Skip to content
@trailofbits

Trail of Bits

More code: binary lifters @lifting-bits, blockchain @crytic, forks @trail-of-forks
README.md
The Trail of Bits logo

Since 2012, Trail of Bits has helped secure some of the world's most targeted organizations and devices.

We combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

Some of our work:


Pinned Loading

  1. publications publications Public

    Publications from Trail of Bits

    Python 1.7k 210

  2. algo algo Public

    Set up a personal VPN in the cloud

    Python 30.2k 2.4k

  3. fickling fickling Public

    A Python pickling decompiler and static analyzer

    Python 592 65

  4. vscode-weaudit vscode-weaudit Public

    Create code bookmarks and code highlights with a click.

    TypeScript 223 26

  5. semgrep-rules semgrep-rules Public

    Semgrep queries developed by Trail of Bits.

    Go 462 46

  6. codeql-queries codeql-queries Public

    CodeQL queries developed by Trail of Bits

    CodeQL 137 7

Repositories

Showing 10 of 249 repositories
  • cargo-unmaintained Public

    Find unmaintained packages in Rust projects

    trailofbits/cargo-unmaintained’s past year of commit activity
    Rust 83 AGPL-3.0 13 11 1 Updated Dec 26, 2025
  • testing-handbook Public

    Trail of Bits Testing Handbook - appsec.guide

    trailofbits/testing-handbook’s past year of commit activity
    Rust 87 CC-BY-4.0 16 15 (3 issues need help) 2 Updated Dec 26, 2025
  • necessist Public

    A mutation-based tool for finding bugs in tests

    trailofbits/necessist’s past year of commit activity
    Rust 128 AGPL-3.0 18 17 0 Updated Dec 26, 2025
  • vendetect Public

    A tool to automatically detect copy+pasted and vendored code between repositories

    trailofbits/vendetect’s past year of commit activity
    Python 74 AGPL-3.0 6 2 3 Updated Dec 26, 2025
  • vscode-weaudit Public

    Create code bookmarks and code highlights with a click.

    trailofbits/vscode-weaudit’s past year of commit activity
    TypeScript 223 GPL-3.0 26 23 (5 issues need help) 7 Updated Dec 26, 2025
  • test-fuzz Public

    To make fuzzing Rust easy

    trailofbits/test-fuzz’s past year of commit activity
    Rust 193 AGPL-3.0 24 11 2 Updated Dec 25, 2025
  • it-depends Public

    A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

    trailofbits/it-depends’s past year of commit activity
    Python 378 LGPL-3.0 22 14 4 Updated Dec 25, 2025
  • algo Public

    Set up a personal VPN in the cloud

    trailofbits/algo’s past year of commit activity
    Python 30,192 AGPL-3.0 2,356 65 2 Updated Dec 24, 2025
  • go-panikint Public Forked from golang/go

    It's the Go compiler, but it panics on arithmetic and truncation issues.

    trailofbits/go-panikint’s past year of commit activity
    Go 8 BSD-3-Clause 19,798 1 0 Updated Dec 24, 2025
  • rfc3161-client Public

    An Opinionated Python RFC3161 Client

    trailofbits/rfc3161-client’s past year of commit activity
    Rust 4 Apache-2.0 4 2 1 Updated Dec 24, 2025
View all repositories