Alternatives and similar repositories for software_supply_chain_papers

Users that are interested in software_supply_chain_papers are comparing it to the libraries listed below

• lkpsg / ccscanner
  A C/C++ dependency scanner
  ☆40Updated last year
• githubnext / amalfi-artifact
  Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"
  ☆46Updated 3 years ago
• SAP / project-kb
  Home page of project "KB"
  ☆129Updated 6 months ago
• WOOSEUNGHOON / Centris-public
  ☆60Updated last year
• Tricker-z / TPLite
  ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?
  ☆30Updated 2 years ago
• s3c2 / vfcfinder
  VFCFinder: Searching for the Missing Vulnerability Fixing Commits
  ☆29Updated last year
• lyvd / bad-snakes-icse23-artifacts
  The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning
  ☆12Updated 2 years ago
• osssanitizer / maloss
  Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
  ☆135Updated 3 years ago
• assuremoss / lastpymile
  A reimplementation of LastPyMile: A Python-based library to Identify the differences between build artifacts of PyPI packages and the res…
  ☆15Updated 3 years ago
• tuhh-softsec / vul4j
  Vul4J: A Dataset of Reproducible Java Vulnerabilities
  ☆99Updated last month
• DeepSoftwareAnalytics / LibDB
  ☆34Updated 2 years ago
• sodium49 / CNEPS-public
  Public version of CNEPS
  ☆21Updated 9 months ago
• WOOSEUNGHOON / MOVERY-public
  ☆26Updated 2 years ago
• security-commits / security-patches-dataset
  ☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV)…
  ☆96Updated 2 years ago
• electricalwind / data7
  A vulnerability patch gathering tool
  ☆43Updated 6 years ago
• SunLab-GMU / PatchDB
  The public dataset in the paper "PatchDB: A Large-Scale Security Patch Dataset". This paper appears in the 51st Annual IEEE/IFIP Interna…
  ☆44Updated 2 years ago
• JafarAkhondali / Morefixes
  MoreFixes: A Large-Scale Dataset of CVE Fix Commits Mined through Enhanced Repository Discovery
  ☆44Updated 6 months ago
• SAP-samples / cross-language-detection-artifacts
  This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…
  ☆20Updated 7 months ago
• secureIT-project / CVEfixes
  CVEfixes: Automated Collection of Vulnerabilities and Their Fixes from Open-Source Software
  ☆280Updated last year
• ymirsky / VulChecker
  A deep learning model for localizing bugs in C/C++ source code (USENIX'23)
  ☆153Updated 2 years ago
• RiS3-Lab / FICS
  ☆50Updated 4 years ago
• osssanitizer / osspolice
  Identifying Open-Source License Violation and 1-day Security Risk at Large Scale
  ☆67Updated 7 years ago
• IBM / D2A
  This repository is to support contributions for tools and new data entries for the D2A dataset hosted in DAX
  ☆74Updated 3 years ago
• SunLab-GMU / GraphSPD
  The official repository of "GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics". The paper will appear in the IE…
  ☆47Updated 2 years ago
• n132 / ARVO-Meta
  ☆79Updated last month
• VulDeeLocator / VulDeeLocator
  ☆102Updated 11 months ago
• stan6 / se-paper
  ☆74Updated 2 years ago
• lxyeternal / pypi_malregistry
  The repository has collected about 10,000 malicious pypi packages. This dataset is the work of the ASE 2023 paper "An Empirical Study of…
  ☆102Updated 2 months ago
• Icyrockton / MegaVul
  MegaVul - The largest, high-quality, extensible, continuously updated, C/C++/Java vulnerability dataset
  ☆122Updated 8 months ago
• baolingfeng / V-SZZ
  This is the replication package of V-SZZ, which has been accepted by ICSE2022
  ☆15Updated 2 months ago