There are no reviews yet. Be the first to send feedback to the community and the maintainers!
algo
Set up a personal VPN in the cloudmanticore
Symbolic execution toolgraphtage
A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.ctf
CTF Field Guidepublications
Publications from Trail of Bitsdeepstate
A unit test-like interface for fuzzing and symbolic executionpe-parse
Principled, lightweight C/C++ PE parsereth-security-toolbox
A Docker container preconfigured with all of the Trail of Bits Ethereum security tools.maat
Open-source symbolic execution framework: https://maat.retwa
A tiny web auditor with strong opinions.winchecksec
Checksec, but for Windows: static detection of security mitigations in executablespolytracker
An LLVM-based instrumentation tool for universal taint tracking, dataflow analysis, and tracing.cb-multios
DARPA Challenges Sets for Linux, Windows, and macOSmultiplier
Code auditing productivity multiplier.onesixtyone
Fast SNMP Scannerfickling
A Python pickling decompiler and static analyzervast
VAST is an experimental compiler pipeline designed for program analysis of C and C++. It provides a tower of IRs as MLIR dialects to choose the best fit representations for a program analysis or further program abstraction.tubertc
Peer-to-Peer Video Chat for Corporate LANskrf
A kernelspace syscall interceptor and randomized faulterpolyfile
A pure Python cleanroom implementation of libmagic, with instrumented parsing from Kaitai struct and an interactive hex viewerit-depends
A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.sinter
A user-mode application authorization system for MacOS written in SwiftSecureEnclaveCrypto
Demonstration library for using the Secure Enclave on iOSprotofuzz
Google Protocol Buffers message generatorosquery-extensions
osquery extensions by Trail of Bitsdylint
A tool for running Rust lints from dynamic librariesRpcInvestigator
Exploring RPC interfaces on Windowsconstexpr-everything
Rewrite C++ code to automatically apply `constexpr` where possiblebinjascripts
Scripts for Binary Ninjaaudit-kubernetes
k8s audit repomishegos
A differential fuzzer for x86 decoderssemgrep-rules
Semgrep queries developed by Trail of Bits.circomspect
A static analyzer and linter for the Circom zero-knowledge DSLPrivacyRaven
Privacy Testing for Deep Learningllvm-sanitizer-tutorial
An LLVM sanitizer tutorialsiderophile
Find the ideal fuzz targets in a Rust codebaseflying-sandbox-monster
Sandboxed, Rust-based, Windows Defender Clientnot-going-anywhere
A set of vulnerable Golang programsAppJailLauncher
CTF Challenge Framework for Windows 8 and aboveBTIGhidra
Binary Type Inference Ghidra Pluginuthenticode
A cross-platform library for verifying Authenticode signatureszkdocs
Interactive documentation on zero-knowledge proof systems and related primitives.sienna-locomotive
A user-friendly fuzzing and crash triage tool for WindowsHoneybee
An experimental high performance, fuzzing oriented Intel Processor Trace capture and analysis suiteObjCGraphView
A graph view plugin for Binary Ninja to visualize Objective-Cpasta
Peter's Amazing Syntax Tree Analyzersqlite_wrapper
An easy-to-use, extensible and lightweight C++17 wrapper for SQLiteebpfpub
ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.ctf-challenges
CTF Challengesbinrec-tob
BinRec: Dynamic Binary Lifting and Recompilationappjaillauncher-rs
AppJailLauncher in Rustvscode-weaudit
Create code bookmarks and code highlights with a click.test-fuzz
To make fuzzing Rust easyon-edge
A library for detecting certain improper uses of the "Defer, Panic, and Recover" pattern in Go programsios-integrity-validator
Integrity validator for iOS devicesabi3audit
Scans Python packages for abi3 violations and inconsistenciesebpfault
A BPF-based syscall fault injectorclang-cfi-showcase
Sample programs that illustrate how to use control flow integrity with the clang compilerawesome-ml-security
blight
A framework for instrumenting build toolsruzzy
A coverage-guided fuzzer for pure Ruby code and Ruby C extensionsManticoreUI
The Manticore User Interface with plugins for Binary Ninja and Ghidrabisc
Borrowed Instructions Synthetic Computationmanticore-examples
Example Manticore scriptsalgo-ng
Experimental version of Algo built on Terraformdiffer
Detecting Inconsistencies in Feature or Function Evaluations of Requirementsdeceptiveidn
Use computer vision to determine if an IDN can be interpreted as something it's notLeftoverLocalsRelease
The public release of LeftoverLocals codenecessist
A tool for finding bugs in testsreverie
An efficient and generalized implementation of the IKOS-style KKW proof system (https://eprint.iacr.org/2018/475) for arbitrary rings.Codex-Decompiler
testing-handbook
Trail of Bits Testing Handbookmagnifier
sixtyfour
How fast can we brute force a 64-bit comparison?DomTreSat
Dominator Tree LLVM Pass to Test SatisfiabilityHVCI-loldrivers-check
nyc-infosec
Mapping the NYC Infosec Communitycfg-showcase
Sample programs that illustrate how to use Control Flow Guard, VS2015's control flow integrity implementationrubysec
RubySec Field Guidemacroni
C and C++ compiler frontend using PASTA to parse code, and VAST to represent the code as MLIR.indurative
Easily create authenticated data structureshttp-security
Parse HTTP Security Headerstrailofphish
Phishing e-mail repositoryKRFAnalysis
Collection of LLVM passes and triage tools for use with the KRF fuzzerebpf-verifier
Harness for the Linux kernel eBPF verifierml-file-formats
List of ML file formatsumberto
poststructural fuzzingspf-query
Ruby SPF Parserebpf-common
Various utilities useful for developers writing BPF toolsclang-tidy-audit
Rewrite C/C++/Obj-C to Annotate Points of Interesteatmynetwork
A small script for running programs with (minimal) network sandboxingbtfparse
A C++ library that parses debug information encoded in BTF formatanselm
Detect patterns of bad behavior in function callsdmarc
Ruby DMARC Parserlinuxevents
A sample PoC for container-aware exec events for osquerympc-learning
Perform multi-party computation on machine learning applicationsWinDbg-JS
go-mutexasserts
A small library that allows to check if Go mutexes are lockedscreen
Measure branching along code pathsitergator
CodeQL library and queries for iterator invalidationLove Open Source and this site? Check out how you can help us