The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 23 Jan. 2026
☆120Mar 21, 2026Updated last month
Alternatives and similar repositories for pypi_malregistry
Users that are interested in pypi_malregistry are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆341Updated this week
- ☆17Jul 25, 2024Updated last year
- The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning☆13Feb 8, 2026Updated 3 months ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆140Oct 5, 2022Updated 3 years ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆47Jan 25, 2022Updated 4 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A fork of Bandit tool with patterns to identifying malicious python code.☆30Sep 1, 2022Updated 3 years ago
- A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…☆500Updated this week
- GuardDog is a CLI tool to Identify malicious PyPI and npm packages☆1,075Updated this week
- Collection of tools for analyzing open source packages.☆360May 1, 2026Updated last week
- Automatically scan new pypi packages for potentially malicious code☆31Mar 24, 2024Updated 2 years ago
- This repository contains a list of papers about software supply chain☆29May 22, 2024Updated last year
- Multi-threading Leaks/Intelligence file parser☆16Updated this week
- Modular static malicious JavaScript detection system☆75Jan 18, 2021Updated 5 years ago
- ☆31May 1, 2025Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- 使用 Docker 一键构建 JDK 源码的 CodeQL 数据库,方便使用 CodeQL 查找 JDK 中的数据。☆27May 14, 2025Updated 11 months ago
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆25Dec 10, 2025Updated 4 months ago
- A dataset of software supply chain compromises. Please help us maintain it!☆131Sep 16, 2022Updated 3 years ago
- alsap_frontend☆63Feb 14, 2025Updated last year
- ☆24Apr 1, 2026Updated last month
- 这个脚本主要提供对pypi供应链的源头进行安全扫描研究,扫描并发现未知的恶意包情况。☆28May 22, 2023Updated 2 years ago
- Security Vulnerability Repair via Concolic Execution and Code Mutations☆19Sep 12, 2024Updated last year
- ☆13Jan 22, 2024Updated 2 years ago
- R package for working with data stored within VERIS framework☆13Dec 22, 2015Updated 10 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- PyPI malware packages☆59Dec 12, 2018Updated 7 years ago
- A manually vetted dataset for security vulnerability detection in Java projects☆100Aug 12, 2025Updated 8 months ago
- TensorFlow API analysis tool and malicious model detection tool☆40May 27, 2025Updated 11 months ago
- Kaze's openly available CVE vulnerability data.☆16Apr 7, 2025Updated last year
- 安全升级jar包时,辅助检测Java Archive (JAR) 包之间兼容性,各类符号引用的存在检测,包括方法、方法签名、字段定义和引用、类引用等等☆14Jul 7, 2024Updated last year
- [ALL IN ONE] Everything that I shared to public about Cloud Security is here.☆64Apr 19, 2025Updated last year
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆474Apr 14, 2026Updated 3 weeks ago
- Cybersecurity Ontology (CyberOnto) and Situational Awareness (CyberSA) help teamwork in Cyber Incident Responses, Control, Containment, a…☆10Sep 15, 2022Updated 3 years ago
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆168Jan 29, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆51Oct 27, 2024Updated last year
- [ISSTA 2024] PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software☆27Sep 13, 2025Updated 7 months ago
- UpCy automatically finds compatible updates for Maven dependencies.☆12Feb 8, 2026Updated 3 months ago
- A novel and interpretable ML-based approach to classify malware with high accuracy and explain the classification result meanwhile.☆29Nov 23, 2022Updated 3 years ago
- idea插件,快速生成反序列化中常用的方法,比如setFieldValue、createTemplatesImpl等☆29Oct 2, 2024Updated last year
- ☆21Nov 7, 2023Updated 2 years ago
- Bundle of security analysis scripts for keras tensorflow models☆16Apr 15, 2024Updated 2 years ago