vuduclyunitn's Stars
SpaceVim/SpaceVim
A modular Vim/Neovim configuration
dabeaz-course/practical-python
Practical Python Programming (course by @dabeaz)
PyCQA/bandit
Bandit is a tool designed to find common security issues in Python code.
frankwxu/digital-forensics-lab
Free hands-on digital forensics labs for students and faculty
slsa-framework/slsa
Supply-chain Levels for Software Artifacts
tadwhitaker/Security_Engineer_Interview_Questions
Every Security Engineer Interview Question From Glassdoor.com
ossf/package-analysis
Open Source Package Analysis
SourceCode-AI/aura
Python source code auditing and static analysis on a large scale
diogo-fernan/malsub
A Python RESTful API framework for online malware analysis and threat intelligence services.
microsoft/OSSGadget
Collection of tools for analyzing open source packages.
Fraunhofer-AISEC/cpg
A library to extract Code Property Graphs from C/C++, Java, Go, Python, Ruby and every other language through LLVM-IR.
hugovk/top-pypi-packages
A regular dump of the most-downloaded packages from PyPI
VulDetProject/ReVeal
ossf/s2c2f
The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously improve the S2C2F guide which outlines and defines how to securely consume Open Source Software (OSS) dependencies into the developer’s workflow.
IQTLabs/software-supply-chain-compromises
A dataset of software supply chain compromises. Please help us maintain it!
osssanitizer/maloss
Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages
jordan-wright/ossmalware
nex3z/machine-learning-exercise
Python implementation of the programming assignment from Machine Learning class on Coursera, which is originally implemented in Matlab/Octave.
tuhh-softsec/vul4j
Vul4J: A Dataset of Reproducible Java Vulnerabilities
SAP/fosstars-rating-core
A framework for defining ratings for open source projects. In particular, the framework offers a security rating for open source projects that may be used to assess the security risk that comes with open source components.
vuduclyunitn/software_supply_chain_papers
This repository contains a list of papers about software supply chain
lyvd/bandit4mal
A fork of Bandit tool with patterns to identifying malicious python code.
pybraries/pybraries
Python wrapper for libraries.io API
assuremoss/lastpymile
A reimplementation of LastPyMile: A Python-based library to Identify the differences between build artifacts of PyPI packages and the respective source code repository
Ayrx/malicious-python-package
A Python package that demontrates arbitrary code execution during the install process of a Python package.
redshiftzero/reproduciblewheels
Tracking which 🎡 wheels 🎡 in the python ecosystem can be reproducibly built
squattingapp/AppCrazy
Characterizing App Squatting Attacks
jspeed-meyers/pypi-scan
Scan pypi for typosquatting
simonepirocca/py2src
Research project about the verification of factors that influence the usage of Python dependencies
Anubhav722/ssh_decorator
A python decorator for ssh access, designed with data science in mind.