Skip to content
@trailofbits

Trail of Bits

More code: binary lifters @lifting-bits, blockchain @crytic, forks @trail-of-forks
README.md
The Trail of Bits logo

Since 2012, Trail of Bits has helped secure some of the world's most targeted organizations and devices.

We combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

Some of our work:


Pinned Loading

  1. publications publications Public

    Publications from Trail of Bits

    Python 1.8k 222

  2. skills skills Public

    Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

    Python 3.5k 282

  3. fickling fickling Public

    A Python pickling decompiler and static analyzer

    Python 609 68

  4. vscode-weaudit vscode-weaudit Public

    Create code bookmarks and code highlights with a click.

    TypeScript 230 29

  5. semgrep-rules semgrep-rules Public

    Semgrep queries developed by Trail of Bits.

    Go 485 49

  6. codeql-queries codeql-queries Public

    CodeQL queries developed by Trail of Bits

    CodeQL 151 7

Repositories

Showing 10 of 263 repositories
  • test-fuzz Public

    To make fuzzing Rust easy

    trailofbits/test-fuzz’s past year of commit activity
    Rust 199 AGPL-3.0 25 10 (1 issue needs help) 3 Updated Mar 14, 2026
  • cargo-unmaintained Public

    Find unmaintained packages in Rust projects

    trailofbits/cargo-unmaintained’s past year of commit activity
    Rust 87 AGPL-3.0 13 11 4 Updated Mar 14, 2026
  • build-wrap Public

    Help protect against malicious build scripts

    trailofbits/build-wrap’s past year of commit activity
    Rust 27 AGPL-3.0 4 1 0 Updated Mar 14, 2026
  • mquire Public

    Zero-dependency Linux memory forensics PoC — leverages kernel-embedded BTF and kallsyms for type-aware memory analysis without external debug info.

    trailofbits/mquire’s past year of commit activity
    Rust 105 Apache-2.0 5 2 0 Updated Mar 14, 2026
  • gosentry Public Forked from golang/go

    Security-oriented Go toolchain, focused on state-of-the-art fuzzing capabilities.

    trailofbits/gosentry’s past year of commit activity
    Go 18 BSD-3-Clause 20,020 1 0 Updated Mar 14, 2026
  • dylint Public

    Run Rust lints from dynamic libraries

    trailofbits/dylint’s past year of commit activity
    Rust 545 Apache-2.0 50 46 (1 issue needs help) 10 Updated Mar 14, 2026
  • buttercup Public

    Buttercup finds and patches software vulnerabilities

    trailofbits/buttercup’s past year of commit activity
    Python 1,531 AGPL-3.0 168 52 14 Updated Mar 14, 2026
  • algo Public

    Set up a personal VPN in the cloud

    trailofbits/algo’s past year of commit activity
    Python 30,333 AGPL-3.0 2,362 65 4 Updated Mar 14, 2026
  • slither-mcp Public

    MCP server for Slither static analysis of Solidity smart contracts

    trailofbits/slither-mcp’s past year of commit activity
    Python 79 AGPL-3.0 8 0 3 Updated Mar 13, 2026
  • sleepy-pickle-public Public

    AI model compromise through malicious pickle files

    trailofbits/sleepy-pickle-public’s past year of commit activity
    Python 1 MIT 1 0 3 Updated Mar 13, 2026
View all repositories