lxyeternal / pypi_malregistry
The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 27 Nov. 2024
☆84Updated 4 months ago
Alternatives and similar repositories for pypi_malregistry:
Users that are interested in pypi_malregistry are comparing it to the libraries listed below
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆130Updated 2 years ago
- ☆13Updated 8 months ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆43Updated 3 years ago
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆18Updated 2 weeks ago
- CVEfixes: Automated Collection of Vulnerabilities and Their Fixes from Open-Source Software☆235Updated 7 months ago
- This repository contains a list of papers about software supply chain☆27Updated 10 months ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆184Updated this week
- A curated list of awesome resources about LLM supply chain security (including papers, security reports and CVEs)☆57Updated 2 months ago
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆11Updated last year
- ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?☆29Updated last year
- ☆54Updated last year
- ☆24Updated last year
- VulZoo: A Comprehensive Vulnerability Intelligence Dataset (ASE 2024 Demo)☆37Updated this week
- ☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV)…☆88Updated last year
- ☆37Updated 2 years ago
- ☆26Updated last year
- Pairing Security Advisories with Vulnerable Functions Using Open-Source LLMs - DIMVA '24☆15Updated 7 months ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆153Updated last year
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆114Updated 3 years ago
- KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities (Best Practical Paper Award of RAID 2024)☆51Updated 2 months ago
- SecLLMHolmes is a generalized, fully automated, and scalable framework to systematically evaluate the performance (i.e., accuracy and rea…☆53Updated 4 months ago
- Awesome materials for software supply chain security☆17Updated 4 years ago
- A deep learning model for localizing bugs in C/C++ source code (USENIX'23)☆146Updated last year
- HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs☆42Updated 2 years ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆165Updated 6 months ago
- B2SFinder is a binary-to-source matching tool for OSS reuse detection on COTS software. This project contains the core code of B2SFinder …☆54Updated 5 years ago
- This is a benchmark for evaluating the vulnerability discovery ability of automated approaches including Large Language Models (LLMs), de…☆67Updated 4 months ago
- TensorFlow API analysis tool and malicious model detection tool☆25Updated last month
- A fork of Bandit tool with patterns to identifying malicious python code.☆24Updated 2 years ago
- A curated list of malware-related papers.☆24Updated last year