Trail of Bits

Top repositories by stars

• trailofbits/algo

  Set up a personal VPN in the cloud

  Python30,341
• trailofbits/manticore

  Symbolic execution tool

  Python3,832
• trailofbits/skills

  Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

  Python2,771
• trailofbits/graphtage

  A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.

  Python2,460
• trailofbits/publications

  Publications from Trail of Bits

  Python1,764
• trailofbits/buttercup

  Buttercup finds and patches software vulnerabilities

  Python1,493
• trailofbits/ctf

  CTF Field Guide

  C1,414
• trailofbits/anamorpher

  image scaling attacks for multi-modal prompt injection

  Python1,033
• trailofbits/claude-code-config

  Opinionated defaults, documentation, and workflows for Claude Code at Trail of Bits

  Shell1,018
• trailofbits/pe-parse

  Principled, lightweight C/C++ PE parser

  C++888
• trailofbits/deepstate

  A unit test-like interface for fuzzing and symbolic execution

  Python851
• trailofbits/eth-security-toolbox

  A Docker container preconfigured with all of the Trail of Bits Ethereum security tools.

  Dockerfile728
• trailofbits/onesixtyone

  Fast SNMP Scanner

  C679
• trailofbits/maat

  Open-source symbolic execution framework: https://maat.re

  C++648
• trailofbits/winchecksec

  Checksec, but for Windows: static detection of security mitigations in executables

  C++607
• trailofbits/fickling

  A Python pickling decompiler and static analyzer

  Python601
• trailofbits/twa

  A tiny web auditor with strong opinions.

  Shell592
• trailofbits/polytracker

  An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.

  C++588
• trailofbits/dylint

  Run Rust lints from dynamic libraries

  Rust536
• trailofbits/cb-multios

  DARPA Challenges Sets for Linux, Windows, and macOS

  C536
• trailofbits/semgrep-rules

  Semgrep queries developed by Trail of Bits.

  Go476
• trailofbits/multiplier

  Code auditing productivity multiplier.

  C++465
• trailofbits/vast

  VAST is an experimental compiler pipeline designed for program analysis of C and C++. It provides a tower of IRs as MLIR dialects to choose the best fit representations for a program analysis or further program abstraction.

  C++434
• trailofbits/it-depends

  A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

  Python383
• trailofbits/claude-code-devcontainer

  Sandboxed devcontainer for running Claude Code in bypass mode safely. Built for security audits and untrusted code review.

  Shell381
• trailofbits/polyfile

  A pure Python cleanroom implementation of libmagic, with instrumented parsing from Kaitai struct and an interactive hex viewer

  Python381
• trailofbits/krf

  A kernelspace syscall interceptor and randomized faulter

  C359
• trailofbits/tubertc

  Peer-to-Peer Video Chat for Corporate LANs

  JavaScript356
• trailofbits/RpcInvestigator

  Exploring RPC interfaces on Windows

  C#345
• trailofbits/sinter

  A user-mode application authorization system for MacOS written in Swift

  Swift301
• trailofbits/SecureEnclaveCrypto

  Demonstration library for using the Secure Enclave on iOS

  Swift286
• trailofbits/protofuzz

  Google Protocol Buffers message generator

  Python283
• trailofbits/osquery-extensions

  osquery extensions by Trail of Bits

  C269
• trailofbits/mishegos

  A differential fuzzer for x86 decoders

  C++261
• trailofbits/circomspect

  A static analyzer and linter for the Circom zero-knowledge DSL

  Rust260
• trailofbits/binjascripts

  Scripts for Binary Ninja

  Python258
• trailofbits/constexpr-everything

  Rewrite C++ code to automatically apply `constexpr` where possible

  C++246
• trailofbits/vscode-weaudit

  Create code bookmarks and code highlights with a click.

  TypeScript229
• trailofbits/audit-kubernetes

  k8s audit repo

  Go229
• trailofbits/siderophile

  Find the ideal fuzz targets in a Rust codebase

  Rust224
• trailofbits/mcp-context-protector

  MCP security wrapper

  Python211
• trailofbits/PrivacyRaven

  Privacy Testing for Deep Learning

  Python211
• trailofbits/llvm-sanitizer-tutorial

  An LLVM sanitizer tutorial

  C++204
• trailofbits/test-fuzz

  To make fuzzing Rust easy

  Rust197
• trailofbits/flying-sandbox-monster

  Sandboxed, Rust-based, Windows Defender Client

  Rust180
• trailofbits/not-going-anywhere

  A set of vulnerable Golang programs

  Go179
• trailofbits/zkdocs

  Interactive documentation on zero-knowledge proof systems and related primitives.

  HTML172
• trailofbits/BTIGhidra

  Binary Type Inference Ghidra Plugin

  Java168
• trailofbits/uthenticode

  A cross-platform library for verifying Authenticode signatures

  C++163
• trailofbits/awesome-ml-security

  159
• trailofbits/AppJailLauncher

  CTF Challenge Framework for Windows 8 and above

  C++156
• trailofbits/binrec-tob

  BinRec: Dynamic Binary Lifting and Recompilation

  C++149
• trailofbits/codeql-queries

  CodeQL queries developed by Trail of Bits

  CodeQL146
• trailofbits/ctf-challenges

  CTF Challenges

  Solidity139
• trailofbits/necessist

  A mutation-based tool for finding bugs in tests

  Rust135
• trailofbits/pasta

  Peter's Amazing Syntax Tree Analyzer

  C++133
• trailofbits/skills-curated

  Curated, community-vetted Claude Code plugin marketplace

  Python132
• trailofbits/sienna-locomotive

  A user-friendly fuzzing and crash triage tool for Windows

  C++132
• trailofbits/Honeybee

  An experimental high performance, fuzzing oriented Intel Processor Trace capture and analysis suite

  C131
• trailofbits/ObjCGraphView

  A graph view plugin for Binary Ninja to visualize Objective-C

  Python131
• trailofbits/deptective

  Deptective automatically determines the native dependencies required to run any arbitrary program or command.

  Python128
• trailofbits/ebpfpub

  ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.

  C++119
• trailofbits/sqlite_wrapper

  An easy-to-use, extensible and lightweight C++17 wrapper for SQLite

  C++118
• trailofbits/ruzzy

  A coverage-guided fuzzer for pure Ruby code and Ruby C extensions

  Ruby112
• trailofbits/appjaillauncher-rs

  AppJailLauncher in Rust

  Rust108
• trailofbits/ebpfault

  A BPF-based syscall fault injector

  C++106
• trailofbits/clang-cfi-showcase

  Sample programs that illustrate how to use control flow integrity with the clang compiler

  C++106
• trailofbits/ios-integrity-validator

  Integrity validator for iOS devices

  Shell100
• trailofbits/afc-buttercup

  Buttercup CRS as submitted to the AIxCC Final Competition

  Python97
• trailofbits/on-edge

  A library for detecting certain improper uses of the "Defer, Panic, and Recover" pattern in Go programs

  Go97
• trailofbits/testing-handbook

  Trail of Bits Testing Handbook - appsec.guide

  Rust92
• trailofbits/blight

  A framework for instrumenting build tools

  Python90
• trailofbits/cargo-unmaintained

  Find unmaintained packages in Rust projects

  Rust85
• trailofbits/algo-ng

  Experimental version of Algo built on Terraform

  HCL81
• trailofbits/ManticoreUI

  The Manticore User Interface with plugins for Binary Ninja and Ghidra

  Python75
• trailofbits/vendetect

  A tool to automatically detect copy+pasted and vendored code between repositories

  Python74
• trailofbits/slither-mcp

  MCP server for Slither static analysis of Solidity smart contracts

  Python73
• trailofbits/LeftoverLocalsRelease

  The public release of LeftoverLocals code

  C++72
• trailofbits/Codex-Decompiler

  Python70
• trailofbits/bisc

  Borrowed Instructions Synthetic Computation

  Ruby70
• trailofbits/differ

  Detecting Inconsistencies in Feature or Function Evaluations of Requirements

  Python68
• trailofbits/manticore-examples

  Example Manticore scripts

  Python68
• trailofbits/ml-file-formats

  List of ML file formats

  66
• trailofbits/dropkit

  A CLI tool for managing DigitalOcean droplets with automated setup, SSH configuration, and lifecycle management.

  Python62
• trailofbits/reverie

  An efficient and generalized implementation of the IKOS-style KKW proof system (https://eprint.iacr.org/2018/475) for arbitrary rings.

  Rust61
• trailofbits/deceptiveidn

  Use computer vision to determine if an IDN can be interpreted as something it's not

  Python61
• trailofbits/magnifier

  C++59
• trailofbits/HVCI-loldrivers-check

  PowerShell57
• trailofbits/nyc-infosec

  Mapping the NYC Infosec Community

  CSS57
• trailofbits/eatmynetwork

  A small script for running programs with (minimal) network sandboxing

  Shell54
• trailofbits/sixtyfour

  How fast can we brute force a 64-bit comparison?

  C54
• trailofbits/tsc_freq_khz

  Linux kernel driver to export the TSC frequency via sysfs

  C54
• trailofbits/cfg-showcase

  Sample programs that illustrate how to use Control Flow Guard, VS2015's control flow integrity implementation

  C++53
• trailofbits/DomTreSat

  Dominator Tree LLVM Pass to Test Satisfiability

  C++46
• trailofbits/vscode-sarif-explorer

  SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results

  TypeScript45
• trailofbits/macroni

  C and C++ compiler frontend using PASTA to parse code, and VAST to represent the code as MLIR.

  C43
• trailofbits/indurative

  Easily create authenticated data structures

  Haskell43
• trailofbits/go-panikint

  It's the Go compiler, but it panics on arithmetic and truncation issues.

  Go42
• trailofbits/pajaMAS

  Multi-agent system (MAS) hijacking demos

  Python41
• trailofbits/osquery

  SQL powered operating system instrumentation, monitoring, and analytics.

  C++41