lxyeternal / pypi_malregistry
The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 07 Apr. 2025
☆88Updated last week
Alternatives and similar repositories for pypi_malregistry
Users that are interested in pypi_malregistry are comparing it to the libraries listed below
Sorting:
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆133Updated 2 years ago
- ☆16Updated 9 months ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆44Updated 3 years ago
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆18Updated 2 months ago
- CVEfixes: Automated Collection of Vulnerabilities and Their Fixes from Open-Source Software☆245Updated 9 months ago
- This repository contains a list of papers about software supply chain☆29Updated 11 months ago
- A deep learning model for localizing bugs in C/C++ source code (USENIX'23)☆150Updated last year
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆204Updated this week
- A manually vetted dataset for security vulnerability detection in Java projects☆50Updated 3 weeks ago
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆11Updated 2 years ago
- SecLLMHolmes is a generalized, fully automated, and scalable framework to systematically evaluate the performance (i.e., accuracy and rea…☆57Updated last week
- A curated list of awesome resources about LLM supply chain security (including papers, security reports and CVEs)☆71Updated 3 months ago
- ☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV)…☆92Updated last year
- Vul4J: A Dataset of Reproducible Java Vulnerabilities☆85Updated 2 months ago
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆116Updated 3 years ago
- HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs☆43Updated 2 years ago
- KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities (Best Practical Paper Award of RAID 2024)☆61Updated 3 months ago
- ☆26Updated last year
- A fork of Bandit tool with patterns to identifying malicious python code.☆25Updated 2 years ago
- ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?☆29Updated last year
- ☆11Updated last year
- TensorFlow API analysis tool and malicious model detection tool☆27Updated 2 months ago
- Hey folks, this is a repository for papers on LLM for Vuln. Detection area☆47Updated last month
- The official repository of "GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics". The paper will appear in the IE…☆44Updated last year
- 🪐 A Database of Existing Security Vulnerabilities Patches to Enable Evaluation of Techniques (single-commit; multi-language)☆38Updated last month
- [CCS'24] An LLM-based, fully automated fuzzing tool for option combination testing.☆76Updated 3 weeks ago
- VFCFinder: Searching for the Missing Vulnerability Fixing Commits☆29Updated last year
- This repo list the core literature in the field of fuzzing test, large language model, and LLM-based fuzzer. Most of papers are selected …☆52Updated last year
- ☆38Updated 2 years ago
- This is a benchmark for evaluating the vulnerability discovery ability of automated approaches including Large Language Models (LLMs), de…☆67Updated 5 months ago