◐ Shell
clean mode source ↗

Trail of Bits

The Trail of Bits logo

Since 2012, Trail of Bits has helped secure some of the world's most targeted organizations and devices.

We combine high-end security research with a real-world attacker mentality to reduce risk and fortify code.

Some of our work:


Pinned Loading

  1. Publications from Trail of Bits

    Python 1.8k 230

  2. Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

    Python 5.8k 509

  3. A Python pickling decompiler and static analyzer

    Python 636 70

  4. Create code bookmarks and code highlights with a click.

    TypeScript 234 32

  5. Semgrep queries developed by Trail of Bits.

    Go 514 56

  6. CodeQL queries developed by Trail of Bits

    CodeQL 168 10

Repositories

Showing 10 of 279 repositories

  • vscode-sarif-explorer Public

    SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results

    trailofbits/vscode-sarif-explorer’s past year of commit activity

  • trailofbits/cargo-unmaintained’s past year of commit activity

    Rust

    92

    AGPL-3.0

    14 9 2

    Updated Jun 19, 2026

  • graphtage Public

    A semantic diff utility and library for tree-like files such as JSON, JSON5, XML, HTML, YAML, and CSV.

    trailofbits/graphtage’s past year of commit activity

  • deptective Public

    Deptective automatically determines the native dependencies required to run any arbitrary program or command.

    trailofbits/deptective’s past year of commit activity

    Python

    132

    LGPL-3.0 0

    1 1

    Updated Jun 19, 2026

  • polyfile Public

    A pure Python cleanroom implementation of libmagic, with instrumented parsing from Kaitai struct and an interactive hex viewer

    trailofbits/polyfile’s past year of commit activity

  • trailofbits/rfc3161-client’s past year of commit activity

    Rust

    7

    Apache-2.0

    4 2 0

    Updated Jun 19, 2026

  • gosentry Public Forked from golang/go

    Security-oriented Go toolchain, focused on state-of-the-art fuzzing capabilities.

    trailofbits/gosentry’s past year of commit activity

  • it-depends Public

    A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

    trailofbits/it-depends’s past year of commit activity

    Python

    395

    LGPL-3.0

    25 8 2

    Updated Jun 19, 2026

  • pe-parse Public

    Principled, lightweight C/C++ PE parser

    trailofbits/pe-parse’s past year of commit activity

  • trailofbits/manticore’s past year of commit activity