lxyeternal / pypi_malregistry
The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 27 Nov. 2024
☆78Updated 2 months ago
Alternatives and similar repositories for pypi_malregistry:
Users that are interested in pypi_malregistry are comparing it to the libraries listed below
- ☆13Updated 6 months ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆127Updated 2 years ago
- A curated list of awesome resources about LLM supply chain security (including papers, security reports and CVEs)☆35Updated last month
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆16Updated 11 months ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆43Updated 3 years ago
- CVEfixes: Automated Collection of Vulnerabilities and Their Fixes from Open-Source Software☆220Updated 6 months ago
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆112Updated 3 years ago
- ☆36Updated 2 years ago
- A deep learning model for localizing bugs in C/C++ source code (USENIX'23)☆144Updated last year
- ☆24Updated last year
- The source code (including datasets) of V1SCAN (USENIX Security 2023; will be uploaded).☆41Updated last year
- KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities (Best Practical Paper Award of RAID 2024)☆45Updated 3 weeks ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆152Updated last year
- Pairing Security Advisories with Vulnerable Functions Using Open-Source LLMs - DIMVA '24☆15Updated 6 months ago
- AIBugHunter: A Practical Tool for Predicting, Classifying and Repairing Software Vulnerabilities☆38Updated 10 months ago
- ☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV)…☆86Updated last year
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆162Updated 5 months ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆178Updated this week
- [CCS'24] An LLM-based, fully automated fuzzing tool for option combination testing.☆64Updated last month
- Artifact for ICSE 2023☆46Updated 2 years ago
- HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs☆41Updated 2 years ago
- A collection of security papers on top-tier publications☆39Updated this week
- The official repository of "GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics". The paper will appear in the IE…☆42Updated last year
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆11Updated last year
- MINER provided by the paper "MINER: A Hybrid Data-Driven Approach for REST API Fuzzing"☆37Updated last year
- 🪐 A Database of Existing Security Vulnerabilities Patches to Enable Evaluation of Techniques (single-commit; multi-language)☆37Updated 2 years ago
- Witcher is the first framework for using AFL to fuzz web applications.☆80Updated last year
- A framework for identifying vulnerabilities in VS Code extensions☆16Updated 7 months ago
- This repository contains a list of papers about software supply chain☆26Updated 8 months ago
- SecLLMHolmes is a generalized, fully automated, and scalable framework to systematically evaluate the performance (i.e., accuracy and rea…☆46Updated 3 months ago