Repositories list

• instafix-llvm

  Public
  LLVM fork for INSTAFIX

  LLVM

  •

  Other

  •15k•2•0•3•Updated Jul 24, 2025Jul 24, 2025

• publications

  Public
  Publications from Trail of Bits

  conference-presentationsacademic-paperssecurity-reviews

  Python

  •

  Creative Commons Attribution Share Alike 4.0 International

  •197•1.6k•4•2•Updated Jul 24, 2025Jul 24, 2025

• vendetect

  Public
  A tool to automatically detect copy+pasted and vendored code between repositories

  program-analysisplagiarism-detectionsbom+ 1sbom-tool

  Python

  •

  GNU Affero General Public License v3.0

  •2•34•1•1•Updated Jul 24, 2025Jul 24, 2025

• rfc3161-client

  Public
  An Opinionated Python RFC3161 Client

  rfc3161timestamp-protocol

  Rust

  •

  Apache License 2.0

  •4•2•3•2•Updated Jul 24, 2025Jul 24, 2025

• cookiecutter-python

  Public
  A cookiecutter template for a best-practices Python project

  Python

  •

  Apache License 2.0

  •6•16•0•5•Updated Jul 23, 2025Jul 23, 2025

• pylock-attestations

  Public
  CLI tool to add attestation identities to `pylock.toml` files

  Python

  •

  Apache License 2.0

  •1•5•3•1•Updated Jul 23, 2025Jul 23, 2025

• exploits

  Public
  Python

  •

  Apache License 2.0

  •0•1•0•0•Updated Jul 23, 2025Jul 23, 2025

• number

  Public
  Rust

  •0•0•0•0•Updated Jul 22, 2025Jul 22, 2025

• necessist

  Public
  A mutation-based tool for finding bugs in tests

  testingmutation

  Rust

  •

  GNU Affero General Public License v3.0

  •17•120•17•2•Updated Jul 22, 2025Jul 22, 2025

• mcp-figma

  Public
  JavaScript

  •5•0•0•2•Updated Jul 22, 2025Jul 22, 2025

• vscode-sarif-explorer

  Public
  SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results

  static-analysisvscode-extensionsarif

  TypeScript

  •

  GNU General Public License v3.0

  •7•29•5•0•Updated Jul 22, 2025Jul 22, 2025

• dylint

  Public
  Run Rust lints from dynamic libraries

  rustlinting

  Rust

  •

  Apache License 2.0

  •45•481•45•9•Updated Jul 21, 2025Jul 21, 2025

• anchor-coverage

  Public
  A wrapper around `anchor test` for computing test coverage

  testingcoverageanchor+ 1solana

  Rust

  •

  GNU Affero General Public License v3.0

  •2•4•2•6•Updated Jul 21, 2025Jul 21, 2025

• cargo-unmaintained

  Public
  Find unmaintained packages in Rust projects

  rustunmaintainedpackage-management

  Rust

  •

  GNU Affero General Public License v3.0

  •13•76•9•0•Updated Jul 21, 2025Jul 21, 2025

• cargo-line-test

  Public
  Run tests by the lines they exercise

  testingrust

  Rust

  •3•7•2•2•Updated Jul 21, 2025Jul 21, 2025

• sigstore-rekor-types

  Public
  Python models for Rekor's API types

  Python

  •

  Apache License 2.0

  •2•6•1•5•Updated Jul 21, 2025Jul 21, 2025

• test-fuzz

  Public
  To make fuzzing Rust easy

  testingrustfuzzing

  Rust

  •

  GNU Affero General Public License v3.0

  •24•185•11•3•Updated Jul 20, 2025Jul 20, 2025

• semgrep-rules

  Public
  Semgrep queries developed by Trail of Bits.

  Go

  •

  GNU Affero General Public License v3.0

  •42•417•7•3•Updated Jul 17, 2025Jul 17, 2025

• sleepy-pickle-public

  Public
  AI model compromise through malicious pickle files

  Python

  •

  MIT License

  •0•0•0•3•Updated Jul 15, 2025Jul 15, 2025

• build-wrap

  Public
  Help protect against malicious build scripts

  rustsandboxingbuild-scripts

  Rust

  •

  GNU Affero General Public License v3.0

  •3•13•0•2•Updated Jul 15, 2025Jul 15, 2025

• deptective

  Public
  Deptective automatically determines the native dependencies required to run any arbitrary program or command.

  dependency-analysissbomsbom-tool

  Python

  •

  GNU Lesser General Public License v3.0

  •0•98•1•0•Updated Jul 9, 2025Jul 9, 2025

• fickling

  Public
  A Python pickling decompiler and static analyzer

  machine-learningpythonsecurity

  Python

  •

  GNU Lesser General Public License v3.0

  •57•528•16•5•Updated Jul 8, 2025Jul 8, 2025

• windows-ctl

  Public
  Rust libraries and utilities for parsing Windows Certificate Trust Lists

  cryptographyauthenticoderust

  Rust

  •

  Apache License 2.0

  •2•9•0•1•Updated Jul 7, 2025Jul 7, 2025

• codeql

  Public
  CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security

  CodeQL

  •

  MIT License

  •1.7k•0•0•2•Updated Jul 4, 2025Jul 4, 2025

• qt-multiplier

  Public archive
  Graphical user interface for Multiplier

  C++

  •

  GNU Affero General Public License v3.0

  •2•2•54•0•Updated Jul 3, 2025Jul 3, 2025

• instafix-SVF

  Public
  SVF fork for INSTAFIX

  C++

  •

  Other

  •459•1•0•0•Updated Jul 1, 2025Jul 1, 2025

• are-we-pep740-yet

  Public
  Are we PEP 740 yet?

  HTML

  •

  BSD 2-Clause "Simplified" License

  •6•9•0•0•Updated Jul 1, 2025Jul 1, 2025

• tlslib.py

  Public
  MVP for updated PEP 543 proposal

  Python

  •

  Apache License 2.0

  •0•12•1•1•Updated Jun 23, 2025Jun 23, 2025

• algo-ng

  Public
  Experimental version of Algo built on Terraform

  ipsecterraformvpn

  HCL

  •

  GNU Affero General Public License v3.0

  •18•79•0•1•Updated Jun 22, 2025Jun 22, 2025

• blight

  Public
  A framework for instrumenting build tools

  instrumentationbuild-toolbuild-system+ 2hacktoberfestcompiler-wrapper

  Python

  •

  Apache License 2.0

  •7•89•20•3•Updated Jun 20, 2025Jun 20, 2025