lxyeternal / pypi_malregistryView external linksLinks
The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 23 Jan. 2026
☆114Jan 24, 2026Updated 3 weeks ago
Alternatives and similar repositories for pypi_malregistry
Users that are interested in pypi_malregistry are comparing it to the libraries listed below
Sorting:
- ☆16Jul 25, 2024Updated last year
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆136Oct 5, 2022Updated 3 years ago
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆22Mar 7, 2025Updated 11 months ago
- A fork of Bandit tool with patterns to identifying malicious python code.☆28Sep 1, 2022Updated 3 years ago
- 使用 Docker 一键构建 JDK 源码的 CodeQL 数据库,方便使用 CodeQL 查找 JDK 中的数据。☆27May 14, 2025Updated 9 months ago
- archives for Tongji CTF 2017☆10Oct 25, 2023Updated 2 years ago
- Open Source Package Analysis☆863Apr 16, 2025Updated 10 months ago
- Multi-threading Leaks/Intelligence file parser☆15Feb 9, 2026Updated last week
- ☆10Sep 25, 2024Updated last year
- This is a Cheatsheet for CTF Challenges categorized by different Privilege Escalation Methods☆28Aug 21, 2019Updated 6 years ago
- ☆31May 1, 2025Updated 9 months ago
- This repository contains a list of papers about software supply chain☆29May 22, 2024Updated last year
- Security Vulnerability Repair via Concolic Execution and Code Mutations☆19Sep 12, 2024Updated last year
- ☆14Jan 22, 2024Updated 2 years ago
- Mininode is a CLI tool to reduce the attack surface of the Node.js applications by using static analysis.☆21Apr 11, 2023Updated 2 years ago
- ☆15May 17, 2019Updated 6 years ago
- ☆22May 18, 2022Updated 3 years ago
- This is the term project of course 'Object-Oriented Programming' ,SSE, Tongji University, 2017.☆15Jun 20, 2017Updated 8 years ago
- 渗透技术栈☆20May 28, 2019Updated 6 years ago
- [ISSTA 2024] PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software☆27Sep 13, 2025Updated 5 months ago
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆460Jan 15, 2026Updated last month
- A dataset of software supply chain compromises. Please help us maintain it!☆131Sep 16, 2022Updated 3 years ago
- Resources for our ICSE'24 poster: Prompt-Enhanced Software Vulnerability Detection Using ChatGPT.☆25May 8, 2024Updated last year
- 记录流量的http(s)代理+分布式被动漏洞扫描☆24Jun 30, 2019Updated 6 years ago
- java 漏洞平台包含各种CVE☆23Jun 17, 2022Updated 3 years ago
- [ALL IN ONE] Everything that I shared to public about Cloud Security is here.☆60Apr 19, 2025Updated 9 months ago
- PyPI malware packages☆59Dec 12, 2018Updated 7 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆164Jan 29, 2024Updated 2 years ago
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆28Feb 26, 2022Updated 3 years ago
- software vulnerabilities☆24Apr 3, 2019Updated 6 years ago
- Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data☆26Jul 12, 2021Updated 4 years ago
- 静态分析基础教程☆179Jan 3, 2026Updated last month
- ☆28Oct 26, 2021Updated 4 years ago
- idea插件,快速生成反序列化中常用的方法,比如setFieldValue、createTemplatesImpl等☆29Oct 2, 2024Updated last year
- My security presentations☆29Aug 21, 2023Updated 2 years ago
- A tool to automatically patch vulnerable Ethereum smart contracts (RAID 2022).☆27Nov 4, 2022Updated 3 years ago
- TensorFlow API analysis tool and malicious model detection tool☆39May 27, 2025Updated 8 months ago
- Few-Shot malware classification using fused features of static analysis and dynamic analysis (基于静态+动态分析的混合特征的小样本恶意代码分��类框架)☆36Dec 27, 2021Updated 4 years ago
- A Python pickling decompiler and static analyzer☆601Updated this week