The repository has collected over 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 14 Jun. 2026
☆126Jun 14, 2026Updated 3 weeks ago
Alternatives and similar repositories for pypi_malregistry
Users that are interested in pypi_malregistry are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆358Updated this week
- ☆17Jul 25, 2024Updated last year
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆13Feb 8, 2026Updated 5 months ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆140Oct 5, 2022Updated 3 years ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆47Jan 25, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆22Mar 7, 2025Updated last year
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆1,148Updated this week
- Collection of tools for analyzing open source packages.☆365Jun 15, 2026Updated 3 weeks ago
- This repository contains a list of papers about software supply chain☆29May 22, 2024Updated 2 years ago
- Open Source Package Analysis☆895Updated this week
- Multi-threading Leaks/Intelligence file parser☆16Updated this week
- Modular static malicious JavaScript detection system☆75Jan 18, 2021Updated 5 years ago
- ☆31May 1, 2025Updated last year
- 使用 Docker 一键构建 JDK 源码的 CodeQL 数据库,方便使用 CodeQL 查找 JDK 中的数据。☆27May 14, 2025Updated last year
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Resources for our ICSE'24 poster: Prompt-Enhanced Software Vulnerability Detection Using ChatGPT.☆25May 8, 2024Updated 2 years ago
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆25Dec 10, 2025Updated 6 months ago
- A dataset of software supply chain compromises. Please help us maintain it!☆130Sep 16, 2022Updated 3 years ago
- alsap_frontend☆63Feb 14, 2025Updated last year
- archives for Tongji CTF 2017☆10Oct 25, 2023Updated 2 years ago
- Security Vulnerability Repair via Concolic Execution and Code Mutations☆21Sep 12, 2024Updated last year
- Code and dataset for paper C4: Contrastive Cross-Language Code Clone Detection☆30May 24, 2022Updated 4 years ago
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆29Feb 26, 2022Updated 4 years ago
- PyPI malware packages☆59Dec 12, 2018Updated 7 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- A manually vetted dataset for security vulnerability detection in Java projects☆106Aug 12, 2025Updated 10 months ago
- A Python package that demontrates arbitrary code execution during the install process of a Python package.☆11Sep 28, 2014Updated 11 years ago
- TensorFlow API analysis tool and malicious model detection tool☆41May 27, 2025Updated last year
- 安全升级jar包时,辅助检测Java Archive (JAR) 包之间兼容性,各类符号引用的存在检测,包括方法、方法签名、字段定义和引用、类引用等等☆15Jul 7, 2024Updated 2 years ago
- YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…☆86Updated this week
- AFL++ using the Ball-Larus path profiling algorithm for coverage feedback☆15Oct 31, 2022Updated 3 years ago
- [ALL IN ONE] Everything that I shared to public about Cloud Security is here.☆65Apr 19, 2025Updated last year
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆483May 21, 2026Updated last month
- Cybersecurity Ontology (CyberOnto) and Situational Awareness (CyberSA) help teamwork in Cyber Incident Responses, Control, Containment, a…☆10Sep 15, 2022Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆169Jan 29, 2024Updated 2 years ago
- ☆52Oct 27, 2024Updated last year
- Debug pwn in docker, no need for virtual machines☆38Oct 10, 2025Updated 8 months ago
- A GDB debugging tool designed for AI Agents (Claude Code, etc.)☆30Apr 25, 2026Updated 2 months ago
- [ISSTA 2024] PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software☆27Sep 13, 2025Updated 9 months ago
- UpCy automatically finds compatible updates for Maven dependencies.☆12Feb 8, 2026Updated 5 months ago
- Bundle of security analysis scripts for keras tensorflow models☆16Apr 15, 2024Updated 2 years ago