🐍 🔍 GuardDog is a CLI tool to Identify malicious PyPI and npm packages
Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages 🔥
An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
Campaigns of (mostly) malicious packages - currently only in PyPI
Project Aura: Security auditing and code introspection
Add a description, image, and links to the malicious-packages topic page so that developers can more easily learn about it.
To associate your repository with the malicious-packages topic, visit your repo's landing page and select "manage topics."