Demonstrates how a malicious dependency could negatively impact the build output.
☆25Aug 11, 2023Updated 2 years ago
Alternatives and similar repositories for malicious-dependencies
Users that are interested in malicious-dependencies are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆13Oct 30, 2023Updated 2 years ago
- Java archive implant toolkit.☆61Apr 20, 2025Updated 11 months ago
- A utility for validating and parsing Common Platform Enumeration (CPE) v2.2 and v2.3 as originally defined by MITRE and maintained by NIS…☆54Jan 26, 2026Updated 2 months ago
- Collating an overview of the open source software supply chain landscape -- and synthesizing that survey in a hopefully-useful way.☆33Apr 4, 2023Updated 2 years ago
- OpenControl Database☆11Jan 5, 2023Updated 3 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- My personal monorepo, containing my dotfiles and related infrastructure☆13Mar 6, 2026Updated 3 weeks ago
- HashiCorp-relevant rules for the Semgrep code analysis tool☆41Oct 3, 2023Updated 2 years ago
- Source Code Transparency☆11Sep 25, 2023Updated 2 years ago
- re-hosted web identiy course from opensecuritytraining.info☆11Nov 7, 2025Updated 4 months ago
- GitHub Actions Cache Native Malware - for Educational and Research Purposes only.☆135Jan 28, 2026Updated 2 months ago
- Kantega Web Application Security Hero Challenge☆19Dec 3, 2020Updated 5 years ago
- Specification for uri templates.☆16Dec 25, 2016Updated 9 years ago
- ☆13Jul 24, 2023Updated 2 years ago
- ☆17Feb 3, 2026Updated last month
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆65May 21, 2024Updated last year
- A collection of my Semgrep rules☆51Jul 4, 2023Updated 2 years ago
- ☆21Mar 7, 2024Updated 2 years ago
- ☆14Apr 23, 2019Updated 6 years ago
- Official code for the paper entitled "Toward Intelligent and Secure Cloud: Large Language Model Empowered Proactive Defense"☆16Apr 10, 2025Updated 11 months ago
- Data about all known supply-chain attacks through history☆64May 28, 2025Updated 10 months ago
- Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)☆36Jan 25, 2026Updated 2 months ago
- ☆14Jan 8, 2026Updated 2 months ago
- OSCAL reusable component definitions library☆16Mar 14, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- CISSP Studies☆22Aug 5, 2025Updated 7 months ago
- ☆18Jul 30, 2024Updated last year
- The repository contains IOCs in CSV format for APT, Cyber Crimes, Malware and Trojan and whatever I found as part of hunting and research☆12Jun 10, 2017Updated 8 years ago
- This's a Python package for the Saxon/C 1.2.1, an XML processor from Saxonica. Currently, it packs the open-source version or the home ed…☆16Dec 22, 2024Updated last year
- Nuclei plugins to audit Chrome extensions☆65Jul 16, 2024Updated last year
- The tutorial of "Kubernetes Security for Microservices"☆14Oct 3, 2023Updated 2 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- A tool for analyzing the attack surface of an application☆19Mar 5, 2025Updated last year
- Javascript Code Injection for Debugging☆20Nov 11, 2023Updated 2 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- Creates an ATT&CK Navigator map of an Adversary Emulation Plan☆17Sep 4, 2021Updated 4 years ago
- ☆17Mar 15, 2024Updated 2 years ago
- An interactive way to learn threat modeling☆17Feb 14, 2019Updated 7 years ago
- A curated collection of tools and resources for building security with a developer first approach.☆30Jul 29, 2022Updated 3 years ago
- Ransomware base in Java for all operating systems☆19Jun 13, 2017Updated 8 years ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆59Sep 20, 2023Updated 2 years ago
- A Claude Code plugin that automatically captures everything Claude does during your coding sessions, compresses it with AI (using Claude'…☆45Dec 7, 2025Updated 3 months ago