Alternatives and similar repositories for software_supply_chain_papers:

Users that are interested in software_supply_chain_papers are comparing it to the libraries listed below

• assuremoss / lastpymile
  A reimplementation of LastPyMile: A Python-based library to Identify the differences between build artifacts of PyPI packages and the res…
  ☆15Updated 3 years ago
• WOOSEUNGHOON / Centris-public
  ☆54Updated last year
• s3c2 / vfcfinder
  VFCFinder: Searching for the Missing Vulnerability Fixing Commits
  ☆27Updated last year
• lkpsg / ccscanner
  A C/C++ dependency scanner
  ☆38Updated last year
• lyvd / bad-snakes-icse23-artifacts
  The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning
  ☆11Updated 2 years ago
• SAP / project-kb
  Home page of project "KB"
  ☆123Updated 3 weeks ago
• Tricker-z / TPLite
  ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?
  ☆29Updated last year
• tuhh-softsec / vul4j
  Vul4J: A Dataset of Reproducible Java Vulnerabilities
  ☆82Updated last month
• sodium49 / CNEPS-public
  Public version of CNEPS
  ☆21Updated 3 months ago
• githubnext / amalfi-artifact
  Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"
  ☆43Updated 3 years ago
• MarkLee131 / PatchFinder
  PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software (ISSTA 2024)
  ☆19Updated 3 weeks ago
• osssanitizer / maloss
  Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
  ☆130Updated 2 years ago
• WOOSEUNGHOON / MOVERY-public
  ☆26Updated 2 years ago
• lyvd / bandit4mal
  A fork of Bandit tool with patterns to identifying malicious python code.
  ☆25Updated 2 years ago
• DeepSoftwareAnalytics / LibDB
  ☆34Updated 2 years ago
• electricalwind / data7
  A vulnerability patch gathering tool
  ☆42Updated 6 years ago
• SAP-samples / cross-language-detection-artifacts
  This repository complements our paper by offering the training dataset, the best-performing models utilized in our real-world experiment,…
  ☆18Updated last month
• RiS3-Lab / FICS
  ☆49Updated 4 years ago
• IBM / D2A
  This repository is to support contributions for tools and new data entries for the D2A dataset hosted in DAX
  ☆69Updated 2 years ago
• ASSERT-KTH / VRepair
  open science repo of "Neural Transfer Learning for Repairing Security Vulnerabilities in C Code" https://arxiv.org/pdf/2104.08308
  ☆63Updated last year
• baolingfeng / V-SZZ
  This is the replication package of V-SZZ, which has been accepted by ICSE2022
  ☆14Updated 3 weeks ago
• VulDeeLocator / VulDeeLocator
  ☆98Updated 5 months ago
• Aurore54F / HideNoSeek
  Static data flow-based analysis of JavaScript files to detect syntactic clones
  ☆23Updated 5 years ago
• JafarAkhondali / Morefixes
  MoreFixes: A Large-Scale Dataset of CVE Fix Commits Mined through Enhanced Repository Discovery
  ☆27Updated last week
• SunLab-GMU / GraphSPD
  The official repository of "GraphSPD: Graph-Based Security Patch Detection with Enriched Code Semantics". The paper will appear in the IE…
  ☆44Updated last year
• ZJU-SEC / TensorAbuse
  TensorFlow API analysis tool and malicious model detection tool
  ☆26Updated last month
• cristianstaicu / SecBench.js
  ☆31Updated 6 months ago
• SunLab-GMU / PatchDB
  The public dataset in the paper "PatchDB: A Large-Scale Security Patch Dataset". This paper appears in the 51st Annual IEEE/IFIP Interna…
  ☆40Updated last year
• SAP / risk-explorer-for-software-supply-chains
  A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…
  ☆75Updated 3 weeks ago
• ymirsky / VulChecker
  A deep learning model for localizing bugs in C/C++ source code (USENIX'23)
  ☆149Updated last year