Dependency Combobulator
-
Updated
Jan 10, 2024 - Python
#
dependency-confusion
Here are 29 public repositories matching this topic...
Dependency Confusion Security Testing Tool
-
Updated
Jul 21, 2022 - Python
DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
-
Updated
May 22, 2026 - Go
tool for checking potential dependency confusion
-
Updated
Jul 5, 2025 - Go
A tool to investigate Dependency Confusion in Artifactory
-
Updated
May 15, 2025 - Java
Detect potential typosquatting packages across package ecosystems
-
Updated
Apr 27, 2026 - Ruby
## Auto-archived due to inactivity. ## Yorkshire is your friend, yorkshire checks Python's requirements files for a possible dependency confusion.
-
Updated
Sep 15, 2023 - Python
Python-based tool for identifying potential dependency confusion vulnerabilities in JavaScript (`package.json`) and Python (`requirements.txt`) projects
-
Updated
Nov 12, 2024 - Python
oh supply chain my supply chain — a multi-ecosystem package malware scanner for PyPI, npm, crates.io, and Go. Static analysis plus a sandbox detonation engine, with pluggable detection content (open-core; AGPL engine, Apache-2.0 signatures).
npm sandbox static-analysis pypi crates-io software-supply-chain yara typosquatting security-tools devsecops threat-intelligence malware-detection malware-scanner go-modules supply-chain-security dependency-confusion package-security
-
Updated
Jun 11, 2026 - Python
npm PoC packages
npm dependency-injection cybersecurity bug-bounty infosec bugbounty npmjs cyber-security rce-exploit dependency-confusion bug-bounty-tools
-
Updated
Mar 25, 2024 - JavaScript
Chrome extension to detect dependency confusion vulnerabilities in GitHub repositories (NPM, PyPI, Ruby)
chrome-extension npm bug-bounty security-tools supply-chain-security dependency-confusion bug-bounty-tools
-
Updated
Mar 6, 2026 - JavaScript
High-performance Go tool for detecting Dependency Confusion vulnerabilities by scanning JavaScript files and checking unclaimed packages on npm registry.
-
Updated
Mar 29, 2026 - Go
Demonstration of Dependency Confusion applied to .NET and NuGet
-
Updated
Jul 18, 2024 - C#
Simple bash dependency confusion checker (npm, python and ruby)
-
Updated
Jan 8, 2024 - Shell
Project to handle requests from malicious PoC of Dependency Confusion or Similar Name packages. Also can be used to generate those packages (gem, npm, pip).
-
Updated
Jun 22, 2024 - Python
DependencyConfusion is tool used for finding any library used by the project that might be vulnerable to dependency confusion attack.
-
Updated
Aug 23, 2022 - Go
Audit the npm packages a pull request adds or bumps, before they execute, to catch typosquat, dependency-confusion, and malicious install-hook packages that CVE scanners are structurally blind to.
cli golang npm security package-manager ci-cd software-supply-chain typosquatting devsecops malware-detection sast supply-chain-security dependency-confusion
-
Updated
Jun 8, 2026 - Go
Won 🏆 Best Technical Depth Award @ LikeLion Hackathon 2026. Agentic install-time supply-chain security for npm and PyPI. Multi-agent verdicts, local registry proxy, honest Wilson-CI benchmarks.
cli security-tool supply-chain-security dependency-scanner dependency-confusion typosquat agentic-ai npm-security shai-hulud pypi-security
-
Updated
Apr 19, 2026 - TypeScript
automatic tool for finding dependency confusion vulnerabilities
-
Updated
Mar 11, 2021 - Go
Improve this page
Add a description, image, and links to the dependency-confusion topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the dependency-confusion topic, visit your repo's landing page and select "manage topics."