Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"
☆47Jan 25, 2022Updated 4 years ago
Alternatives and similar repositories for amalfi-artifact
Users that are interested in amalfi-artifact are comparing it to the libraries listed below
Sorting:
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆136Oct 5, 2022Updated 3 years ago
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆13Feb 8, 2026Updated last month
- The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of…☆116Jan 24, 2026Updated last month
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆21Mar 7, 2025Updated last year
- Modular static malicious JavaScript detection system☆75Jan 18, 2021Updated 5 years ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆311Updated this week
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆470Updated this week
- ☆30Nov 29, 2021Updated 4 years ago
- Collection of tools for analyzing open source packages.☆358Mar 9, 2026Updated last week
- A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara...with additional ca…☆19Dec 8, 2022Updated 3 years ago
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆26Nov 30, 2021Updated 4 years ago
- JavaScript Transformation Techniques Detection☆11Jun 14, 2021Updated 4 years ago
- Open Source Package Analysis☆866Feb 27, 2026Updated 3 weeks ago
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆24Dec 10, 2025Updated 3 months ago
- Construct approximate static call graph for JavaScript & Typescript☆198Dec 8, 2022Updated 3 years ago
- ☆24Jun 10, 2023Updated 2 years ago
- Automatically scan new pypi packages for potentially malicious code☆31Mar 24, 2024Updated last year
- Scan pypi for typosquatting☆38Jan 23, 2023Updated 3 years ago
- A dataset of software supply chain compromises. Please help us maintain it!☆131Sep 16, 2022Updated 3 years ago
- a project repository for a paper☆20May 4, 2024Updated last year
- The source code (including datasets) of V1SCAN (USENIX Security 2023; will be uploaded).☆42Nov 4, 2023Updated 2 years ago
- A manually vetted dataset for security vulnerability detection in Java projects☆92Aug 12, 2025Updated 7 months ago
- Reproduction package of the paper "DeepCVA: Automated Commit-level Vulnerability Assessment with Deep Multi-task Learning" in Automated S…☆20Feb 25, 2023Updated 3 years ago
- PyDFix is a tool that helps detect and fix dependency errors that cause the unreproducibility of Python builds. PyDFix takes as input the…☆12Feb 7, 2023Updated 3 years ago
- Cybersecurity Ontology (CyberOnto) and Situational Awareness (CyberSA) help teamwork in Cyber Incident Responses, Control, Containment, a…☆10Sep 15, 2022Updated 3 years ago
- ☆38Oct 4, 2024Updated last year
- JEST: N+1-version Differential Testing of Both JavaScript Engines☆14Jun 1, 2021Updated 4 years ago
- ☆10Sep 25, 2024Updated last year
- UpCy automatically finds compatible updates for Maven dependencies.☆12Feb 8, 2026Updated last month
- ☆32May 1, 2025Updated 10 months ago
- Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications (NDSS 2022)☆27Feb 14, 2024Updated 2 years ago
- Static Python call graph generator☆364Nov 26, 2023Updated 2 years ago
- A deep learning model for identifying and localizing vulnerabilities in C/C++ source code.☆12Jan 18, 2025Updated last year
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆165Jan 29, 2024Updated 2 years ago
- A comprehensive malware detection and dynamic analysis system, designed to analyse malware samples and benign files & classify them using…☆14Sep 18, 2023Updated 2 years ago
- 《Redis 命令速查表》☆14Nov 6, 2017Updated 8 years ago
- ☆15May 6, 2022Updated 3 years ago
- DeVAIC (Detection of Vulnerabilities in AI-generated Code) is a static code analyzer for security issues in Python code snippets. It dete…☆16Oct 24, 2025Updated 4 months ago
- Orlis/Orcis☆21Dec 27, 2018Updated 7 years ago