The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 23 Jan. 2026
☆121Mar 21, 2026Updated 2 months ago
Alternatives and similar repositories for pypi_malregistry
Users that are interested in pypi_malregistry are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆345Updated this week
- ☆17Jul 25, 2024Updated last year
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆13Feb 8, 2026Updated 3 months ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆140Oct 5, 2022Updated 3 years ago
- A fork of Bandit tool with patterns to identifying malicious python code.☆30Sep 1, 2022Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆520Updated this week
- Collection of tools for analyzing open source packages.☆362May 1, 2026Updated 3 weeks ago
- Automatically scan new pypi packages for potentially malicious code☆31Mar 24, 2024Updated 2 years ago
- Modular static malicious JavaScript detection system☆75Jan 18, 2021Updated 5 years ago
- ☆31May 1, 2025Updated last year
- Resources for our ICSE'24 poster: Prompt-Enhanced Software Vulnerability Detection Using ChatGPT.☆25May 8, 2024Updated 2 years ago
- Mininode is a CLI tool to reduce the attack surface of the Node.js applications by using static analysis.☆21Apr 11, 2023Updated 3 years ago
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆25Dec 10, 2025Updated 5 months ago
- A dataset of software supply chain compromises. Please help us maintain it!☆131Sep 16, 2022Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆24Apr 1, 2026Updated last month
- archives for Tongji CTF 2017☆10Oct 25, 2023Updated 2 years ago
- Security Vulnerability Repair via Concolic Execution and Code Mutations☆20Sep 12, 2024Updated last year
- Code and dataset for paper C4: Contrastive Cross-Language Code Clone Detection☆30May 24, 2022Updated 4 years ago
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆29Feb 26, 2022Updated 4 years ago
- A manually vetted dataset for security vulnerability detection in Java projects☆104Aug 12, 2025Updated 9 months ago
- A Python package that demontrates arbitrary code execution during the install process of a Python package.☆11Sep 28, 2014Updated 11 years ago
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆84May 3, 2024Updated 2 years ago
- 安全升级jar包时,辅助检测Java Archive (JAR) 包之间兼容性,各类符号引用的存在检测,包括方法、方法签名、字段定义和引用、类引用等等☆14Jul 7, 2024Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…☆84May 21, 2026Updated last week
- [ALL IN ONE] Everything that I shared to public about Cloud Security is here.☆64Apr 19, 2025Updated last year
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆474May 21, 2026Updated last week
- Cybersecurity Ontology (CyberOnto) and Situational Awareness (CyberSA) help teamwork in Cyber Incident Responses, Control, Containment, a…☆10Sep 15, 2022Updated 3 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆168Jan 29, 2024Updated 2 years ago
- ☆52Oct 27, 2024Updated last year
- Debug pwn in docker, no need for virtual machines☆38Oct 10, 2025Updated 7 months ago
- Audit Node Module folder with YARA rules to identify possible malicious packages hiding in node_moudles☆20Mar 24, 2021Updated 5 years ago
- JEST: N+1-version Differential Testing of Both JavaScript Engines☆14Jun 1, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- [ISSTA 2024] PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software☆27Sep 13, 2025Updated 8 months ago
- UpCy automatically finds compatible updates for Maven dependencies.☆12Feb 8, 2026Updated 3 months ago
- A novel and interpretable ML-based approach to classify malware with high accuracy and explain the classification result meanwhile.☆29Nov 23, 2022Updated 3 years ago
- Proof of concept for an anti-phishing browser plugin, working by comparing pages screenshots with perceptual hashing algorithms.☆10Apr 3, 2022Updated 4 years ago
- idea插件,快速生成反序列化中常用的方法,比如setFieldValue、createTemplatesImpl等☆29Oct 2, 2024Updated last year
- ☆20Nov 7, 2023Updated 2 years ago
- Bundle of security analysis scripts for keras tensorflow models☆16Apr 15, 2024Updated 2 years ago