ossf/package-feeds

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/ossf/package-feeds)

ossf / package-feeds

Feed parsing for language package manager updates

☆83

Alternatives and similar repositories for package-feeds

Users that are interested in package-feeds are comparing it to the libraries listed below

Sorting:

ossf / package-analysis
View on GitHub
Open Source Package Analysis
☆866Feb 27, 2026Updated 3 weeks ago
SAP / risk-explorer-for-software-supply-chains
View on GitHub
A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
☆81Updated this week
chains-project / dirty-waters
View on GitHub
automatically detect software supply chain smells and issues http://arxiv.org/pdf/2410.16049
☆18Mar 13, 2026Updated last week
duo-labs / markflow
View on GitHub
Make your Markdown sparkle!
☆20May 2, 2022Updated 3 years ago
jordan-wright / ossmalware
View on GitHub
☆93Aug 30, 2022Updated 3 years ago
ossf / malicious-packages
View on GitHub
A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerabilit…
☆470Updated this week
c3rb3ru5d3d53c / mwdb-feeds
View on GitHub
A Modular MWDB Utility to Collect Fresh Malware Samples
☆34May 17, 2021Updated 4 years ago
AppThreat / vulnerability-db
View on GitHub
Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers…
☆137Mar 10, 2026Updated last week
microsoft / OSSGadget
View on GitHub
Collection of tools for analyzing open source packages.
☆358Mar 9, 2026Updated last week
CAIDA / commoncrawl-host-ip-mapper
View on GitHub
Crawler that retrieves commoncrawl's crawled hosts and their corresponding IPs
☆21Sep 1, 2025Updated 6 months ago
anchore / vulnerability-match-labels
View on GitHub
Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners
☆14Updated this week
EmergingThreats / threatresearch
View on GitHub
Proofpoint - Emerging Threats - Threat Research tools + publicly shared intel and documentation
☆84Updated this week
rkovar / ransomwarelegality
View on GitHub
Can you pay the ransom in your country?
☆14Dec 18, 2023Updated 2 years ago
rsc-dev / pypi_malware
View on GitHub
PyPI malware packages
☆59Dec 12, 2018Updated 7 years ago
package-url / packageurl-go
View on GitHub
Go implementation of the package url spec
☆73Mar 7, 2026Updated 2 weeks ago
fabric8-analytics / cvejob
View on GitHub
A tool which tries to map CVEs from NVD to packages in supported ecosystems (Maven, NPM, PyPI).
☆12Jul 12, 2025Updated 8 months ago
SAP / project-kb
View on GitHub
Home page of project "KB"
☆134Mar 27, 2025Updated 11 months ago
CycodeLabs / gh-injection-vuln-demo
View on GitHub
Demos for our research on Github actions script injection vulnerabilities
☆13May 14, 2024Updated last year
CloudSecurityAlliance / gsd-tools
View on GitHub
Global Security Database Tools
☆43Dec 13, 2023Updated 2 years ago
DCSO / bloom
View on GitHub
A highly efficient Bloom filter library and command line tool written in Go.
☆77Sep 16, 2022Updated 3 years ago
kaansk / Go-MISPFeedGenerator
View on GitHub
Golang implementation of PyMISP-feedgenerator
☆18Jul 31, 2022Updated 3 years ago
owasp-dep-scan / depscan-bin
View on GitHub
Binary builds for dep-scan - The Dependency Scanner
☆10Apr 1, 2024Updated last year
wtwofire / A-systematic-review-of-fuzzing-based-on-machine-learning-techniques
View on GitHub
☆10Jul 9, 2020Updated 5 years ago
wolfi-dev / tools
View on GitHub
Various tools, images, etc. to support the Wolfi OSS project
☆27Mar 16, 2026Updated last week
stairwell-inc / threat-research
View on GitHub
Repository of tools, YARA rules, and code-snippets from Stairwell's research team.
☆23Jan 31, 2024Updated 2 years ago
CIRCL / pbtc
View on GitHub
Passive Bitcoin Project
☆10Aug 10, 2015Updated 10 years ago
DataDog / malicious-software-packages-dataset
View on GitHub
An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
☆311Updated this week
D4-project / IPASN-History
View on GitHub
IP ASN History to find ASN announcing an IP and the closest prefix announcing it at a specific date
☆97Jan 8, 2026Updated 2 months ago
fuzzitdev / example-c
View on GitHub
This is an example of a project with continuous fuzzing integration
☆11Jul 26, 2020Updated 5 years ago
ossf / security-reviews
View on GitHub
A community collection of security reviews of open source software components.
☆98Feb 29, 2024Updated 2 years ago
gittuf / gittuf
View on GitHub
A security layer for Git repositories
☆579Updated this week
anchore / vunnel
View on GitHub
Tool for collecting vulnerability data from various sources (used to build the grype database)
☆114Updated this week
ossf / wg-supply-chain-integrity
View on GitHub
Our objective is to enable open source maintainers, contributors and end-users to understand and make decisions on the provenance of the …
☆199Jan 15, 2026Updated 2 months ago
captainGeech42 / synapse-sinkdb
View on GitHub
Synapse Rapid Power-up for SinkDB
☆11Jun 24, 2025Updated 8 months ago
ossf / package-manager-best-practices
View on GitHub
Collection of security best practices for package managers.
☆164Sep 26, 2022Updated 3 years ago
ait-cs-IaaS / Taranis-NG
View on GitHub
Taranis NG is an OSINT gathering and analysis tool for CSIRT teams and organisations. It allows team-to-team collaboration, and contains …
☆10Oct 17, 2023Updated 2 years ago
lyvd / bandit4mal
View on GitHub
A fork of Bandit tool with patterns to identifying malicious python code.
☆29Sep 1, 2022Updated 3 years ago
informed-governance-project / NISINP
View on GitHub
Incident Notification Platform by @NC3-LU
☆11Updated this week
hrbrmstr / sourcehut
View on GitHub
Tools to Work with the SourceHut Development Ecosystem
☆21Sep 17, 2019Updated 6 years ago