Trail of Bits

All

259 repositories

dylint
Public
Run Rust lints from dynamic libraries
rust linting
Rust
•
Apache License 2.0
•49•533•46•7•Updated Feb 15, 2026Feb 15, 2026
build-wrap
Public
Help protect against malicious build scripts
rust sandboxing build-scripts
Rust
•
GNU Affero General Public License v3.0
•4•24•2•0•Updated Feb 14, 2026Feb 14, 2026
dropkit
Public
A CLI tool for managing DigitalOcean droplets with automated setup, SSH configuration, and lifecycle management.
Python
•
Apache License 2.0
•7•60•0•2•Updated Feb 14, 2026Feb 14, 2026
skills-curated
Public
Curated, community-vetted Claude Code plugin marketplace
Python
•
Creative Commons Attribution Share Alike 4.0 International
•2•107•0•0•Updated Feb 14, 2026Feb 14, 2026
cargo-unmaintained
Public
Find unmaintained packages in Rust projects
rust unmaintained package-management
Rust
•
GNU Affero General Public License v3.0
•13•85•11•2•Updated Feb 14, 2026Feb 14, 2026
claude-code-config
Public
Opinionated defaults, documentation, and workflows for Claude Code at Trail of Bits
claude developer-tool claude-code claude-code-cli
Shell
•58•827•0•0•Updated Feb 14, 2026Feb 14, 2026
vscode-weaudit
Public
Create code bookmarks and code highlights with a click.
TypeScript
•
GNU General Public License v3.0
•28•228•14•6•Updated Feb 14, 2026Feb 14, 2026
aifirst-insecure-agent-labs
Public
Python
•2•4•0•4•Updated Feb 13, 2026Feb 13, 2026
codeql
Public
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
CodeQL
•
MIT License
•1.9k•1•0•3•Updated Feb 13, 2026Feb 13, 2026
it-depends
Public
A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.
dependency-analysis dependency-graph hacktoberfest vulnerability-scanner sbom hacktoberfest2021 sbom-generator sbom-tool
Python
•
GNU Lesser General Public License v3.0
•22•383•12•2•Updated Feb 13, 2026Feb 13, 2026
protofuzz
Public
Google Protocol Buffers message generator
protobuf protocol-buffers fuzzer
Python
•
MIT License
•36•283•9•2•Updated Feb 13, 2026Feb 13, 2026
blight
Public
A framework for instrumenting build tools
instrumentation build-tool build-system hacktoberfest compiler-wrapper
Python
•
Apache License 2.0
•7•90•20•6•Updated Feb 13, 2026Feb 13, 2026
mcp-context-protector
Public
MCP security wrapper
Python
•
Apache License 2.0
•17•208•5•5•Updated Feb 13, 2026Feb 13, 2026
pylock-attestations
Public
CLI tool to add attestation identities to `pylock.toml` files
Python
•
Apache License 2.0
•1•5•4•0•Updated Feb 13, 2026Feb 13, 2026
cookiecutter-python
Public
A cookiecutter template for a best-practices Python project
Python
•
Apache License 2.0
•7•30•0•2•Updated Feb 13, 2026Feb 13, 2026
skills
Public
Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows
agent-skills
Python
•
Creative Commons Attribution Share Alike 4.0 International
•213•2.7k•5•3•Updated Feb 13, 2026Feb 13, 2026
pajaMAS
Public
Multi-agent system (MAS) hijacking demos
multi-agent-systems ai-agents ai-security
Python
•
Apache License 2.0
•3•40•3•4•Updated Feb 13, 2026Feb 13, 2026
gh-action-adapt-sigstore-pypi
Public
Python
•
Apache License 2.0
•0•1•0•7•Updated Feb 13, 2026Feb 13, 2026
irene3
Public
C++
•
GNU Affero General Public License v3.0
•1•11•1•4•Updated Feb 13, 2026Feb 13, 2026
siderophile
Public
Find the ideal fuzz targets in a Rust codebase
rust fuzzing program-analysis security-testing
Rust
•
MIT License
•13•223•12•13•Updated Feb 13, 2026Feb 13, 2026
vscode-sarif-explorer
Public
SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results
static-analysis vscode-extension sarif
TypeScript
•
GNU General Public License v3.0
•9•45•6•16•Updated Feb 13, 2026Feb 13, 2026
claude-code-devcontainer
Public
Sandboxed devcontainer for running Claude Code in bypass mode safely. Built for security audits and untrusted code review.
Shell
•
Apache License 2.0
•27•350•0•0•Updated Feb 13, 2026Feb 13, 2026
codeql-queries
Public
CodeQL queries developed by Trail of Bits
CodeQL
•
GNU Affero General Public License v3.0
•7•146•5•4•Updated Feb 13, 2026Feb 13, 2026
checksec-anywhere
Public
Analyze binary security features instantly in your browser.
Rust
•
Apache License 2.0
•2•17•6•1•Updated Feb 13, 2026Feb 13, 2026
vscode-masm
Public
VS Code extension for the Miden assembly language
TypeScript
•0•4•0•0•Updated Feb 13, 2026Feb 13, 2026
masm-lsp
Public
An LSP server for the Miden assembly language
Rust
•1•2•1•0•Updated Feb 13, 2026Feb 13, 2026
vast
Public
VAST is an experimental compiler pipeline designed for program analysis of C and C++. It provides a tower of IRs as MLIR dialects to choose the best fit represe…
c cpp clang compilers program-analysis intermediate-representation compiler-frontend mlir
C++
•
Apache License 2.0
•32•434•168•3•Updated Feb 13, 2026Feb 13, 2026
vendetect
Public
A tool to automatically detect copy+pasted and vendored code between repositories
program-analysis plagiarism-detection sbom sbom-tool
Python
•
GNU Affero General Public License v3.0
•6•74•2•3•Updated Feb 13, 2026Feb 13, 2026
go-slh-dsa
Public
FIPS-205 / SLH-DSA (Stateless Hash-Based Digital Signature Algorithm)
Go
•
BSD 3-Clause "New" or "Revised" License
•1•8•0•0•Updated Feb 13, 2026Feb 13, 2026
graphtage
Public
A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.
python diff utility library graph-algorithms command-line-tool hacktoberfest hacktoberfest2021
Python
•
GNU Lesser General Public License v3.0
•54•2.5k•20•8•Updated Feb 13, 2026Feb 13, 2026