lxyeternal / pypi_malregistry
The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of Malicious Code In PyPI Ecosystem". Of course, we will continue to expand the dataset. Latest update time: 18 Oct. 2024
☆62Updated last month
Related projects ⓘ
Alternatives and complementary repositories for pypi_malregistry
- This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…☆15Updated 8 months ago
- Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"☆39Updated 2 years ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆122Updated 2 years ago
- ☆22Updated 9 months ago
- Awesome materials for software supply chain security☆17Updated 4 years ago
- ☆23Updated 9 months ago
- ☆36Updated last year
- Source Code Vulnerability Detection Tools(SCVDT)provides a vulnerable code database, vulnerability detection service for Java and C/C++ p…☆110Updated 3 years ago
- Some test samples for CPG execution logic.☆18Updated 7 months ago
- CVEfixes: Automated Collection of Vulnerabilities and Their Fixes from Open-Source Software☆204Updated 3 months ago
- ObjLupAnsys is a tool to detect prototype pollution vulnerabilities in Node.js packages. This project is written in Python and JavaScript…☆22Updated 2 years ago
- This repository contains a list of papers about software supply chain☆25Updated 5 months ago
- Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.☆152Updated 2 months ago
- ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?☆27Updated last year
- ☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV)…☆82Updated last year
- Artifact for ICSE 2023☆45Updated 2 years ago
- MINER provided by the paper "MINER: A Hybrid Data-Driven Approach for REST API Fuzzing"☆37Updated last year
- HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs☆40Updated 2 years ago
- A C/C++ Code Vulnerability Dataset with Code Changes and CVE Summaries☆241Updated 3 years ago
- Pairing Security Advisories with Vulnerable Functions Using Open-Source LLMs - DIMVA '24☆12Updated 3 months ago
- A deep learning model for localizing bugs in C/C++ source code (USENIX'23)☆137Updated last year
- 一个搜索网络安全领域顶会论文的小工具☆58Updated 3 weeks ago
- BambooFuzz: An IoT Firmware Vulnerability Mining System based on Static and Dynamic Analysis☆52Updated 2 years ago
- ☆50Updated 10 months ago
- KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities (Best Practical Paper Award of RAID 2024)☆37Updated last month
- ODGen is a JavaScript Static Analysis tool to detect multiple types of vulnerabilities in Node.js packages.☆147Updated 9 months ago
- This is a benchmark for evaluating the vulnerability discovery ability of automated approaches including Large Language Models (LLMs), de…☆60Updated this week
- FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities☆90Updated 11 months ago
- ☆23Updated last year
- Works about detecting vulnerable using ML.☆83Updated 4 years ago