Repositories list

• dylint

  Public
  Run Rust lints from dynamic libraries

  rustlinting

  rustlinting

  Rust

  •

  Apache License 2.0

  •5050 forks•573573 stars•4646 issues•88 pull requests•Updated Apr 25, 2026Apr 25, 2026

• scribe

  Public
  Local transcription and speaker diarization with pyannote and parakeet

  Python

  •

  MIT License

  •33 forks•2626 stars•00 issues•33 pull requests•Updated Apr 25, 2026Apr 25, 2026

• cookiecutter-python

  Public
  A cookiecutter template for a best-practices Python project

  Python

  •

  Apache License 2.0

  •77 forks•3737 stars•00 issues•11 pull request•Updated Apr 25, 2026Apr 25, 2026

• publications

  Public
  Publications from Trail of Bits

  conference-presentationsacademic-paperssecurity-reviews

  conference-presentationsacademic-paperssecurity-reviews

  Python

  •

  Creative Commons Attribution Share Alike 4.0 International

  •226226 forks•1.8k1.8k stars•00 issues•44 pull requests•Updated Apr 24, 2026Apr 24, 2026

• sigstore-tuf-simple

  Public
  Go

  •

  Apache License 2.0

  •00 forks•00 stars•00 issues•33 pull requests•Updated Apr 24, 2026Apr 24, 2026

• signal-auditor

  Public
  Key Transparency Auditor for Signal

  Rust

  •

  GNU Affero General Public License v3.0

  •00 forks•66 stars•00 issues•55 pull requests•Updated Apr 24, 2026Apr 24, 2026

• masm-decompiler

  Public
  Decompiler for the Miden assembly language

  Rust

  •

  MIT License

  •11 fork•11 star•00 issues•11 pull request•Updated Apr 24, 2026Apr 24, 2026

• pajaMAS

  Public
  Multi-agent system (MAS) hijacking demos

  multi-agent-systemsai-agentsai-security

  multi-agent-systemsai-agentsai-security

  Python

  •

  Apache License 2.0

  •55 forks•4545 stars•33 issues•1515 pull requests•Updated Apr 24, 2026Apr 24, 2026

• cargo-unmaintained

  Public
  Find unmaintained packages in Rust projects

  rustunmaintainedpackage-management

  rustunmaintainedpackage-management

  Rust

  •

  GNU Affero General Public License v3.0

  •1313 forks•8888 stars•1111 issues•11 pull request•Updated Apr 24, 2026Apr 24, 2026

• claude-code-devcontainer

  Public
  Sandboxed devcontainer for running Claude Code in bypass mode safely. Built for security audits and untrusted code review.

  Shell

  •

  Apache License 2.0

  •7878 forks•763763 stars•22 issues•00 pull requests•Updated Apr 24, 2026Apr 24, 2026

• necessist

  Public
  A mutation-based tool for finding bugs in tests

  testingmutation

  testingmutation

  Rust

  •

  GNU Affero General Public License v3.0

  •1919 forks•140140 stars•1818 issues•00 pull requests•Updated Apr 24, 2026Apr 24, 2026

• anchor-coverage

  Public
  A wrapper around `anchor test` for computing test coverage

  testingcoverageanchor+ 1

  testingcoverageanchorsolana

  Rust

  •

  GNU Affero General Public License v3.0

  •66 forks•1515 stars•44 issues•11 pull request•Updated Apr 24, 2026Apr 24, 2026

• skills-curated

  Public
  Curated, community-vetted Claude Code plugin marketplace

  Python

  •

  Creative Commons Attribution Share Alike 4.0 International

  •1818 forks•375375 stars•11 issue•44 pull requests•Updated Apr 24, 2026Apr 24, 2026

• gosentry

  Public
  Security-oriented Go toolchain, focused on state-of-the-art fuzzing capabilities.

  gonautilusfuzzing+ 2

  gonautilusfuzzinggoleaklibafl

  Go

  •

  BSD 3-Clause "New" or "Revised" License

  •19k19k forks•3333 stars•11 issue•00 pull requests•Updated Apr 24, 2026Apr 24, 2026

• skills

  Public
  Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows

  agent-skills

  agent-skills

  Python

  •

  Creative Commons Attribution Share Alike 4.0 International

  •414414 forks•4.8k4.8k stars•1515 issues•1212 pull requests•Updated Apr 24, 2026Apr 24, 2026

• trailmark

  Public
  Build and query a graph database representation of source code

  C

  •

  Apache License 2.0

  •77 forks•182182 stars•33 issues•00 pull requests•Updated Apr 24, 2026Apr 24, 2026

• codeql-queries

  Public
  CodeQL queries developed by Trail of Bits

  CodeQL

  •

  GNU Affero General Public License v3.0

  •99 forks•160160 stars•55 issues•44 pull requests•Updated Apr 23, 2026Apr 23, 2026

• vscode-weaudit

  Public
  Create code bookmarks and code highlights with a click.

  TypeScript

  •

  GNU General Public License v3.0

  •3131 forks•232232 stars•1515 issues•1616 pull requests•Updated Apr 23, 2026Apr 23, 2026

• pylock-attestations

  Public
  CLI tool to add attestation identities to `pylock.toml` files

  Python

  •

  Apache License 2.0

  •11 fork•66 stars•44 issues•00 pull requests•Updated Apr 23, 2026Apr 23, 2026

• gh-action-adapt-sigstore-pypi

  Public
  Python

  •

  Apache License 2.0

  •00 forks•11 star•00 issues•11 pull request•Updated Apr 23, 2026Apr 23, 2026

• mquire

  Public
  Zero-dependency Linux memory forensics PoC — leverages kernel-embedded BTF and kallsyms for type-aware memory analysis without external debug info.

  linuxrustsql+ 3

  linuxrustsqlkernelmemoryforensics

  Rust

  •

  Apache License 2.0

  •66 forks•144144 stars•33 issues•33 pull requests•Updated Apr 23, 2026Apr 23, 2026

• test-fuzz

  Public
  To make fuzzing Rust easy

  testingrustfuzzing

  testingrustfuzzing

  Rust

  •

  GNU Affero General Public License v3.0

  •2626 forks•203203 stars•77 issues•11 pull request•Updated Apr 23, 2026Apr 23, 2026

• mishegos

  Public
  A differential fuzzer for x86 decoders

  x86fuzzinghacktoberfest

  x86fuzzinghacktoberfest

  C++

  •

  Apache License 2.0

  •3030 forks•269269 stars•99 issues•11 pull request•Updated Apr 23, 2026Apr 23, 2026

• pip-plugin-pep740

  Public
  An implementation of a pip plugin that verifies PEP-740 attestations before installing a package, and aborts the installation if verification fails.

  Python

  •

  Apache License 2.0

  •11 fork•55 stars•11 issue•00 pull requests•Updated Apr 23, 2026Apr 23, 2026

• fickling

  Public
  A Python pickling decompiler and static analyzer

  pythonsecuritymachine-learning

  pythonsecuritymachine-learning

  Python

  •

  GNU Lesser General Public License v3.0

  •6868 forks•620620 stars•99 issues•1414 pull requests•Updated Apr 23, 2026Apr 23, 2026

• it-depends

  Public
  A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

  dependency-analysisdependency-graphhacktoberfest+ 5

  dependency-analysisdependency-graphhacktoberfestvulnerability-scannersbomhacktoberfest2021sbom-generatorsbom-tool

  Python

  •

  GNU Lesser General Public License v3.0

  •2323 forks•390390 stars•88 issues•22 pull requests•Updated Apr 23, 2026Apr 23, 2026

• rfc3161-client

  Public
  An Opinionated Python RFC3161 Client

  rfc3161timestamp-protocol

  rfc3161timestamp-protocol

  Rust

  •

  Apache License 2.0

  •44 forks•66 stars•22 issues•00 pull requests•Updated Apr 23, 2026Apr 23, 2026

• mewt

  Public
  mewt is a mutation testing framework

  C

  •

  GNU Affero General Public License v3.0

  •00 forks•2727 stars•00 issues•55 pull requests•Updated Apr 23, 2026Apr 23, 2026

• KEMs

  Public
  Collection of Key Encapsulation Mechanisms written in pure Rust

  Rust

  •4040 forks•00 stars•00 issues•22 pull requests•Updated Apr 23, 2026Apr 23, 2026

• sigstore-apis

  Public
  Rust clients for the Fulcio and Rekor APIs

  sigstore

  sigstore

  Rust

  •

  Apache License 2.0

  •22 forks•66 stars•00 issues•33 pull requests•Updated Apr 23, 2026Apr 23, 2026