There are no reviews yet. Be the first to send feedback to the community and the maintainers!
algo
Set up a personal VPN in the cloudmanticore
Symbolic execution toolgraphtage
A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.ctf
CTF Field Guidepublications
Publications from Trail of Bitsdeepstate
A unit test-like interface for fuzzing and symbolic executionpe-parse
Principled, lightweight C/C++ PE parsereth-security-toolbox
A Docker container preconfigured with all of the Trail of Bits Ethereum security tools.maat
Open-source symbolic execution framework: https://maat.retwa
A tiny web auditor with strong opinions.winchecksec
Checksec, but for Windows: static detection of security mitigations in executablescb-multios
DARPA Challenges Sets for Linux, Windows, and macOSpolytracker
An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.onesixtyone
Fast SNMP Scannertubertc
Peer-to-Peer Video Chat for Corporate LANskrf
A kernelspace syscall interceptor and randomized faultervast
VAST is an experimental compiler pipeline designed for program analysis of C and C++. It provides a tower of IRs as MLIR dialects to choose the best fit representations for a program analysis or further program abstraction.fickling
A Python pickling decompiler and static analyzerpolyfile
A pure Python cleanroom implementation of libmagic, with instrumented parsing from Kaitai struct and an interactive hex viewerit-depends
A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.sinter
A user-mode application authorization system for MacOS written in SwiftSecureEnclaveCrypto
Demonstration library for using the Secure Enclave on iOSprotofuzz
Google Protocol Buffers message generatordylint
A tool for running Rust lints from dynamic librariesosquery-extensions
osquery extensions by Trail of Bitsconstexpr-everything
Rewrite C++ code to automatically apply `constexpr` where possiblebinjascripts
Scripts for Binary NinjaRpcInvestigator
Exploring RPC interfaces on Windowsaudit-kubernetes
k8s audit repomishegos
A differential fuzzer for x86 decoderssemgrep-rules
Semgrep queries developed by Trail of Bits.circomspect
A static analyzer and linter for the Circom zero-knowledge DSLPrivacyRaven
Privacy Testing for Deep Learningllvm-sanitizer-tutorial
An LLVM sanitizer tutorialsiderophile
Find the ideal fuzz targets in a Rust codebaseflying-sandbox-monster
Sandboxed, Rust-based, Windows Defender Clientnot-going-anywhere
A set of vulnerable Golang programsAppJailLauncher
CTF Challenge Framework for Windows 8 and abovezkdocs
Interactive documentation on zero-knowledge proof systems and related primitives.sienna-locomotive
A user-friendly fuzzing and crash triage tool for Windowsuthenticode
A cross-platform library for verifying Authenticode signaturesObjCGraphView
A graph view plugin for Binary Ninja to visualize Objective-CHoneybee
An experimental high performance, fuzzing oriented Intel Processor Trace capture and analysis suitesqlite_wrapper
An easy-to-use, extensible and lightweight C++17 wrapper for SQLitectf-challenges
CTF Challengesebpfpub
ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.pasta
Peter's Amazing Syntax Tree Analyzerappjaillauncher-rs
AppJailLauncher in Rustvscode-weaudit
Create code bookmarks and code highlights with a click.test-fuzz
To make fuzzing Rust easyon-edge
A library for detecting certain improper uses of the "Defer, Panic, and Recover" pattern in Go programsios-integrity-validator
Integrity validator for iOS devicesabi3audit
Scans Python packages for abi3 violations and inconsistenciesebpfault
A BPF-based syscall fault injectorbinrec-tob
BinRec: Dynamic Binary Lifting and Recompilationclang-cfi-showcase
Sample programs that illustrate how to use control flow integrity with the clang compilerBTIGhidra
Binary Type Inference Ghidra Pluginblight
A framework for instrumenting build toolsManticoreUI
The Manticore User Interface with plugins for Binary Ninja and Ghidrabisc
Borrowed Instructions Synthetic Computationmanticore-examples
Example Manticore scriptsalgo-ng
Experimental version of Algo built on Terraformdiffer
Detecting Inconsistencies in Feature or Function Evaluations of Requirementsnecessist
A tool for finding bugs in testsreverie
An efficient and generalized implementation of the IKOS-style KKW proof system (https://eprint.iacr.org/2018/475) for arbitrary rings.magnifier
ruzzy
A coverage-guided fuzzer for pure Ruby code and Ruby C extensionsawesome-ml-security
sixtyfour
How fast can we brute force a 64-bit comparison?LeftoverLocalsRelease
The public release of LeftoverLocals codeCodex-Decompiler
DomTreSat
Dominator Tree LLVM Pass to Test Satisfiabilitynyc-infosec
Mapping the NYC Infosec Communitycfg-showcase
Sample programs that illustrate how to use Control Flow Guard, VS2015's control flow integrity implementationtsc_freq_khz
Linux kernel driver to export the TSC frequency via sysfsHVCI-loldrivers-check
rubysec
RubySec Field Guideindurative
Easily create authenticated data structureshttp-security
Parse HTTP Security Headerstrailofphish
Phishing e-mail repositoryKRFAnalysis
Collection of LLVM passes and triage tools for use with the KRF fuzzerspf-query
Ruby SPF Parserebpf-verifier
Harness for the Linux kernel eBPF verifierumberto
poststructural fuzzingebpf-common
Various utilities useful for developers writing BPF toolsclang-tidy-audit
Rewrite C/C++/Obj-C to Annotate Points of Interestmacroni
C and C++ compiler frontend using PASTA to parse code, and VAST to represent the code as MLIR.eatmynetwork
A small script for running programs with (minimal) network sandboxinganselm
Detect patterns of bad behavior in function callsdmarc
Ruby DMARC Parsertesting-handbook
Trail of Bits Testing Handbookbtfparse
A C++ library that parses debug information encoded in BTF formatlinuxevents
A sample PoC for container-aware exec events for osquerympc-learning
Perform multi-party computation on machine learning applicationsgo-mutexasserts
A small library that allows to check if Go mutexes are lockedscreen
Measure branching along code pathstacklebox
Phishing Toolkititergator
CodeQL library and queries for iterator invalidationWinDbg-JS
dkim-query
Ruby DKIM ParserLove Open Source and this site? Check out how you can help us