lxyeternal / pypi_malregistryLinks
The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 07 Apr. 2025
☆97Updated 3 months ago
Alternatives and similar repositories for pypi_malregistry
Users that are interested in pypi_malregistry are comparing it to the libraries listed below
Sorting:
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆134Updated 2 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆154Updated last year
- ☆16Updated last year
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆45Updated 3 years ago
- MPHunter can detect malicious packages without explicit knowledge.☆5Updated last year
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆20Updated 4 months ago
- Awesome Large Language Models for Vulnerability Detection☆207Updated this week
- CVEfixes: Automated Collection of Vulnerabilities and Their Fixes from Open-Source Software☆267Updated last year
- A curated list of awesome resources about LLM supply chain security (including papers, security reports and CVEs)☆81Updated 6 months ago
- A deep learning model for localizing bugs in C/C++ source code (USENIX'23)☆152Updated 2 years ago
- TensorFlow API analysis tool and malicious model detection tool☆33Updated 2 months ago
- A manually vetted dataset for security vulnerability detection in Java projects☆68Updated last week
- A neurosymbolic framework for vulnerability detection in code☆188Updated this week
- 🪐 A Database of Existing Security Vulnerabilities Patches to Enable Evaluation of Techniques (single-commit; multi-language)☆41Updated 3 months ago
- Modular static malicious JavaScript detection system☆71Updated 4 years ago
- ☆39Updated 2 years ago
- ☆26Updated last year
- VulZoo: A Comprehensive Vulnerability Intelligence Dataset | ASE 2024 Demo☆57Updated 4 months ago
- ☆29Updated 3 months ago
- SecLLMHolmes is a generalized, fully automated, and scalable framework to systematically evaluate the performance (i.e., accuracy and rea…☆57Updated 3 months ago
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆24Updated 3 years ago
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆117Updated 4 years ago
- AIBugHunter: A Practical Tool for Predicting, Classifying and Repairing Software Vulnerabilities☆43Updated last year
- [CCS'24] An LLM-based, fully automated fuzzing tool for option combination testing.☆85Updated 3 months ago
- CleanVul: Automatic Function-Level Vulnerability Detection in Code Commits Using LLM Heuristics☆15Updated 4 months ago
- ☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV)…☆93Updated last year
- ☆28Updated 3 years ago
- Atropos: Effective Fuzzing of Web Applications for Server-Side Vulnerabilities☆71Updated 11 months ago
- A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.☆359Updated this week
- Resources for our ICSE'24 poster: Prompt-Enhanced Software Vulnerability Detection Using ChatGPT.☆24Updated last year