This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment, the list of identified malicious packages, and the scripts necessary to replicate and verify our results.
☆22Mar 7, 2025Updated last year
Alternatives and similar repositories for cross-language-detection-artifacts
Users that are interested in cross-language-detection-artifacts are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆17Jul 25, 2024Updated last year
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆140Oct 5, 2022Updated 3 years ago
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆13Feb 8, 2026Updated 5 months ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆47Jan 25, 2022Updated 4 years ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆82Jun 20, 2026Updated 2 weeks ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A fork of Bandit tool with patterns to identifying malicious python code.☆31Sep 1, 2022Updated 3 years ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆359Jul 2, 2026Updated last week
- Downloads ranking of npm packages in different time periods. Npm包在不同时间段的下载量排行☆15Jul 25, 2023Updated 2 years ago
- Collection of tools for analyzing open source packages.☆365Jun 15, 2026Updated 3 weeks ago
- Open Source Package Analysis☆895Updated this week
- ☆31May 1, 2025Updated last year
- A curated list of awesome resources about LLM supply chain security (including papers, security reports and CVEs)☆105Jan 20, 2025Updated last year
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆29Feb 26, 2022Updated 4 years ago
- a project repository for a paper☆20May 4, 2024Updated 2 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- TensorFlow API analysis tool and malicious model detection tool☆41May 27, 2025Updated last year
- Demos for our research on Github actions script injection vulnerabilities☆13May 14, 2024Updated 2 years ago
- Computational Memory Neural Network Compiler☆11Aug 11, 2021Updated 4 years ago
- Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles☆20Mar 24, 2021Updated 5 years ago
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆1,145Jul 1, 2026Updated last week
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆169Jan 29, 2024Updated 2 years ago
- ☆43Oct 4, 2024Updated last year
- FIRE: Combining Multi-Stage Filtering with Taint Analysis for Scalable Recurring Vulnerability Detection.☆16Sep 27, 2024Updated last year
- ☆35Dec 16, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- 华中科技大学 网络空间安全学院 2020 级 计算机操作系统 课程设计☆10Mar 27, 2023Updated 3 years ago
- A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara...with additional ca…☆19Dec 8, 2022Updated 3 years ago
- SkillJect: Automating Stealthy Skill-Based Prompt Injection for Coding Agents with Trace-Driven Closed-Loop Refinement☆67Jun 11, 2026Updated 3 weeks ago
- ☆11Nov 2, 2022Updated 3 years ago
- Simple yara decompiler☆17Apr 8, 2017Updated 9 years ago
- Low-effort reachability analysis for third-party code vulnerabilities.☆22Jul 11, 2023Updated 2 years ago
- ☆17Nov 24, 2025Updated 7 months ago
- ☆21Dec 16, 2023Updated 2 years ago
- keep watching new bug bounty (vulnerability) postings.☆12Apr 7, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆11Aug 24, 2023Updated 2 years ago
- Data for LLM4Vuln☆14Jan 28, 2024Updated 2 years ago
- A large labeled corpus for Application Privacy Policy in Chinese to train named entity recognition models for Android Dangerous PERMSSION…☆11Jun 19, 2025Updated last year
- ☆11Jan 5, 2022Updated 4 years ago
- Arduino library to support I-NUCLEO-LRWAN1 LoRa® expansion board based on USI® LoRaWAN™ technology module.☆17Sep 4, 2025Updated 10 months ago
- ☆16Jun 15, 2024Updated 2 years ago
- Evaluation of ML models in Android malware classification, adversarial attacks on DNNs & defense mechanisms☆13Jan 14, 2020Updated 6 years ago