There are no reviews yet. Be the first to send feedback to the community and the maintainers!
algo
Set up a personal VPN in the cloudmanticore
Symbolic execution toolgraphtage
A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.ctf
CTF Field Guidepublications
Publications from Trail of Bitsdeepstate
A unit test-like interface for fuzzing and symbolic executionpe-parse
Principled, lightweight C/C++ PE parsereth-security-toolbox
A Docker container preconfigured with all of the Trail of Bits Ethereum security tools.maat
Open-source symbolic execution framework: https://maat.retwa
A tiny web auditor with strong opinions.winchecksec
Checksec, but for Windows: static detection of security mitigations in executablescb-multios
DARPA Challenges Sets for Linux, Windows, and macOSpolytracker
An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.onesixtyone
Fast SNMP Scannertubertc
Peer-to-Peer Video Chat for Corporate LANskrf
A kernelspace syscall interceptor and randomized faultervast
VAST is an experimental compiler pipeline designed for program analysis of C and C++. It provides a tower of IRs as MLIR dialects to choose the best fit representations for a program analysis or further program abstraction.fickling
A Python pickling decompiler and static analyzerpolyfile
A pure Python cleanroom implementation of libmagic, with instrumented parsing from Kaitai struct and an interactive hex viewerit-depends
A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.sinter
A user-mode application authorization system for MacOS written in SwiftSecureEnclaveCrypto
Demonstration library for using the Secure Enclave on iOSprotofuzz
Google Protocol Buffers message generatordylint
A tool for running Rust lints from dynamic librariesosquery-extensions
osquery extensions by Trail of Bitsconstexpr-everything
Rewrite C++ code to automatically apply `constexpr` where possiblebinjascripts
Scripts for Binary NinjaRpcInvestigator
Exploring RPC interfaces on Windowsaudit-kubernetes
k8s audit repomishegos
A differential fuzzer for x86 decoderssemgrep-rules
Semgrep queries developed by Trail of Bits.circomspect
A static analyzer and linter for the Circom zero-knowledge DSLPrivacyRaven
Privacy Testing for Deep Learningllvm-sanitizer-tutorial
An LLVM sanitizer tutorialsiderophile
Find the ideal fuzz targets in a Rust codebaseflying-sandbox-monster
Sandboxed, Rust-based, Windows Defender Clientnot-going-anywhere
A set of vulnerable Golang programsAppJailLauncher
CTF Challenge Framework for Windows 8 and abovezkdocs
Interactive documentation on zero-knowledge proof systems and related primitives.sienna-locomotive
A user-friendly fuzzing and crash triage tool for Windowsuthenticode
A cross-platform library for verifying Authenticode signaturesObjCGraphView
A graph view plugin for Binary Ninja to visualize Objective-CHoneybee
An experimental high performance, fuzzing oriented Intel Processor Trace capture and analysis suitesqlite_wrapper
An easy-to-use, extensible and lightweight C++17 wrapper for SQLitectf-challenges
CTF Challengesebpfpub
ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.pasta
Peter's Amazing Syntax Tree Analyzerappjaillauncher-rs
AppJailLauncher in Rustvscode-weaudit
Create code bookmarks and code highlights with a click.test-fuzz
To make fuzzing Rust easyon-edge
A library for detecting certain improper uses of the "Defer, Panic, and Recover" pattern in Go programsios-integrity-validator
Integrity validator for iOS devicesBTIGhidra
Binary Type Inference Ghidra Pluginabi3audit
Scans Python packages for abi3 violations and inconsistenciesebpfault
A BPF-based syscall fault injectorbinrec-tob
BinRec: Dynamic Binary Lifting and Recompilationblight
A framework for instrumenting build toolsManticoreUI
The Manticore User Interface with plugins for Binary Ninja and Ghidrabisc
Borrowed Instructions Synthetic Computationmanticore-examples
Example Manticore scriptsalgo-ng
Experimental version of Algo built on Terraformdiffer
Detecting Inconsistencies in Feature or Function Evaluations of Requirementsdeceptiveidn
Use computer vision to determine if an IDN can be interpreted as something it's notruzzy
A coverage-guided fuzzer for pure Ruby code and Ruby C extensionsnecessist
A tool for finding bugs in testsreverie
An efficient and generalized implementation of the IKOS-style KKW proof system (https://eprint.iacr.org/2018/475) for arbitrary rings.magnifier
awesome-ml-security
sixtyfour
How fast can we brute force a 64-bit comparison?LeftoverLocalsRelease
The public release of LeftoverLocals codeCodex-Decompiler
DomTreSat
Dominator Tree LLVM Pass to Test Satisfiabilitynyc-infosec
Mapping the NYC Infosec Communitycfg-showcase
Sample programs that illustrate how to use Control Flow Guard, VS2015's control flow integrity implementationtsc_freq_khz
Linux kernel driver to export the TSC frequency via sysfsHVCI-loldrivers-check
rubysec
RubySec Field Guideindurative
Easily create authenticated data structureshttp-security
Parse HTTP Security Headerstrailofphish
Phishing e-mail repositoryKRFAnalysis
Collection of LLVM passes and triage tools for use with the KRF fuzzerspf-query
Ruby SPF Parserebpf-verifier
Harness for the Linux kernel eBPF verifierumberto
poststructural fuzzingebpf-common
Various utilities useful for developers writing BPF toolsclang-tidy-audit
Rewrite C/C++/Obj-C to Annotate Points of Interestmacroni
C and C++ compiler frontend using PASTA to parse code, and VAST to represent the code as MLIR.eatmynetwork
A small script for running programs with (minimal) network sandboxinganselm
Detect patterns of bad behavior in function callsdmarc
Ruby DMARC Parsertesting-handbook
Trail of Bits Testing Handbookbtfparse
A C++ library that parses debug information encoded in BTF formatlinuxevents
A sample PoC for container-aware exec events for osqueryml-file-formats
List of ML file formatsmpc-learning
Perform multi-party computation on machine learning applicationsgo-mutexasserts
A small library that allows to check if Go mutexes are lockedscreen
Measure branching along code pathstacklebox
Phishing Toolkititergator
CodeQL library and queries for iterator invalidationWinDbg-JS
Love Open Source and this site? Check out how you can help us