Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure. Learn more →
Malicious-code-ruleset Alternatives
Similar projects and alternatives to malicious-code-ruleset
-
-
InfluxDB
InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
-
-
-
-
changed-files
:octocat: Github action to retrieve all (added, copied, modified, deleted, renamed, type changed, unmerged, unknown) files and directories.
-
harden-runner
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in real-time.
-
Stream
Stream - Scalable APIs for Chat, Feeds, Moderation, & Video. Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure.
-
vet
Next Generation Software Composition Analysis (SCA) with Malicious Package Detection, Code Context & Policy as Code
-
-
autogrep
Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of high-quality security rules without manual curation.
-
changed-files
Github action to retrieve all (added, copied, modified, deleted, renamed, type changed, unmerged, unknown) files and directories. Secure drop-in replacement for tj-actions/changed-files. (by step-security)
-
paths-filter
Conditionally run actions based on files modified by PR, feature branch or pushed commits. Secure drop-in replacement for dorny/paths-filter. (by step-security)
-
-
gh-action-pypi-publish
The blessed :octocat: GitHub Action, for publishing your :package: distribution files to PyPI, the tokenless way: https://github.com/marketplace/actions/pypi-publish
-
-
cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
-
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a better malicious-code-ruleset alternative or higher similarity.
malicious-code-ruleset discussion
malicious-code-ruleset reviews and mentions
Posts with mentions or reviews of malicious-code-ruleset.
We have used some of these posts to build our list of alternatives
and similar projects. The last one was on 2025-03-14.
-
Popular GitHub Action tj-actions/changed-files is compromised
We've recently released open-source tools that would have easily prevented this, before anything runs or added to any pipeline:
1. The maintainers could have used PRevent to immediately alert and block any PR containing malicious code, or easily configured it for detection in case of a direct push: https://github.com/apiiro/PRevent
2. Users could have used our malicious code detection ruleset to immediately detect and block it when scanning updates in all relevant CI/CD stages: https://github.com/apiiro/malicious-code-ruleset
3. For a better understanding of the detection, the malicious code falls precisely into the patterns presented in our research: https://apiiro.com/blog/guard-your-codebase-practical-steps-...
-
Tj-actions/changed-files GitHub Action Compromised – used by over 23K repos
https://github.com/apiiro/malicious-code-ruleset
3. For a better understanding of the detection, the malicious code falls precisely into the patterns presented in our research:
-
I built a PR listener and a ruleset for detecting malicious code at any stage of the CI/CD
The ruleset: https://github.com/apiiro/malicious-code-ruleset
-
Show HN: I built a PR listener and ruleset to detect malicious code in CI/CD
I built a GitHub app that detects it in pull requests, notifies or blocks them. Alongside it, I published a Semgrep ruleset for any stage of the CI/CD.
I started this after getting frustrated by all the FUD around malicious code - lots of noise, little effort to solve it. Having said that, it's still a major attack vector - a stored RCE, with the codebase itself as the sink.
Feedback is appreciated.
The app, PRevent - https://github.com/apiiro/PRevent
The ruleset: https://github.com/apiiro/malicious-code-ruleset
The research: https://apiiro.com/blog/guard-your-codebase-practical-steps-...
-
A note from our sponsor - Stream
getstream.io | 11 Jul 2025
Stats
Basic malicious-code-ruleset repo stats
4
122
7.8
5 months ago
apiiro/malicious-code-ruleset is an open source project licensed under MIT License which is an OSI approved license.
The primary programming language of malicious-code-ruleset is Python.
Popular Comparisons
- malicious-code-ruleset VS PRevent
- malicious-code-ruleset VS autogrep
- malicious-code-ruleset VS introspector
- malicious-code-ruleset VS paths-filter
- malicious-code-ruleset VS changed-files
- malicious-code-ruleset VS cicd-goat
- malicious-code-ruleset VS faraday
- malicious-code-ruleset VS apooxml
- malicious-code-ruleset VS agentkit
- malicious-code-ruleset VS packj
Sponsored
InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com