Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"
☆47Jan 25, 2022Updated 4 years ago
Alternatives and similar repositories for amalfi-artifact
Users that are interested in amalfi-artifact are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆17Jul 25, 2024Updated last year
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆140Oct 5, 2022Updated 3 years ago
- A fork of Bandit tool with patterns to identifying malicious python code.☆30Sep 1, 2022Updated 3 years ago
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆13Feb 8, 2026Updated 4 months ago
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆22Mar 7, 2025Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Modular static malicious JavaScript detection system☆75Jan 18, 2021Updated 5 years ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆348Updated this week
- ☆13Jun 26, 2023Updated 2 years ago
- This repository contains a list of papers about software supply chain☆29May 22, 2024Updated 2 years ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆533Updated this week
- ☆30Nov 29, 2021Updated 4 years ago
- Collection of tools for analyzing open source packages.☆363Updated this week
- A Python wrapper library for libyara and a local server for fully utilizing the CPUs of the system to scan with yara...with additional ca…☆19Dec 8, 2022Updated 3 years ago
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆25Nov 30, 2021Updated 4 years ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- JavaScript Transformation Techniques Detection☆11Jun 14, 2021Updated 4 years ago
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆1,115Updated this week
- ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?☆29Jul 24, 2023Updated 2 years ago
- Open Source Package Analysis☆893Updated this week
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆25Dec 10, 2025Updated 5 months ago
- Construct approximate static call graph for JavaScript & Typescript☆198Dec 8, 2022Updated 3 years ago
- ☆23Jun 10, 2023Updated 2 years ago
- Store dependency info for each PyPi package☆16Nov 27, 2019Updated 6 years ago
- Automatically scan new pypi packages for potentially malicious code☆31Mar 24, 2024Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- JavaScript/TypeScript static analyzer for call graph construction, library usage pattern matching, and vulnerability exposure analysis☆431May 11, 2026Updated 3 weeks ago
- a project repository for a paper☆20May 4, 2024Updated 2 years ago
- Reproduction package of the paper "DeepCVA: Automated Commit-level Vulnerability Assessment with Deep Multi-task Learning" in Automated S…☆21Feb 25, 2023Updated 3 years ago
- A manually vetted dataset for security vulnerability detection in Java projects☆104Aug 12, 2025Updated 9 months ago
- PyDFix is a tool that helps detect and fix dependency errors that cause the unreproducibility of Python builds. PyDFix takes as input the…☆12Feb 7, 2023Updated 3 years ago
- Cybersecurity Ontology (CyberOnto) and Situational Awareness (CyberSA) help teamwork in Cyber Incident Responses, Control, Containment, a…☆10Sep 15, 2022Updated 3 years ago
- ☆42Oct 4, 2024Updated last year
- JEST: N+1-version Differential Testing of Both JavaScript Engines☆14Jun 1, 2021Updated 5 years ago
- UpCy automatically finds compatible updates for Maven dependencies.☆12Feb 8, 2026Updated 4 months ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Forecasting Malware Capabilities From Cyber Attack Memory Images☆35Jan 9, 2023Updated 3 years ago
- ☆31May 1, 2025Updated last year
- Bundle of security analysis scripts for keras tensorflow models☆16Apr 15, 2024Updated 2 years ago
- FIRE: Combining Multi-Stage Filtering with Taint Analysis for Scalable Recurring Vulnerability Detection.☆16Sep 27, 2024Updated last year
- YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…☆84May 21, 2026Updated 2 weeks ago
- Static Python call graph generator☆365Nov 26, 2023Updated 2 years ago
- blog with go☆11Jul 5, 2023Updated 2 years ago