Damn Vulnerable SCA Application
An inter-package analysis techinque for supply chain protection, that combines three analyses to identify malicious packages with high precision and high recall
This repo contains the technology stack and its usage for software supply chain security of a Java application
Workshop about securing the supply chain for Java applications.
Submits a build artifact to SignPath Code Integrity Platform for build integrity check and code signing.
BugFu, a tool to bugfuscate programs
Java-Class-Hijack: Software Supply Chain Attack for Java based on Maven Dependency Resolution and Java Classloading
Add a description, image, and links to the supply-chain-security topic page so that developers can more easily learn about it.
To associate your repository with the supply-chain-security topic, visit your repo's landing page and select "manage topics."