• Stars
    star
    1,511
  • Rank 31,023 (Top 0.7 %)
  • Language
    C++
  • License
    Apache License 2.0
  • Created almost 9 years ago
  • Updated 7 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Fast strong hash functions: SipHash/HighwayHash

Strong (well-distributed and unpredictable) hashes:

Quick Start

To build on a Linux or Mac platform, simply run make. For Windows, we provide a Visual Studio 2015 project in the msvc subdirectory.

Run benchmark for speed measurements. sip_hash_test and highwayhash_test ensure the implementations return known-good values for a given set of inputs.

64-bit SipHash for any CPU:

    #include "highwayhash/sip_hash.h"
    using namespace highwayhash;
    HH_ALIGNAS(16) const HH_U64 key2[2] = {1234, 5678};
    char in[8] = {1};
    return SipHash(key2, in, 8);

64, 128 or 256 bit HighwayHash for the CPU determined by compiler flags:

    #include "highwayhash/highwayhash.h"
    using namespace highwayhash;
    HH_ALIGNAS(32) const HHKey key = {1, 2, 3, 4};
    char in[8] = {1};
    HHResult64 result;  // or HHResult128 or HHResult256
    HHStateT<HH_TARGET> state(key);
    HighwayHashT(&state, in, 8, &result);

64, 128 or 256 bit HighwayHash for the CPU on which we're currently running:

    #include "highwayhash/highwayhash_target.h"
    #include "highwayhash/instruction_sets.h"
    using namespace highwayhash;
    HH_ALIGNAS(32) const HHKey key = {1, 2, 3, 4};
    char in[8] = {1};
    HHResult64 result;  // or HHResult128 or HHResult256
    InstructionSets::Run<HighwayHash>(key, in, 8, &result);

C-callable 64-bit HighwayHash for the CPU on which we're currently running:

#include "highwayhash/c_bindings.h"
const uint64_t key[4] = {1, 2, 3, 4};
char in[8] = {1};
return HighwayHash64(key, in, 8);

Printing a 256-bit result in a hexadecimal format similar to sha1sum:

HHResult256 result;
printf("%016"PRIx64"%016"PRIx64"%016"PRIx64"%016"PRIx64"\n",
     result[3], result[2], result[1], result[0]);

Introduction

Hash functions are widely used, so it is desirable to increase their speed and security. This package provides two 'strong' (well-distributed and unpredictable) hash functions: a faster version of SipHash, and an even faster algorithm we call HighwayHash.

SipHash is a fast but 'cryptographically strong' pseudo-random function by Aumasson and Bernstein [https://www.131002.net/siphash/siphash.pdf].

HighwayHash is a new way of mixing inputs which may inspire new cryptographically strong hashes. Large inputs are processed at a rate of 0.24 cycles per byte, and latency remains low even for small inputs. HighwayHash is faster than SipHash for all input sizes, with 5 times higher throughput at 1 KiB. We discuss design choices and provide statistical analysis and preliminary cryptanalysis in https://arxiv.org/abs/1612.06257.

Applications

Unlike prior strong hashes, these functions are fast enough to be recommended as safer replacements for weak hashes in many applications. The additional CPU cost appears affordable, based on profiling data indicating C++ hash functions account for less than 0.25% of CPU usage.

Hash-based selection of random subsets is useful for A/B experiments and similar applications. Such random generators are idempotent (repeatable and deterministic), which is helpful for parallel algorithms and testing. To avoid bias, it is important that the hash function be unpredictable and indistinguishable from a uniform random generator. We have verified the bit distribution and avalanche properties of SipHash and HighwayHash.

64-bit hashes are also useful for authenticating short-lived messages such as network/RPC packets. This requires that the hash function withstand differential, length extension and other attacks. We have published a formal security analysis for HighwayHash. New cryptanalysis tools may still need to be developed for further analysis.

Strong hashes are also important parts of methods for protecting hash tables against unacceptable worst-case behavior and denial of service attacks (see "hash flooding" below).

128 and 256-bit hashes can be useful for verifying data integrity (checksums).

SipHash

Our SipHash implementation is a fast and portable drop-in replacement for the reference C code. Outputs are identical for the given test cases (messages between 0 and 63 bytes).

Interestingly, it is about twice as fast as a SIMD implementation using SSE4.1 (https://goo.gl/80GBSD). This is presumably due to the lack of SIMD bit rotate instructions prior to AVX-512.

SipHash13 is a faster but weaker variant with one mixing round per update and three during finalization.

We also provide a data-parallel 'tree hash' variant that enables efficient SIMD while retaining safety guarantees. This is about twice as fast as SipHash, but does not return the same results.

HighwayHash

We have devised a new way of mixing inputs with SIMD multiply and permute instructions. The multiplications are 32x32 -> 64 bits and therefore infeasible to reverse. Permuting equalizes the distribution of the resulting bytes.

The internal state is quite large (1024 bits) but fits within SIMD registers. Due to limitations of the AVX2 instruction set, the registers are partitioned into two 512-bit halves that remain independent until the reduce phase. The algorithm outputs 64 bit digests or up to 256 bits at no extra cost.

In addition to high throughput, the algorithm is designed for low finalization cost. The result is more than twice as fast as SipTreeHash.

We also provide an SSE4.1 version (80% as fast for large inputs and 95% as fast for short inputs), an implementation for VSX on POWER and a portable version (10% as fast). A third-party ARM implementation is referenced below.

Statistical analyses and preliminary cryptanalysis are given in https://arxiv.org/abs/1612.06257.

Versioning and stability

Now that 21 months have elapsed since their initial release, we have declared all (64/128/256 bit) variants of HighwayHash frozen, i.e. unchanging forever.

SipHash and HighwayHash are 'fingerprint functions' whose input -> hash mapping will not change. This is important for applications that write hashes to persistent storage.

Speed measurements

To measure the CPU cost of a hash function, we can either create an artificial 'microbenchmark' (easier to control, but probably not representative of the actual runtime), or insert instrumentation directly into an application (risks influencing the results through observer overhead). We provide novel variants of both approaches that mitigate their respective disadvantages.

profiler.h uses software write-combining to stream program traces to memory with minimal overhead. These can be analyzed offline, or when memory is full, to learn how much time was spent in each (possibly nested) zone.

nanobenchmark.h enables cycle-accurate measurements of very short functions. It uses CPU fences and robust statistics to minimize variability, and also avoids unrealistic branch prediction effects.

We compile the 64-bit C++ implementations with a patched GCC 4.9 and run on a single idle core of a Xeon E5-2690 v3 clocked at 2.6 GHz. CPU cost is measured as cycles per byte for various input sizes:

Algorithm 8 31 32 63 64 1024
HighwayHashAVX2 7.34 1.81 1.71 1.04 0.95 0.24
HighwayHashSSE41 8.00 2.11 1.75 1.13 0.96 0.30
SipTreeHash 16.51 4.57 4.09 2.22 2.29 0.57
SipTreeHash13 12.33 3.47 3.06 1.68 1.63 0.33
SipHash 8.13 2.58 2.73 1.87 1.93 1.26
SipHash13 6.96 2.09 2.12 1.32 1.33 0.68

SipTreeHash is slower than SipHash for small inputs because it processes blocks of 32 bytes. AVX2 and SSE4.1 HighwayHash are faster than SipHash for all input sizes due to their highly optimized handling of partial vectors.

Note that previous measurements included the initialization of their input, which dramatically increased timings especially for small inputs.

CPU requirements

SipTreeHash(13) requires an AVX2-capable CPU (e.g. Haswell). HighwayHash includes a dispatcher that chooses the implementation (AVX2, SSE4.1, VSX or portable) at runtime, as well as a directly callable function template that can only run on the CPU for which it was built. SipHash(13) and ScalarSipTreeHash(13) have no particular CPU requirements.

AVX2 vs SSE4

When both AVX2 and SSE4 are available, the decision whether to use AVX2 is non-obvious. AVX2 vectors are twice as wide, but require a higher power license (integer multiplications count as 'heavy' instructions) and can thus reduce the clock frequency of the core or entire socket(!) on Haswell systems. This partially explains the observed 1.25x (not 2x) speedup over SSE4. Moreover, it is inadvisable to only sporadically use AVX2 instructions because there is also a ~56K cycle warmup period during which AVX2 operations are slower, and Haswell can even stall during this period. Thus, we recommend avoiding AVX2 for infrequent hashing if the rest of the application is also not using AVX2. For any input larger than 1 MiB, it is probably worthwhile to enable AVX2.

SIMD implementations

Our x86 implementations use custom vector classes with overloaded operators (e.g. const V4x64U a = b + c) for type-safety and improved readability vs. compiler intrinsics (e.g. const __m256i a = _mm256_add_epi64(b, c)). The VSX implementation uses built-in vector types alongside Altivec intrinsics. A high-performance third-party ARM implementation is mentioned below.

Dispatch

Our instruction_sets dispatcher avoids running newer instructions on older CPUs that do not support them. However, intrinsics, and therefore also any vector classes that use them, require (on GCC < 4.9 or Clang < 3.9) a compiler flag that also allows the compiler to generate code for that CPU. This means the intrinsics must be placed in separate translation units that are compiled with the required flags. It is important that these source files and their headers not define any inline functions, because that might break the one definition rule and cause crashes.

To minimize dispatch overhead when hashes are computed often (e.g. in a loop), we can inline the hash function into its caller using templates. The dispatch overhead will only be paid once (e.g. before the loop). The template mechanism also avoids duplicating code in each CPU-specific implementation.

Defending against hash flooding

To mitigate hash flooding attacks, we need to take both the hash function and the data structure into account.

We wish to defend (web) services that utilize hash sets/maps against denial-of-service attacks. Such data structures assign attacker-controlled input messages m to a hash table bin b by computing the hash H(s, m) using a hash function H seeded by s, and mapping it to a bin with some narrowing function b = R(h), discussed below.

Attackers may attempt to trigger 'flooding' (excessive work in insertions or lookups) by finding multiple m that map to the same bin. If the attacker has local access, they can do far worse, so we assume the attacker can only issue remote requests. If the attacker is able to send large numbers of requests, they can already deny service, so we need only ensure the attacker's cost is sufficiently large compared to the service's provisioning.

If the hash function is 'weak', attackers can easily generate 'hash collisions' (inputs mapping to the same hash values) that are independent of the seed. In other words, certain input messages will cause collisions regardless of the seed value. The author of SipHash has published C++ programs to generate such 'universal (key-independent) multicollisions' for CityHash and Murmur. Similar 'differential' attacks are likely possible for any hash function consisting only of reversible operations (e.g. addition/multiplication/rotation) with a constant operand. n requests with such inputs cause n^2 work for an unprotected hash table, which is unacceptable.

By contrast, 'strong' hashes such as SipHash or HighwayHash require infeasible attacker effort to find a hash collision (an expected 2^32 guesses of m per the birthday paradox) or recover the seed (2^63 requests). These security claims assume the seed is secret. It is reasonable to suppose s is initially unknown to attackers, e.g. generated on startup or even per-connection. A timing attack by Wool/Bar-Yosef recovers 13-bit seeds by testing all 8K possibilities using millions of requests, which takes several days (even assuming unrealistic 150 us round-trip times). It appears infeasible to recover 64-bit seeds in this way.

However, attackers are only looking for multiple m mapping to the same bin rather than identical hash values. We assume they know or are able to discover the hash table size p. It is common to choose p = 2^i to enable an efficient R(h) := h & (p - 1), which simply retains the lower hash bits. It may be easier for attackers to compute partial collisions where only the lower i bits match. This can be prevented by choosing a prime p so that R(h) := h % p incorporates all hash bits. The costly modulo operation can be avoided by multiplying with the inverse (https://goo.gl/l7ASm8). An interesting alternative suggested by Kyoung Jae Seo chooses a random subset of the h bits. Such an R function can be computed in just 3 cycles using PEXT from the BMI2 instruction set. This is expected to defend against SAT-solver attacks on the hash bits at a slightly lower cost than the multiplicative inverse method, and still allows power-of-two table sizes.

Summary thus far: given a strong hash function and secret seed, it appears infeasible for attackers to generate hash collisions because s and/or R are unknown. However, they can still observe the timings of data structure operations for various m. With typical table sizes of 2^10 to 2^17 entries, attackers can detect some 'bin collisions' (inputs mapping to the same bin). Although this will be costly for the attacker, they can then send many instances of such inputs, so we need to limit the resulting work for our data structure.

Hash tables with separate chaining typically store bin entries in a linked list, so worst-case inputs lead to unacceptable linear-time lookup cost. We instead seek optimal asymptotic worst-case complexity for each operation (insertion, deletion and lookups), which is a constant factor times the logarithm of the data structure size. This naturally leads to a tree-like data structure for each bin. The Java8 HashMap only replaces its linked list with trees when needed. This leads to additional cost and complexity for deciding whether a bin is a list or tree.

Our first proposal (suggested by Github user funny-falcon) avoids this overhead by always storing one tree per bin. It may also be worthwhile to store the first entry directly in the bin, which avoids allocating any tree nodes in the common case where bins are sparsely populated. What kind of tree should be used?

Given SipHash and HighwayHash provide high quality randomness, depending on expecting attack surface simple non-balancing binary search tree could perform reasonably well. Wikipedia says

After a long intermixed sequence of random insertion and deletion, the expected height of the tree approaches square root of the number of keys, √n, which grows much faster than log n.

While O(√n) is much larger than O(log n), it is still much smaller than O(n). And it will certainly complicate the timing attack, since the time of operation on collisioned bin will grow slower.

If stronger safety guarantees are needed, then a balanced tree should be used. Scapegoat and splay trees only offer amortized complexity guarantees, whereas treaps require an entropy source and have higher constant factors in practice. Self-balancing structures such as 2-3 or red-black trees require additional bookkeeping information. We can hope to reduce rebalancing cost by realizing that the output bits of strong H functions are uniformly distributed. When using them as keys instead of the original message m, recent relaxed balancing schemes such as left-leaning red-black or weak AVL trees may require fewer tree rotations to maintain their invariants. Note that H already determines the bin, so we should only use the remaining bits. 64-bit hashes are likely sufficient for this purpose, and HighwayHash generates up to 256 bits. It seems unlikely that attackers can craft inputs resulting in worst cases for both the bin index and tree key without being able to generate hash collisions, which would contradict the security claims of strong hashes. Even if they succeed, the relaxed tree balancing still guarantees an upper bound on height and therefore the worst-case operation cost. For the AVL variant, the constant factors are slightly lower than for red-black trees.

The second proposed approach uses augmented/de-amortized cuckoo hash tables (https://goo.gl/PFwwkx). These guarantee worst-case log n bounds for all operations, but only if the hash function is 'indistinguishable from random' (uniformly distributed regardless of the input distribution), which is claimed for SipHash and HighwayHash but certainly not for weak hashes.

Both alternatives retain good average case performance and defend against flooding by limiting the amount of extra work an attacker can cause. The first approach guarantees an upper bound of log n additional work even if the hash function is compromised.

In summary, a strong hash function is not, by itself, sufficient to protect a chained hash table from flooding attacks. However, strong hash functions are important parts of two schemes for preventing denial of service. Using weak hash functions can slightly accelerate the best-case and average-case performance of a service, but at the risk of greatly reduced attack costs and worst-case performance.

Third-party implementations / bindings

Thanks to Damian Gryski and Frank Wessels for making us aware of these third-party implementations or bindings. Please feel free to get in touch or raise an issue and we'll add yours as well.

By Language URL
Damian Gryski Go and x64 assembly https://github.com/dgryski/go-highway/
Simon Abdullah NPM package https://www.npmjs.com/package/highwayhash-nodejs
Lovell Fuller node.js bindings https://github.com/lovell/highwayhash
Andreas Sonnleitner WebAssembly and NPM package https://www.npmjs.com/package/highwayhash-wasm
Nick Babcock Rust port https://github.com/nickbabcock/highway-rs
Caleb Zulawski Rust portable SIMD https://github.com/calebzulawski/autobahn-hash
Vinzent Steinberg Rust bindings https://github.com/vks/highwayhash-rs
Frank Wessels & Andreas Auernhammer Go and ARM assembly https://github.com/minio/highwayhash
Phil Demetriou Python 3 bindings https://github.com/kpdemetriou/highwayhash-cffi
Jonathan Beard C++20 constexpr https://gist.github.com/jonathan-beard/632017faa1d9d1936eb5948ac9186657
James Cook Ruby bindings https://github.com/jamescook/highwayhash
John Platts C++17 Google Highway port https://github.com/johnplatts/simdhwyhash

Modules

Hashes

  • c_bindings.h declares C-callable versions of SipHash/HighwayHash.
  • sip_hash.cc is the compatible implementation of SipHash, and also provides the final reduction for sip_tree_hash.
  • sip_tree_hash.cc is the faster but incompatible SIMD j-lanes tree hash.
  • scalar_sip_tree_hash.cc is a non-SIMD version.
  • state_helpers.h simplifies the implementation of the SipHash variants.
  • highwayhash.h is our new, fast hash function.
  • hh_{avx2,sse41,vsx,portable}.h are its various implementations.
  • highwayhash_target.h chooses the best available implementation at runtime.

Infrastructure

  • arch_specific.h offers byte swapping and CPUID detection.
  • compiler_specific.h defines some compiler-dependent language extensions.
  • data_parallel.h provides a C++11 ThreadPool and PerThread (similar to OpenMP).
  • instruction_sets.h and targets.h enable efficient CPU-specific dispatching.
  • nanobenchmark.h measures elapsed times with < 1 cycle variability.
  • os_specific.h sets thread affinity and priority for benchmarking.
  • profiler.h is a low-overhead, deterministic hierarchical profiler.
  • tsc_timer.h obtains high-resolution timestamps without CPU reordering.
  • vector256.h and vector128.h contain wrapper classes for AVX2 and SSE4.1.

By Jan Wassenberg [email protected] and Jyrki Alakuijala [email protected], updated 2023-03-29

This is not an official Google product.

More Repositories

1

material-design-icons

Material Design icons by Google (Material Symbols)
50,560
star
2

guava

Google core libraries for Java
Java
48,313
star
3

zx

A tool for writing better scripts
JavaScript
42,760
star
4

styleguide

Style guides for Google-originated open-source projects
HTML
37,420
star
5

leveldb

LevelDB is a fast key-value storage library written at Google that provides an ordered mapping from string keys to string values.
C++
36,205
star
6

googletest

GoogleTest - Google Testing and Mocking Framework
C++
34,040
star
7

material-design-lite

Material Design Components in HTML/CSS/JS
HTML
32,281
star
8

comprehensive-rust

This is the Rust course used by the Android team at Google. It provides you the material to quickly teach Rust.
Rust
27,842
star
9

python-fire

Python Fire is a library for automatically generating command line interfaces (CLIs) from absolutely any Python object.
Python
26,842
star
10

mediapipe

Cross-platform, customizable ML solutions for live and streaming media.
C++
25,626
star
11

gson

A Java serialization/deserialization library to convert Java Objects into JSON and back
Java
23,317
star
12

flatbuffers

FlatBuffers: Memory Efficient Serialization Library
C++
23,037
star
13

iosched

The Google I/O Android App
Kotlin
21,772
star
14

ExoPlayer

This project is deprecated and stale. The latest ExoPlayer code is available in https://github.com/androidx/media
Java
21,710
star
15

eng-practices

Google's Engineering Practices documentation
19,942
star
16

web-starter-kit

Web Starter Kit - a workflow for multi-device websites
HTML
18,422
star
17

flexbox-layout

Flexbox for Android
Kotlin
18,230
star
18

fonts

Font files available from Google Fonts, and a public issue tracker for all things Google Fonts
HTML
18,222
star
19

filament

Filament is a real-time physically based rendering engine for Android, iOS, Windows, Linux, macOS, and WebGL2
C++
17,554
star
20

cadvisor

Analyzes resource usage and performance characteristics of running containers.
Go
17,078
star
21

gvisor

Application Kernel for Containers
Go
15,733
star
22

libphonenumber

Google's common Java, C++ and JavaScript library for parsing, formatting, and validating international phone numbers.
C++
15,728
star
23

WebFundamentals

Former git repo for WebFundamentals on developers.google.com
JavaScript
13,851
star
24

yapf

A formatter for Python files
Python
13,755
star
25

brotli

Brotli compression format
TypeScript
13,363
star
26

tink

Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
Java
13,318
star
27

deepdream

13,212
star
28

wire

Compile-time Dependency Injection for Go
Go
12,919
star
29

guetzli

Perceptual JPEG encoder
C++
12,917
star
30

guice

Guice (pronounced 'juice') is a lightweight dependency injection framework for Java 11 and above, brought to you by Google.
Java
12,458
star
31

blockly

The web-based visual programming editor.
TypeScript
12,392
star
32

sanitizers

AddressSanitizer, ThreadSanitizer, MemorySanitizer
C
11,410
star
33

or-tools

Google's Operations Research tools:
C++
11,144
star
34

dopamine

Dopamine is a research framework for fast prototyping of reinforcement learning algorithms.
Jupyter Notebook
10,529
star
35

grumpy

Grumpy is a Python to Go source code transcompiler and runtime.
Go
10,464
star
36

oss-fuzz

OSS-Fuzz - continuous fuzzing for open source software.
Shell
10,389
star
37

auto

A collection of source code generators for Java.
Java
10,234
star
38

go-github

Go library for accessing the GitHub v3 API
Go
10,206
star
39

go-cloud

The Go Cloud Development Kit (Go CDK): A library and tools for open cloud development in Go.
Go
9,546
star
40

sentencepiece

Unsupervised text tokenizer for Neural Network-based text generation.
C++
8,657
star
41

tsunami-security-scanner

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
Java
8,232
star
42

re2

RE2 is a fast, safe, thread-friendly alternative to backtracking regular expression engines like those used in PCRE, Perl, and Python. It is a C++ library.
C++
8,190
star
43

traceur-compiler

Traceur is a JavaScript.next-to-JavaScript-of-today compiler
JavaScript
8,173
star
44

trax

Trax β€” Deep Learning with Clear Code and Speed
Python
8,051
star
45

pprof

pprof is a tool for visualization and analysis of profiling data
Go
7,875
star
46

skia

Skia is a complete 2D graphic library for drawing Text, Geometries, and Images.
C++
7,874
star
47

benchmark

A microbenchmark support library
C++
7,812
star
48

magika

Detect file content types with deep learning
Rust
7,680
star
49

android-classyshark

Android and Java bytecode viewer
Java
7,492
star
50

accompanist

A collection of extension libraries for Jetpack Compose
Kotlin
7,442
star
51

closure-compiler

A JavaScript checker and optimizer.
Java
7,394
star
52

agera

Reactive Programming for Android
Java
7,227
star
53

latexify_py

A library to generate LaTeX expression from Python code.
Python
7,160
star
54

diff-match-patch

Diff Match Patch is a high-performance library in multiple languages that manipulates plain text.
Python
7,132
star
55

flutter-desktop-embedding

Experimental plugins for Flutter for Desktop
C++
7,102
star
56

glog

C++ implementation of the Google logging module
C++
7,017
star
57

jsonnet

Jsonnet - The data templating language
Jsonnet
6,938
star
58

model-viewer

Easily display interactive 3D models on the web and in AR!
TypeScript
6,858
star
59

lovefield

Lovefield is a relational database for web apps. Written in JavaScript, works cross-browser. Provides SQL-like APIs that are fast, safe, and easy to use.
JavaScript
6,847
star
60

error-prone

Catch common Java mistakes as compile-time errors
Java
6,818
star
61

draco

Draco is a library for compressing and decompressing 3D geometric meshes and point clouds. It is intended to improve the storage and transmission of 3D graphics.
C++
6,459
star
62

gops

A tool to list and diagnose Go processes currently running on your system
Go
6,375
star
63

gopacket

Provides packet processing capabilities for Go
Go
6,289
star
64

automl

Google Brain AutoML
Jupyter Notebook
6,230
star
65

osv-scanner

Vulnerability scanner written in Go which uses the data provided by https://osv.dev
Go
6,222
star
66

flax

Flax is a neural network library for JAX that is designed for flexibility.
Jupyter Notebook
6,085
star
67

grafika

Grafika test app
Java
6,071
star
68

snappy

A fast compressor/decompressor
C++
6,068
star
69

physical-web

The Physical Web: walk up and use anything
Java
6,017
star
70

j2objc

A Java to iOS Objective-C translation tool and runtime.
Java
5,990
star
71

gemma.cpp

lightweight, standalone C++ inference engine for Google's Gemma models.
C++
5,961
star
72

ios-webkit-debug-proxy

A DevTools proxy (Chrome Remote Debugging Protocol) for iOS devices (Safari Remote Web Inspector).
C
5,918
star
73

seesaw

Seesaw v2 is a Linux Virtual Server (LVS) based load balancing platform.
Go
5,634
star
74

EarlGrey

🍡 iOS UI Automation Test Framework
Objective-C
5,616
star
75

seq2seq

A general-purpose encoder-decoder framework for Tensorflow
Python
5,577
star
76

google-java-format

Reformats Java source code to comply with Google Java Style.
Java
5,538
star
77

mesop

Rapidly build AI apps in Python
Python
5,401
star
78

wireit

Wireit upgrades your npm/pnpm/yarn scripts to make them smarter and more efficient.
TypeScript
5,385
star
79

syzkaller

syzkaller is an unsupervised coverage-guided kernel fuzzer
Go
5,350
star
80

uuid

Go package for UUIDs based on RFC 4122 and DCE 1.1: Authentication and Security Services.
Go
5,284
star
81

clusterfuzz

Scalable fuzzing infrastructure.
Python
5,283
star
82

battery-historian

Battery Historian is a tool to analyze battery consumers using Android "bugreport" files.
Go
5,249
star
83

gemma_pytorch

The official PyTorch implementation of Google's Gemma models
Python
5,242
star
84

bbr

5,156
star
85

gumbo-parser

An HTML5 parsing library in pure C99
HTML
5,141
star
86

git-appraise

Distributed code review system for Git repos
Go
5,122
star
87

google-authenticator

Open source version of Google Authenticator (except the Android app)
Java
5,077
star
88

gts

β˜‚οΈ TypeScript style guide, formatter, and linter.
TypeScript
5,071
star
89

closure-library

Google's common JavaScript library
JavaScript
4,881
star
90

grr

GRR Rapid Response: remote live forensics for incident response
Python
4,757
star
91

cameraview

[DEPRECATED] Easily integrate Camera features into your Android app
Java
4,734
star
92

pytype

A static type analyzer for Python code
Python
4,731
star
93

liquidfun

2D physics engine for games
C++
4,559
star
94

clasp

πŸ”— Command Line Apps Script Projects
TypeScript
4,525
star
95

google-ctf

Google CTF
Python
4,477
star
96

gxui

An experimental Go cross platform UI library.
Go
4,450
star
97

santa

A binary authorization and monitoring system for macOS
Objective-C++
4,402
star
98

bloaty

Bloaty: a size profiler for binaries
C++
4,386
star
99

tcmalloc

C++
4,339
star
100

ko

Build and deploy Go applications on Kubernetes
Go
4,329
star