Skip to content

@trailofbits Trail of Bits

Change the repository type filter

All

    Repositories list

    220 repositories

    • anchor-coverage

      Public
      A wrapper around `anchor test` for computing test coverage
      testingcoverageanchorsolana
      Rust
      GNU Affero General Public License v3.0
      2425Updated Jul 16, 2025Jul 16, 2025

    • publications

      Public
      Publications from Trail of Bits
      conference-presentationsacademic-paperssecurity-reviews
      Python
      Creative Commons Attribution Share Alike 4.0 International
      1971.6k31Updated Jul 15, 2025Jul 15, 2025

    • sleepy-pickle-public

      Public
      AI model compromise through malicious pickle files
      Python
      MIT License
      0003Updated Jul 15, 2025Jul 15, 2025

    • build-wrap

      Public
      Help protect against malicious build scripts
      rustsandboxingbuild-scripts
      Rust
      GNU Affero General Public License v3.0
      31302Updated Jul 15, 2025Jul 15, 2025

    • necessist

      Public
      A mutation-based tool for finding bugs in tests
      testingmutation
      Rust
      GNU Affero General Public License v3.0
      17120175Updated Jul 15, 2025Jul 15, 2025

    • cargo-unmaintained

      Public
      Find unmaintained packages in Rust projects
      rustunmaintainedpackage-management
      Rust
      GNU Affero General Public License v3.0
      137590Updated Jul 15, 2025Jul 15, 2025

    • dylint

      Public
      Run Rust lints from dynamic libraries
      rustlinting
      Rust
      Apache License 2.0
      45478448Updated Jul 14, 2025Jul 14, 2025

    • cargo-line-test

      Public
      Run tests by the lines they exercise
      testingrust
      Rust
      3721Updated Jul 14, 2025Jul 14, 2025

    • sigstore-rekor-types

      Public
      Python models for Rekor's API types
      Python
      Apache License 2.0
      2615Updated Jul 14, 2025Jul 14, 2025

    • instafix-llvm

      Public
      LLVM fork for INSTAFIX
      LLVM
      Other
      14k202Updated Jul 11, 2025Jul 11, 2025

    • deptective

      Public
      Deptective automatically determines the native dependencies required to run any arbitrary program or command.
      dependency-analysissbomsbom-tool
      Python
      GNU Lesser General Public License v3.0
      07710Updated Jul 9, 2025Jul 9, 2025

    • fickling

      Public
      A Python pickling decompiler and static analyzer
      machine-learningpythonsecurity
      Python
      GNU Lesser General Public License v3.0
      56525155Updated Jul 8, 2025Jul 8, 2025

    • windows-ctl

      Public
      Rust libraries and utilities for parsing Windows Certificate Trust Lists
      cryptographyauthenticoderust
      Rust
      Apache License 2.0
      2901Updated Jul 7, 2025Jul 7, 2025

    • codeql

      Public
      CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
      CodeQL
      MIT License
      1.7k002Updated Jul 4, 2025Jul 4, 2025

    • qt-multiplier

      Public archive
      Graphical user interface for Multiplier
      C++
      GNU Affero General Public License v3.0
      22540Updated Jul 3, 2025Jul 3, 2025

    • instafix-SVF

      Public
      SVF fork for INSTAFIX
      C++
      Other
      459100Updated Jul 1, 2025Jul 1, 2025

    • are-we-pep740-yet

      Public
      Are we PEP 740 yet?
      HTML
      BSD 2-Clause "Simplified" License
      6900Updated Jul 1, 2025Jul 1, 2025

    • cookiecutter-python

      Public
      A cookiecutter template for a best-practices Python project
      Python
      Apache License 2.0
      61601Updated Jul 1, 2025Jul 1, 2025

    • pylock-attestations

      Public
      CLI tool to add attestation identities to `pylock.toml` files
      Python
      Apache License 2.0
      1530Updated Jul 1, 2025Jul 1, 2025

    • test-fuzz

      Public
      To make fuzzing Rust easy
      testingrustfuzzing
      Rust
      GNU Affero General Public License v3.0
      24184113Updated Jun 26, 2025Jun 26, 2025

    • rfc3161-client

      Public
      An Opinionated Python RFC3161 Client
      rfc3161timestamp-protocol
      Rust
      Apache License 2.0
      4230Updated Jun 26, 2025Jun 26, 2025

    • tlslib.py

      Public
      MVP for updated PEP 543 proposal
      Python
      Apache License 2.0
      01211Updated Jun 23, 2025Jun 23, 2025

    • algo-ng

      Public
      Experimental version of Algo built on Terraform
      ipsecterraformvpn
      HCL
      GNU Affero General Public License v3.0
      188001Updated Jun 22, 2025Jun 22, 2025

    • blight

      Public
      A framework for instrumenting build tools
      instrumentationbuild-toolbuild-systemhacktoberfestcompiler-wrapper
      Python
      Apache License 2.0
      789203Updated Jun 20, 2025Jun 20, 2025

    • pip-plugin-pep740

      Public
      An implementation of a pip plugin that verifies PEP-740 attestations before installing a package, and aborts the installation if verification fails.
      Python
      Apache License 2.0
      0210Updated Jun 20, 2025Jun 20, 2025

    • monorepo-code-scanning-action

      Public
      Focus SAST scans (with CodeQL) on just the changed parts of your monorepo, split up as you define
      JavaScript
      MIT License
      3000Updated Jun 17, 2025Jun 17, 2025

    • irene3

      Public
      C++
      GNU Affero General Public License v3.0
      0917Updated Jun 17, 2025Jun 17, 2025

    • datasig

      Public
      Dataset fingerprinting for AIBOM
      Python
      GNU Affero General Public License v3.0
      01302Updated Jun 16, 2025Jun 16, 2025

    • checksec.rs

      Public
      Fast multi-platform (ELF/PE/MachO) binary checksec written in Rust.
      Rust
      Apache License 2.0
      13000Updated Jun 13, 2025Jun 13, 2025

    • pypi-attestations

      Public
      A library to convert between Sigstore Bundles and PEP 740 Attestation objects
      Python
      Apache License 2.0
      5961Updated Jun 12, 2025Jun 12, 2025