Skip to content
@trailofbits

Trail of Bits

More code: binary lifters @lifting-bits, blockchain @crytic, forks @trail-of-forks
README.md
The Trail of Bits logo

Since 2012, Trail of Bits has helped secure some of the world's most targeted organizations and devices.

We combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

Some of our work:


Pinned Loading

  1. publications publications Public

    Publications from Trail of Bits

    Python 1.8k 221

  2. skills skills Public

    Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

    Python 3.5k 276

  3. fickling fickling Public

    A Python pickling decompiler and static analyzer

    Python 609 68

  4. vscode-weaudit vscode-weaudit Public

    Create code bookmarks and code highlights with a click.

    TypeScript 230 29

  5. semgrep-rules semgrep-rules Public

    Semgrep queries developed by Trail of Bits.

    Go 485 47

  6. codeql-queries codeql-queries Public

    CodeQL queries developed by Trail of Bits

    CodeQL 151 7

Repositories

Showing 10 of 263 repositories
  • different Public

    Detect bugs that have already been fixed in one codebase and determine whether the same issues apply to the target codebase.

    trailofbits/different’s past year of commit activity
    Python 5 1 0 2 Updated Mar 12, 2026
  • vendetect Public

    A tool to automatically detect copy+pasted and vendored code between repositories

    trailofbits/vendetect’s past year of commit activity
    Python 75 AGPL-3.0 6 2 4 Updated Mar 12, 2026
  • claude-code-config Public

    Opinionated defaults, documentation, and workflows for Claude Code at Trail of Bits

    trailofbits/claude-code-config’s past year of commit activity
    Shell 1,559 119 4 3 Updated Mar 12, 2026
  • claude-code-devcontainer Public

    Sandboxed devcontainer for running Claude Code in bypass mode safely. Built for security audits and untrusted code review.

    trailofbits/claude-code-devcontainer’s past year of commit activity
    Shell 522 Apache-2.0 47 1 1 Updated Mar 12, 2026
  • test-fuzz Public

    To make fuzzing Rust easy

    trailofbits/test-fuzz’s past year of commit activity
    Rust 199 AGPL-3.0 25 10 (1 issue needs help) 3 Updated Mar 12, 2026
  • itergator Public archive

    CodeQL library and queries for iterator invalidation

    trailofbits/itergator’s past year of commit activity
    CodeQL 22 8 0 0 Updated Mar 11, 2026
  • cargo-unmaintained Public

    Find unmaintained packages in Rust projects

    trailofbits/cargo-unmaintained’s past year of commit activity
    Rust 87 AGPL-3.0 13 11 2 Updated Mar 11, 2026
  • dylint Public

    Run Rust lints from dynamic libraries

    trailofbits/dylint’s past year of commit activity
    Rust 545 Apache-2.0 50 46 (1 issue needs help) 8 Updated Mar 11, 2026
  • vscode-sarif-explorer Public

    SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results

    trailofbits/vscode-sarif-explorer’s past year of commit activity
    TypeScript 47 GPL-3.0 9 6 (1 issue needs help) 3 Updated Mar 11, 2026
  • publications Public

    Publications from Trail of Bits

    trailofbits/publications’s past year of commit activity
    Python 1,778 CC-BY-SA-4.0 221 0 0 Updated Mar 11, 2026
View all repositories