The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 23 Jan. 2026
☆115Jan 24, 2026Updated last month
Alternatives and similar repositories for pypi_malregistry
Users that are interested in pypi_malregistry are comparing it to the libraries listed below
Sorting:
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆307Updated this week
- ☆17Jul 25, 2024Updated last year
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆136Oct 5, 2022Updated 3 years ago
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆13Feb 8, 2026Updated last month
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆21Mar 7, 2025Updated last year
- A fork of Bandit tool with patterns to identifying malicious python code.☆29Sep 1, 2022Updated 3 years ago
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆1,003Updated this week
- Collection of tools for analyzing open source packages.☆357Feb 24, 2026Updated last week
- Open Source Package Analysis☆866Feb 27, 2026Updated last week
- ☆10Sep 25, 2024Updated last year
- This is a Cheatsheet for CTF Challenges categorized by different Privilege Escalation Methods☆28Aug 21, 2019Updated 6 years ago
- ☆32May 1, 2025Updated 10 months ago
- This repository contains a list of papers about software supply chain☆29May 22, 2024Updated last year
- ☆14Jan 22, 2024Updated 2 years ago
- 安全升级jar包时,辅助检测Java Archive (JAR) 包之间兼容性,各类符号引用的存在检测,包括方法、方法签名、字段定义和引用、类引用等等☆14Jul 7, 2024Updated last year
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆23Dec 10, 2025Updated 3 months ago
- ☆15May 17, 2019Updated 6 years ago
- Mininode is a CLI tool to reduce the attack surface of the Node.js applications by using static analysis.☆21Apr 11, 2023Updated 2 years ago
- This is the term project of course 'Object-Oriented Programming' ,SSE, Tongji University, 2017.☆15Jun 20, 2017Updated 8 years ago
- Open-source Fabric templates for cybersecurity and compliance☆31Jan 13, 2025Updated last year
- [ISSTA 2024] PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software☆26Sep 13, 2025Updated 5 months ago
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆463Jan 15, 2026Updated last month
- A dataset of software supply chain compromises. Please help us maintain it!☆131Sep 16, 2022Updated 3 years ago
- Resources for our ICSE'24 poster: Prompt-Enhanced Software Vulnerability Detection Using ChatGPT.☆25May 8, 2024Updated last year
- java 漏洞平台包含各种CVE☆23Jun 17, 2022Updated 3 years ago
- [ALL IN ONE] Everything that I shared to public about Cloud Security is here.☆60Apr 19, 2025Updated 10 months ago
- Building relation graph of Android APIs to catch the semantics between APIs, and used to enhancing Android malware detectors☆93Sep 23, 2022Updated 3 years ago
- ☆50Dec 19, 2020Updated 5 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆165Jan 29, 2024Updated 2 years ago
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆28Feb 26, 2022Updated 4 years ago
- Some PoC (Proof-of-Concept) about vulnerability of java deserialization of untrusted data☆26Jul 12, 2021Updated 4 years ago
- software vulnerabilities☆24Apr 3, 2019Updated 6 years ago
- 静态分析基础教程☆180Jan 3, 2026Updated 2 months ago
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆118Jun 21, 2021Updated 4 years ago
- ☆28Oct 26, 2021Updated 4 years ago
- ☆44Sep 4, 2025Updated 6 months ago
- My security presentations☆29Aug 21, 2023Updated 2 years ago
- TensorFlow API analysis tool and malicious model detection tool☆39May 27, 2025Updated 9 months ago
- A tool to automatically patch vulnerable Ethereum smart contracts (RAID 2022).☆27Nov 4, 2022Updated 3 years ago