The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 23 Jan. 2026
☆118Mar 21, 2026Updated 3 weeks ago
Alternatives and similar repositories for pypi_malregistry
Users that are interested in pypi_malregistry are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆333Updated this week
- ☆17Jul 25, 2024Updated last year
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆140Oct 5, 2022Updated 3 years ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆47Jan 25, 2022Updated 4 years ago
- A fork of Bandit tool with patterns to identifying malicious python code.☆29Sep 1, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆22Mar 7, 2025Updated last year
- Collection of tools for analyzing open source packages.☆357Apr 8, 2026Updated last week
- This repository contains a list of papers about software supply chain☆29May 22, 2024Updated last year
- Multi-threading Leaks/Intelligence file parser☆16Updated this week
- Modular static malicious JavaScript detection system☆75Jan 18, 2021Updated 5 years ago
- ☆31May 1, 2025Updated 11 months ago
- Resources for our ICSE'24 poster: Prompt-Enhanced Software Vulnerability Detection Using ChatGPT.☆25May 8, 2024Updated last year
- Mininode is a CLI tool to reduce the attack surface of the Node.js applications by using static analysis.☆21Apr 11, 2023Updated 3 years ago
- MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabil…☆25Dec 10, 2025Updated 4 months ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆24Apr 1, 2026Updated 2 weeks ago
- ☆13Jan 22, 2024Updated 2 years ago
- 这个脚本主要提供对pypi供应链的源头进行安全扫描研究,扫描并发现未知的恶意包情况。☆28May 22, 2023Updated 2 years ago
- archives for Tongji CTF 2017☆10Oct 25, 2023Updated 2 years ago
- Static JavaScript Analysis: AST, Control Flow, Data Flow, & Pointer Analysis☆28Feb 26, 2022Updated 4 years ago
- PyPI malware packages☆59Dec 12, 2018Updated 7 years ago
- A Python package that demontrates arbitrary code execution during the install process of a Python package.☆11Sep 28, 2014Updated 11 years ago
- YASA-UAST is an intermediate representation structure for multi-language program analysis. The UAST-Parser parses code from different pro…☆79Updated this week
- 安全升级jar包时,辅助检测Java Archive (JAR) 包之间兼容性,各类符号引用的存在检测,包括方法、方法签名、字段定义和引用、类引用等等☆14Jul 7, 2024Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- AFL++ using the Ball-Larus path profiling algorithm for coverage feedback☆15Oct 31, 2022Updated 3 years ago
- [ALL IN ONE] Everything that I shared to public about Cloud Security is here.☆63Apr 19, 2025Updated last year
- xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".☆470Updated this week
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆167Jan 29, 2024Updated 2 years ago
- A Publish-Subscribe Broker with Blockchain-based Immutability for the IoT and Supply Chain Monitoring☆17Apr 4, 2019Updated 7 years ago
- ☆50Oct 27, 2024Updated last year
- Debug pwn in docker, no need for virtual machines☆38Oct 10, 2025Updated 6 months ago
- JEST: N+1-version Differential Testing of Both JavaScript Engines☆14Jun 1, 2021Updated 4 years ago
- [ISSTA 2024] PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software☆27Sep 13, 2025Updated 7 months ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆13Jun 26, 2023Updated 2 years ago
- UpCy automatically finds compatible updates for Maven dependencies.☆12Feb 8, 2026Updated 2 months ago
- exploit-db备份☆15Jan 5, 2022Updated 4 years ago
- Corpus set used by DIE☆41May 20, 2020Updated 5 years ago
- ☆15May 17, 2019Updated 6 years ago
- This is a Cheatsheet for CTF Challenges categorized by different Privilege Escalation Methods☆28Aug 21, 2019Updated 6 years ago
- A Python pickling decompiler and static analyzer☆618Updated this week