The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 23 Jan. 2026
☆116Mar 21, 2026Updated last week
Alternatives and similar repositories for pypi_malregistry
Users that are interested in pypi_malregistry are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆316Updated this week
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆138Oct 5, 2022Updated 3 years ago
- A fork of Bandit tool with patterns to identifying malicious python code.☆29Sep 1, 2022Updated 3 years ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆473Updated this week
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆1,024Updated this week
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- This repository contains a list of papers about software supply chain☆29May 22, 2024Updated last year
- Multi-threading Leaks/Intelligence file parser☆15Mar 16, 2026Updated 2 weeks ago
- Modular static malicious JavaScript detection system☆75Jan 18, 2021Updated 5 years ago
- ☆32May 1, 2025Updated 10 months ago
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆24Dec 10, 2025Updated 3 months ago
- Resources for our ICSE'24 poster: Prompt-Enhanced Software Vulnerability Detection Using ChatGPT.☆25May 8, 2024Updated last year
- Mininode is a CLI tool to reduce the attack surface of the Node.js applications by using static analysis.☆21Apr 11, 2023Updated 2 years ago
- A dataset of software supply chain compromises. Please help us maintain it!☆131Sep 16, 2022Updated 3 years ago
- ☆23Feb 10, 2026Updated last month
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆14Jan 22, 2024Updated 2 years ago
- archives for Tongji CTF 2017☆10Oct 25, 2023Updated 2 years ago
- 这个脚本主要提供对pypi供应链的源头进行安全扫描研究,扫描并发现未知的恶意包情况。☆28May 22, 2023Updated 2 years ago
- Security Vulnerability Repair via Concolic Execution and Code Mutations☆19Sep 12, 2024Updated last year
- Code and dataset for paper C4: Contrastive Cross-Language Code Clone Detection☆32May 24, 2022Updated 3 years ago
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆28Feb 26, 2022Updated 4 years ago
- PyPI malware packages☆59Dec 12, 2018Updated 7 years ago
- A manually vetted dataset for security vulnerability detection in Java projects☆94Aug 12, 2025Updated 7 months ago
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆83May 3, 2024Updated last year
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- Kaze's openly available CVE vulnerability data.☆16Apr 7, 2025Updated 11 months ago
- TensorFlow API analysis tool and malicious model detection tool☆39May 27, 2025Updated 10 months ago
- YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…☆74Mar 19, 2026Updated last week
- 安全升级jar包时,辅助检测Java Archive (JAR) 包之间兼容性,各类符号引用的存在检测,包括方法、方法签名、字段定义和引用、类引用等等☆14Jul 7, 2024Updated last year
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆468Jan 15, 2026Updated 2 months ago
- Cybersecurity Ontology (CyberOnto) and Situational Awareness (CyberSA) help teamwork in Cyber Incident Responses, Control, Containment, a…☆10Sep 15, 2022Updated 3 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆167Jan 29, 2024Updated 2 years ago
- Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles☆20Mar 24, 2021Updated 5 years ago
- JEST: N+1-version Differential Testing of Both JavaScript Engines☆14Jun 1, 2021Updated 4 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- [ISSTA 2024] PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software☆27Sep 13, 2025Updated 6 months ago
- ☆13Jun 26, 2023Updated 2 years ago
- UpCy automatically finds compatible updates for Maven dependencies.☆12Feb 8, 2026Updated last month
- A novel and interpretable ML-based approach to classify malware with high accuracy and explain the classification result meanwhile.☆28Nov 23, 2022Updated 3 years ago
- idea插件,快速生成反序列化中常用的方法,比如setFieldValue、createTemplatesImpl等☆29Oct 2, 2024Updated last year
- Bundle of security analysis scripts for keras tensorflow models☆16Apr 15, 2024Updated last year
- exploit-db备份☆15Jan 5, 2022Updated 4 years ago