IQTLabs/software-supply-chain-compromises external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

IQTLabs/software-supply-chain-compromises

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/IQTLabs/software-supply-chain-compromises)

Close

IQTLabs / software-supply-chain-compromisesView on GitHubMore

• External links
• Readme badge

A dataset of software supply chain compromises. Please help us maintain it!

☆131Sep 16, 2022Updated 3 years ago

Alternatives and similar repositories for software-supply-chain-compromises

Users that are interested in software-supply-chain-compromises are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• osssanitizer / maloss

  View on GitHub
  Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
  ☆136Oct 5, 2022Updated 3 years ago
• IQTLabs / AuraBorealisApp

  View on GitHub
  Do You Know What's In Your Python Packages? A Tool for Visualizing Python Package Registry Security Audit Data
  ☆19Jun 13, 2022Updated 3 years ago
• microsoft / OSSGadget

  View on GitHub
  Collection of tools for analyzing open source packages.
  ☆358Mar 9, 2026Updated 2 weeks ago
• NJUJisq / DS_Python

  View on GitHub
  ☆11Aug 24, 2023Updated 2 years ago
• nice-registry / welcome

  View on GitHub
  💡 Info about the nice-registry project
  ☆12Aug 23, 2017Updated 8 years ago
• Simple, predictable pricing with DigitalOcean hosting • Ad
  Always know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
• chainguard-dev / ssc-reading-list

  View on GitHub
  A reading list for software supply-chain security.
  ☆365Nov 21, 2022Updated 3 years ago
• davidski / tidyrisk-workshop

  View on GitHub
  🎓Materials for the Hands-On Introduction to OpenFAIR Risk Analysis with Tidyrisk
  ☆14Jan 22, 2021Updated 5 years ago
• cnabio / signy

  View on GitHub
  Go implementation for CNAB content trust verification using TUF, Notary, and in-toto
  ☆31Jul 5, 2023Updated 2 years ago
• dekkagaijin / spiffe-sigstore-tutorial

  View on GitHub
  ☆11Nov 11, 2022Updated 3 years ago
• CyCat-project / cycat-taxonomy

  View on GitHub
  CyCAT.org taxonomies
  ☆15May 22, 2021Updated 4 years ago
• testifysec / go-ima

  View on GitHub
  go-ima is a tool that checks if a file has been tampered with. It is useful in ensuring integrity in CI systems
  ☆14Sep 28, 2023Updated 2 years ago
• bambenek / research

  View on GitHub
  ☆100Dec 21, 2020Updated 5 years ago
• eanmeyer / SolarwindsVulnerablityInfo

  View on GitHub
  Repository with all the Solarwinds Vulnerability information I've been tracking and using for communications, review, and technical under…
  ☆25Dec 19, 2020Updated 5 years ago
• PaloAltoNetworks / github-oidc-utils

  View on GitHub
  ☆36Apr 29, 2025Updated 10 months ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• ace-ecosystem / yara_scanner

  View on GitHub
  A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara...with additional ca…
  ☆19Dec 8, 2022Updated 3 years ago
• DataDog / malicious-software-packages-dataset

  View on GitHub
  An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
  ☆316Updated this week
• lxyeternal / pypi_malregistry

  View on GitHub
  The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of…
  ☆116Updated this week
• RedHatProductSecurity / advisory-parser

  View on GitHub
  A library for parsing security advisories
  ☆13Feb 5, 2026Updated last month
• Vancir / Awesome-Software-Supply-Chain-Security

  View on GitHub
  Awesome materials for software supply chain security
  ☆18May 13, 2020Updated 5 years ago
• in-toto / specification

  View on GitHub
  Specification and other related documents.
  ☆50Jan 13, 2025Updated last year
• codewhitesec / apollon

  View on GitHub
  Proof-of-Concept to evade auditd by writing /proc/PID/mem
  ☆25Aug 21, 2023Updated 2 years ago
• uranusjr / packaging-metadata-comparisons

  View on GitHub
  Packaging Metadata Comparions
  ☆18Apr 3, 2020Updated 5 years ago
• PortSwigger / mcp-proxy

  View on GitHub
  SSE to Stdio MCP Proxy Server
  ☆20Mar 9, 2026Updated 2 weeks ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• cydea / threat-personas

  View on GitHub
  We borrow the concept of 'personas' from UX/service design and apply it to threat actors to improve understanding between security, techn…
  ☆11Jun 17, 2020Updated 5 years ago
• amzn / zeek-plugin-profinet

  View on GitHub
  Zeek network security monitor plugin that enables parsing of the Profinet protocol
  ☆31May 30, 2024Updated last year
• davidski / evaluator

  View on GitHub
  ⚖Open Source Toolkit for Quantitative Risk Assessment
  ☆183Dec 21, 2022Updated 3 years ago
• davidski / collector

  View on GitHub
  ⚖Open Source Toolkit for Conducting Quantitative Risk Assessment Interviews
  ☆39Mar 10, 2024Updated 2 years ago
• Concinnity-Risks / LogisticalBudget

  View on GitHub
  This project contains code for comparing or ranking APT capabilities and operational capacity. The metrics are meant to quantify, rank, o…
  ☆35Feb 27, 2019Updated 7 years ago
• jordan-wright / ossmalware

  View on GitHub
  ☆93Aug 30, 2022Updated 3 years ago
• robomotic / pemeta

  View on GitHub
  Simple tool to extract icons from a pe file and other useful information
  ☆13Jun 22, 2018Updated 7 years ago
• threatminer / APTnotes

  View on GitHub
  Various public documents, whitepapers and articles about APT campaigns
  ☆55Apr 1, 2016Updated 9 years ago
• boostsecurityio / lotp

  View on GitHub
  boostsecurityio/lotp
  ☆147Mar 3, 2026Updated 3 weeks ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• js2wasm-obfuscator / translator

  View on GitHub
  ☆30Nov 29, 2021Updated 4 years ago
• P3tra-WP / Jupyter-Threat

  View on GitHub
  ☆14Dec 3, 2022Updated 3 years ago
• AevaOnline / supply-chain-synthesis

  View on GitHub
  Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.
  ☆33Apr 4, 2023Updated 2 years ago
• cutaway-security / ROSA_Jumpkit

  View on GitHub
  Remote / Onsite Security Assessment Jumpkit
  ☆39Aug 5, 2023Updated 2 years ago
• ossf / wg-vulnerability-disclosures

  View on GitHub
  The OpenSSF Vulnerability Disclosures Working Group seeks to help improve the overall security of the open source software ecosystem by h…
  ☆215Feb 4, 2026Updated last month
• smxlabs / LAMMA-beta

  View on GitHub
  Vulnerability Assessment and Auditing Framework for all the Crypto Implementations.
  ☆37Jun 11, 2016Updated 9 years ago
• ZJU-SEC / Readings

  View on GitHub
  ☆61Jun 20, 2022Updated 3 years ago