Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"
☆47Jan 25, 2022Updated 4 years ago
Alternatives and similar repositories for amalfi-artifact
Users that are interested in amalfi-artifact are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆17Jul 25, 2024Updated last year
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆140Oct 5, 2022Updated 3 years ago
- A fork of Bandit tool with patterns to identifying malicious python code.☆30Sep 1, 2022Updated 3 years ago
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆13Feb 8, 2026Updated 2 months ago
- The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of…☆119Mar 21, 2026Updated last month
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆22Mar 7, 2025Updated last year
- Modular static malicious JavaScript detection system☆75Jan 18, 2021Updated 5 years ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆336Updated this week
- ☆13Jun 26, 2023Updated 2 years ago
- This repository contains a list of papers about software supply chain☆29May 22, 2024Updated last year
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆497Updated this week
- ☆30Nov 29, 2021Updated 4 years ago
- Collection of tools for analyzing open source packages.☆360Apr 8, 2026Updated 3 weeks ago
- A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara...with additional ca…☆19Dec 8, 2022Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆25Nov 30, 2021Updated 4 years ago
- JavaScript Transformation Techniques Detection☆11Jun 14, 2021Updated 4 years ago
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆1,068Updated this week
- ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?☆29Jul 24, 2023Updated 2 years ago
- The official repository of ICSME'23 paper "Exploring Security Commits in Python"☆18Jul 12, 2023Updated 2 years ago
- ☆23Jun 10, 2023Updated 2 years ago
- Store dependency info for each PyPi package☆16Nov 27, 2019Updated 6 years ago
- Automatically scan new pypi packages for potentially malicious code☆31Mar 24, 2024Updated 2 years ago
- JavaScript/TypeScript static analyzer for call graph construction, library usage pattern matching, and vulnerability exposure analysis☆425Feb 20, 2026Updated 2 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A dataset of software supply chain compromises. Please help us maintain it!☆131Sep 16, 2022Updated 3 years ago
- a project repository for a paper☆20May 4, 2024Updated last year
- The source code (including datasets) of V1SCAN (USENIX Security 2023; will be uploaded).☆41Nov 4, 2023Updated 2 years ago
- Reproduction package of the paper "DeepCVA: Automated Commit-level Vulnerability Assessment with Deep Multi-task Learning" in Automated S…☆21Feb 25, 2023Updated 3 years ago
- A manually vetted dataset for security vulnerability detection in Java projects☆99Aug 12, 2025Updated 8 months ago
- Cybersecurity Ontology (CyberOnto) and Situational Awareness (CyberSA) help teamwork in Cyber Incident Responses, Control, Containment, a…☆10Sep 15, 2022Updated 3 years ago
- ☆39Oct 4, 2024Updated last year
- JEST: N+1-version Differential Testing of Both JavaScript Engines☆14Jun 1, 2021Updated 4 years ago
- UpCy automatically finds compatible updates for Maven dependencies.☆12Feb 8, 2026Updated 2 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Forecasting Malware Capabilities From Cyber Attack Memory Images☆35Jan 9, 2023Updated 3 years ago
- ☆31May 1, 2025Updated 11 months ago
- Bundle of security analysis scripts for keras tensorflow models☆16Apr 15, 2024Updated 2 years ago
- FIRE: Combining Multi-Stage Filtering with Taint Analysis for Scalable Recurring Vulnerability Detection.☆16Sep 27, 2024Updated last year
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆27Feb 14, 2024Updated 2 years ago
- YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…☆81Updated this week
- Static Python call graph generator☆365Nov 26, 2023Updated 2 years ago