Extract useful semantic from CVE descriptions usinig NLP
  ☆25Updated 2 years ago
• securisec / glorifiedgrep
  Static code search python lib
  ☆18Updated 4 years ago
• cve-search / CveXplore
  CveXplore
  ☆35Updated 5 months ago
• lyvd / bandit4mal
  A fork of Bandit tool with patterns to identifying malicious python code.
  ☆23Updated 2 years ago
• fkie-cad / iva
  IVA is a system to scan for known vulnerabilities in software products installed inside an organization. IVA uses CPE identifiers to sear…
  ☆64Updated 3 years ago
• s3c2 / vfcfinder
  VFCFinder: Searching for the Missing Vulnerability Fixing Commits
  ☆25Updated last year
• IQTLabs / AuraBorealisApp
  Do You Know What's In Your Python Packages? A Tool for Visualizing Python Package Registry Security Audit Data
  ☆19Updated 2 years ago
• Aurore54F / JStap
  Modular static malicious JavaScript detection system
  ☆66Updated 4 years ago
• DataDog / malicious-software-packages-dataset
  An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
  ☆172Updated this week
• CERTCC / VINCE
  VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…
  ☆59Updated last month
• rbortolameotti / decanter
  ☆16Updated 6 years ago
• jheise / yarascanner
  Golang based web service to scan files with yara rules
  ☆27Updated 7 years ago
• ochronasec / ochrona-cli
  A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs
  ☆52Updated last year
• purs3lab / Argus
  ☆42Updated 6 months ago
• ossf-cve-benchmark / ossf-cve-benchmark
  The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…
  ☆141Updated 10 months ago
• oasis-open / cti-pattern-matcher
  OASIS TC Open Repository: Match STIX content against STIX patterns
  ☆44Updated 2 years ago
• lookfwd / getting-started-clusterfuzz-local-in-aws
  ☆15Updated 4 years ago
• ZSShen / MeltingPot
  A tool to cluster similar executables (PEs, DEXs, and etc), extract common signature, and generate Yara patterns for malware detection.
  ☆24Updated 6 years ago
• hashlookup / PyHashlookup
  Python CLI and module for CIRCL hash lookup
  ☆12Updated 2 weeks ago
• catenacyber / fuzzpcap
  Structure aware fuzzing for network traffic packet captures
  ☆12Updated 2 years ago
• ossf / package-feeds
  Feed parsing for language package manager updates
  ☆76Updated last month
• jgamblin / cve.icu
  CVE.ICU code.
  ☆37Updated this week