rsc-dev / pypi_malware
PyPI malware packages
☆58Updated 6 years ago
Alternatives and similar repositories for pypi_malware:
Users that are interested in pypi_malware are comparing it to the libraries listed below
- Scan pypi for typosquatting☆38Updated 2 years ago
- A fork of Bandit tool with patterns to identifying malicious python code.☆24Updated 2 years ago
- An HTTP Response fuzzer to find Vulnerabilities in Security Scanners☆26Updated 8 months ago
- CPE: Common Platform Enumeration for Python☆96Updated 5 months ago
- NVD/CVE as JSON files☆114Updated this week
- Static Token And Credential Scanner☆96Updated last year
- The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of…☆81Updated 3 months ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆141Updated last year
- CveXplore☆36Updated last week
- Modular static malicious JavaScript detection system☆69Updated 4 years ago
- Bad packages from the pypi repository☆9Updated 6 years ago
- Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages☆129Updated 2 years ago
- CVSS2/3/4 library with interactive calculator for Python 2 and Python 3☆90Updated last month
- Syntactic detection of malicious (obfuscated) JavaScript files☆81Updated 5 years ago
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆180Updated this week
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and vers…☆109Updated last week
- Python wrapper for the API of cve-search☆118Updated last year
- OpenAPI 2.0 (Swagger) fuzzer written in python. Basically TnT for your API.☆111Updated 2 years ago
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆75Updated last month
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆17Updated 3 years ago
- This repository contains a list of papers about software supply chain☆26Updated 9 months ago
- Generic SAST Library☆130Updated 3 months ago
- Codyze is a static analyzer for Java, C, C++ based on code property graphs☆88Updated last month
- Code Hierarchy Exploration Net (chen)☆18Updated this week
- Vulnerability Information Aggregator for CVEs☆118Updated 5 years ago
- Extract useful semantic from CVE descriptions usinig NLP☆25Updated 2 years ago
- Grammar-based HTTP/2 fuzzer with mutation ability☆42Updated 2 years ago
- Exploit generator and Taint Engine to find persistent (and reflected) client-side XSS☆25Updated 5 years ago
- OSS-Fuzz vulnerabilities for OSV.☆150Updated this week
- AutoSpear☆60Updated last year