Malcontent is a tool designed to detect supply-chain malware using context analysis and differential methods. It supports various file formats and programming languages, analyzing Linux programs primarily, but also works with macOS and Windows. It features three modes: analyze, diff, and scan, allowing for in-depth examination of program capabilities and risks.

This GitHub repository provides an open-source dataset of over 20,000 identified malicious software packages. It includes samples from npm, PyPI, and IDE extensions, along with tools for analysis. Users can check package versions for malicious intent and must handle the software with caution.

Microsoft Application Inspector is a tool designed to analyze software source code by identifying features based on a comprehensive set of over 400 rules and regex patterns. It aids in understanding software components for both security and non-security purposes and supports various programming languages, offering output in multiple formats. The tool is available as a command line application and NuGet package, and emphasizes community contributions for enhancing its feature detection capabilities.