Repositories list

• test-fuzz

  Public
  To make fuzzing Rust easy

  testingrustfuzzing

  Rust

  •

  GNU Affero General Public License v3.0

  •24•190•10•4•Updated Oct 16, 2025Oct 16, 2025

• anchor-coverage

  Public
  A wrapper around `anchor test` for computing test coverage

  testingcoverageanchor+ 1solana

  Rust

  •

  GNU Affero General Public License v3.0

  •3•11•5•4•Updated Oct 16, 2025Oct 16, 2025

• instafix-llvm

  Public
  LLVM fork for INSTAFIX

  LLVM

  •

  Other

  •15k•3•0•7•Updated Oct 14, 2025Oct 14, 2025

• necessist

  Public
  A mutation-based tool for finding bugs in tests

  testingmutation

  Rust

  •

  GNU Affero General Public License v3.0

  •18•125•17•2•Updated Oct 14, 2025Oct 14, 2025

• pypi-attestations

  Public
  A library to convert between Sigstore Bundles and PEP 740 Attestation objects

  Python

  •

  Apache License 2.0

  •7•11•7•3•Updated Oct 14, 2025Oct 14, 2025

• build-wrap

  Public
  Help protect against malicious build scripts

  rustsandboxingbuild-scripts

  Rust

  •

  GNU Affero General Public License v3.0

  •4•16•2•0•Updated Oct 14, 2025Oct 14, 2025

• pylock-attestations

  Public
  CLI tool to add attestation identities to `pylock.toml` files

  Python

  •

  Apache License 2.0

  •1•5•3•0•Updated Oct 14, 2025Oct 14, 2025

• cookiecutter-python

  Public
  A cookiecutter template for a best-practices Python project

  Python

  •

  Apache License 2.0

  •6•20•0•1•Updated Oct 14, 2025Oct 14, 2025

• go-panikint

  Public
  It's the Go compiler, but it panics on arithmetic and truncation issues.

  gogolangarithmetic+ 2fuzzingtruncation

  Go

  •

  BSD 3-Clause "New" or "Revised" License

  •18k•5•1•0•Updated Oct 14, 2025Oct 14, 2025

• manticore

  Public
  Symbolic execution tool

  pythontestingsecurity+ 8emulationethereumblockchainsymbolic-executionz3binary-analysisprogram-analysis+ 1

  Python

  •

  GNU Affero General Public License v3.0

  •485•3.8k•262•25•Updated Oct 14, 2025Oct 14, 2025

• graphtage

  Public
  A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.

  pythondiffutility+ 5librarygraph-algorithmscommand-line-toolhacktoberfesthacktoberfest2021

  Python

  •

  GNU Lesser General Public License v3.0

  •50•2.4k•21•6•Updated Oct 13, 2025Oct 13, 2025

• cast_checks

  Public
  A procedural macro to check for invalid casts

  rustcasts

  Rust

  •

  Apache License 2.0

  •3•9•0•1•Updated Oct 13, 2025Oct 13, 2025

• rfc3161-client

  Public
  An Opinionated Python RFC3161 Client

  rfc3161timestamp-protocol

  Rust

  •

  Apache License 2.0

  •4•2•2•0•Updated Oct 13, 2025Oct 13, 2025

• cargo-unmaintained

  Public
  Find unmaintained packages in Rust projects

  rustunmaintainedpackage-management

  Rust

  •

  GNU Affero General Public License v3.0

  •13•80•12•5•Updated Oct 13, 2025Oct 13, 2025

• cargo-line-test

  Public
  Run tests by the lines they exercise

  testingrust

  Rust

  •3•7•2•1•Updated Oct 13, 2025Oct 13, 2025

• dylint

  Public
  Run Rust lints from dynamic libraries

  rustlinting

  Rust

  •

  Apache License 2.0

  •46•508•41•7•Updated Oct 13, 2025Oct 13, 2025

• elaborate

  Public
  Wrappers for standard library functions and types to produce more elaborate error messages

  rusterror-messages

  Rust

  •1•3•1•1•Updated Oct 13, 2025Oct 13, 2025

• fickling

  Public
  A Python pickling decompiler and static analyzer

  pythonsecuritymachine-learning

  Python

  •

  GNU Lesser General Public License v3.0

  •61•564•13•5•Updated Oct 13, 2025Oct 13, 2025

• pajaMAS

  Public
  Multi-agent system (MAS) hijacking demos

  multi-agent-systemsai-agentsai-security

  Python

  •

  Apache License 2.0

  •3•36•2•1•Updated Oct 10, 2025Oct 10, 2025

• ml-dsa

  Public
  FIPS-204 (ML-DSA) implementation in Go

  Go

  •

  BSD 3-Clause "New" or "Revised" License

  •0•4•0•1•Updated Oct 9, 2025Oct 9, 2025

• go-slh-dsa

  Public
  FIPS-205 / SLH-DSA (Stateless Hash-Based Digital Signature Algorithm)

  Go

  •

  BSD 3-Clause "New" or "Revised" License

  •0•0•0•0•Updated Oct 9, 2025Oct 9, 2025

• it-depends

  Public
  A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

  dependency-analysisdependency-graphhacktoberfest+ 5vulnerability-scannersbomhacktoberfest2021sbom-generatorsbom-tool

  Python

  •

  GNU Lesser General Public License v3.0

  •20•372•22•0•Updated Oct 9, 2025Oct 9, 2025

• pip-plugin-pep740

  Public
  An implementation of a pip plugin that verifies PEP-740 attestations before installing a package, and aborts the installation if verification fails.

  Python

  •

  Apache License 2.0

  •0•2•1•1•Updated Oct 9, 2025Oct 9, 2025

• gh-action-adapt-sigstore-pypi

  Public
  Python

  •

  Apache License 2.0

  •0•1•0•2•Updated Oct 8, 2025Oct 8, 2025

• algo

  Public
  Set up a personal VPN in the cloud

  securityansibleencryption+ 8ipsecvpnvpn-servervpn-clientikev2strongswanssh-tunnel+ 1

  Python

  •

  GNU Affero General Public License v3.0

  •2.4k•30k•79•3•Updated Oct 8, 2025Oct 8, 2025

• buttercup

  Public
  Buttercup finds and patches software vulnerabilities

  Python

  •

  GNU Affero General Public License v3.0

  •135•1.3k•44•5•Updated Oct 8, 2025Oct 8, 2025

• publications

  Public
  Publications from Trail of Bits

  conference-presentationsacademic-paperssecurity-reviews

  Python

  •

  Creative Commons Attribution Share Alike 4.0 International

  •204•1.7k•7•5•Updated Oct 6, 2025Oct 6, 2025

• testing-handbook

  Public
  Trail of Bits Testing Handbook

  Rust

  •

  Creative Commons Attribution 4.0 International

  •14•82•16•5•Updated Oct 6, 2025Oct 6, 2025

• tlslib.py

  Public
  MVP for updated PEP 543 proposal

  Python

  •

  Apache License 2.0

  •1•13•6•0•Updated Oct 6, 2025Oct 6, 2025

• multiplier

  Public
  Code auditing productivity multiplier.

  analysisauditclang+ 1mlir

  C++

  •

  Apache License 2.0

  •29•465•115•2•Updated Oct 6, 2025Oct 6, 2025