Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"
☆47Jan 25, 2022Updated 4 years ago
Alternatives and similar repositories for amalfi-artifact
Users that are interested in amalfi-artifact are comparing it to the libraries listed below
Sorting:
- ☆16Jul 25, 2024Updated last year
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆136Oct 5, 2022Updated 3 years ago
- A fork of Bandit tool with patterns to identifying malicious python code.☆28Sep 1, 2022Updated 3 years ago
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆13Feb 8, 2026Updated 2 weeks ago
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆22Mar 7, 2025Updated 11 months ago
- ☆13Jun 26, 2023Updated 2 years ago
- ☆30Nov 29, 2021Updated 4 years ago
- JavaScript Transformation Techniques Detection☆11Jun 14, 2021Updated 4 years ago
- This repository contains a list of papers about software supply chain☆29May 22, 2024Updated last year
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆26Nov 30, 2021Updated 4 years ago
- Collection of tools for analyzing open source packages.☆357Updated this week
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆22Dec 10, 2025Updated 2 months ago
- Orlis/Orcis☆21Dec 27, 2018Updated 7 years ago
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆1,003Updated this week
- Reproduction package of the paper "DeepCVA: Automated Commit-level Vulnerability Assessment with Deep Multi-task Learning" in Automated S…☆20Feb 25, 2023Updated 3 years ago
- Open Source Package Analysis☆863Apr 16, 2025Updated 10 months ago
- a project repository for a paper☆20May 4, 2024Updated last year
- ☆24Jun 10, 2023Updated 2 years ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆27Feb 14, 2024Updated 2 years ago
- ☆31May 1, 2025Updated 9 months ago
- A manually vetted dataset for security vulnerability detection in Java projects☆92Aug 12, 2025Updated 6 months ago
- ☆37Oct 4, 2024Updated last year
- Scan pypi for typosquatting☆38Jan 23, 2023Updated 3 years ago
- A dataset of software supply chain compromises. Please help us maintain it!☆131Sep 16, 2022Updated 3 years ago
- This is the project for the paper “Large-scale Security Measurements on the Android Firmware Ecosystem” in ICSE2022☆38Nov 27, 2024Updated last year
- Added functionality to the cml python package☆14Feb 4, 2026Updated 3 weeks ago
- Exploit codes for rconfig <= 3.9.4☆11Mar 17, 2020Updated 5 years ago
- Wafid allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.☆10Oct 19, 2020Updated 5 years ago
- ☆11Nov 16, 2025Updated 3 months ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆164Jan 29, 2024Updated 2 years ago
- Static Python call graph generator☆364Nov 26, 2023Updated 2 years ago
- The legacy CamlDBM library for accessing NDBM/GDBM database files☆12Jul 11, 2024Updated last year
- Another Remote Access Control software, written in Golang. It heavily relies on cryptography to avoid threat of botnet use/abuse by other…☆11Jan 12, 2017Updated 9 years ago
- ☆10Jun 22, 2021Updated 4 years ago
- Tor relay nearest neighbour ranking☆10Oct 18, 2021Updated 4 years ago
- ZAST Express: Your Security Copilot in IDE.☆27Nov 28, 2025Updated 3 months ago
- DNS server written in Common Lisp☆11Jan 19, 2012Updated 14 years ago
- security course list☆14Sep 18, 2015Updated 10 years ago
- A modded Python interpreter that supports symbolic execution.☆11Aug 23, 2015Updated 10 years ago