Alternatives and similar repositories for software_supply_chain_papers

Users that are interested in software_supply_chain_papers are comparing it to the libraries listed below

• lkpsg / ccscanner
  A C/C++ dependency scanner
  ☆41Updated 2 years ago
• WOOSEUNGHOON / Centris-public
  ☆61Updated 2 years ago
• SAP / project-kb
  Home page of project "KB"
  ☆132Updated 9 months ago
• lyvd / bad-snakes-icse23-artifacts
  The Artifacts for ICSE 2023 paper: Bad Snakes: Understanding and Improving Python Package Index Malware Scanning
  ☆12Updated 2 years ago
• assuremoss / lastpymile
  A reimplementation of LastPyMile: A Python-based library to Identify the differences between build artifacts of PyPI packages and the res…
  ☆15Updated 4 years ago
• s3c2 / vfcfinder
  VFCFinder: Searching for the Missing Vulnerability Fixing Commits
  ☆30Updated 2 years ago
• sodium49 / CNEPS-public
  Public version of CNEPS
  ☆23Updated last year
• Tricker-z / TPLite
  ISSTA'23 - Third-party Library Dependency for Large-scale SCA in the C/C++ Ecosystem: How Far Are We?
  ☆29Updated 2 years ago
• osssanitizer / maloss
  Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
  ☆135Updated 3 years ago
• JafarAkhondali / Morefixes
  MoreFixes: A Large-Scale Dataset of CVE Fix Commits Mined through Enhanced Repository Discovery
  ☆61Updated 3 weeks ago
• githubnext / amalfi-artifact
  Artifact accompanying our ICSE '22 paper "Practical Automated Detection of Malicious npm Packages"
  ☆47Updated 3 years ago
• SunLab-GMU / PatchDB
  The public dataset in the paper "PatchDB: A Large-Scale Security Patch Dataset". This paper appears in the 51st Annual IEEE/IFIP Interna…
  ☆48Updated 2 years ago
• security-commits / security-patches-dataset
  ☠️ Ground-truth dataset for vulnerability prediction (known research datasets and data sources included such as NVD, CVE Details and OSV)…
  ☆101Updated 2 years ago
• electricalwind / data7
  A vulnerability patch gathering tool
  ☆44Updated 6 years ago
• WOOSEUNGHOON / MOVERY-public
  ☆26Updated 2 years ago
• tuhh-softsec / vul4j
  Vul4J: A Dataset of Reproducible Java Vulnerabilities
  ☆115Updated 4 months ago
• RiS3-Lab / FICS
  ☆50Updated 5 years ago
• Fraunhofer-AISEC / cpg
  A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.
  ☆397Updated this week
• IBM / D2A
  This repository is to support contributions for tools and new data entries for the D2A dataset hosted in DAX
  ☆73Updated 3 years ago
• secureIT-project / CVEfixes
  CVEfixes: Automated Collection of Vulnerabilities and Their Fixes from Open-Source Software
  ☆312Updated last year
• MarkLee131 / PatchFinder
  [ISSTA 2024] PatchFinder: A Two-Phase Approach to Security Patch Tracing for Disclosed Vulnerabilities in Open Source Software
  ☆25Updated 3 months ago
• VulDeeLocator / VulDeeLocator
  ☆102Updated last year
• DeepSoftwareAnalytics / LibDB
  ☆36Updated 3 years ago
• baolingfeng / V-SZZ
  This is the replication package of V-SZZ, which has been accepted by ICSE2022
  ☆16Updated last month
• ymirsky / VulChecker
  A deep learning model for localizing bugs in C/C++ source code (USENIX'23)
  ☆156Updated 2 years ago
• CGCL-codes / VulTrigger
  VulTrigger is a tool to for identifying vulnerability-triggering statements across functions and investigating the effectiveness of funct…
  ☆43Updated 2 years ago
• n132 / ARVO-Meta
  ☆90Updated 2 months ago
• WSP-LAB / HiddenCPG
  HiddenCPG: Large-Scale Vulnerable Clone Detection Using Subgraph Isomorphism of Code Property Graphs
  ☆43Updated 3 years ago
• osssanitizer / osspolice
  Identifying Open-Source License Violation and 1-day Security Risk at Large Scale
  ☆67Updated 7 years ago
• PurCL / LLMSCAN
  Parsing-based Analyzer
  ☆65Updated 7 months ago