trailofbits/codeql-queries external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

trailofbits/codeql-queries

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/trailofbits/codeql-queries)

Close

trailofbits / codeql-queriesView on GitHubMore

• External links
• Readme badge

CodeQL queries developed by Trail of Bits

☆168Jun 18, 2026Updated last week

Alternatives and similar repositories for codeql-queries

Users that are interested in codeql-queries are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• GitHubSecurityLab / CodeQL-Community-Packs

  View on GitHub
  Collection of community-driven CodeQL query, library and extension packs
  ☆212Updated this week
• trailofbits / semgrep-rules

  View on GitHub
  Semgrep queries developed by Trail of Bits.
  ☆515May 7, 2026Updated last month
• trailofbits / itergator

  View on GitHub
  CodeQL library and queries for iterator invalidation
  ☆22Mar 12, 2026Updated 3 months ago
• 0xricksanchez / AFL_Runner

  View on GitHub
  Scaling best-practice AFLPlusPlus fuzzing campaigns made easy and more
  ☆81May 22, 2025Updated last year
• 0xdea / semgrep-rules

  View on GitHub
  A collection of my Semgrep rules to facilitate vulnerability research.
  ☆827Jun 15, 2026Updated 2 weeks ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• AFLplusplus / cargo-libafl

  View on GitHub
  Fuzz Rust code with LibAFL
  ☆60Aug 30, 2023Updated 2 years ago
• advanced-security / awesome-codeql

  View on GitHub
  A curated list of awesome CodeQL resources.
  ☆89May 28, 2026Updated last month
• quarkslab / pastis

  View on GitHub
  PASTIS: Collaborative Fuzzing Framework
  ☆165Oct 12, 2025Updated 8 months ago
• ChengyuSong / Kirenenko

  View on GitHub
  Super Fast Concolic Execution Engine based on Source Code Taint Tracing
  ☆103Jul 14, 2022Updated 3 years ago
• github / codeql-coding-standards

  View on GitHub
  This repository contains CodeQL queries and libraries which support various Coding Standards.
  ☆211Jun 22, 2026Updated last week
• bordig-f / angr-strategies

  View on GitHub
  A cheat sheet that summarises "strategies" (or techniques) to use with angr.
  ☆33Jan 24, 2021Updated 5 years ago
• ChijinZ / SaGe-Browser-Fuzzer

  View on GitHub
  a browser fuzzer
  ☆46Mar 15, 2024Updated 2 years ago
• advanced-security / grab_ql

  View on GitHub
  Grab some/all of CodeQL CLI binary, QL library, VSCode starter workspace, VSCode and VSCode QL extension
  ☆11Mar 26, 2026Updated 3 months ago
• therealsaumil / custom_nvram

  View on GitHub
  Shared Library to intercept nvram get/set/match calls for emulating libnvram.so used by many IoT firmware software.
  ☆69Aug 10, 2021Updated 4 years ago
• Managed Database hosting by DigitalOcean • Ad
  PostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
• Santandersecurityresearch / cryptobom-forge

  View on GitHub
  Tools and utilities needed to parse GitHub Multi-Repository Variant Analysis output
  ☆36May 20, 2026Updated last month
• sslab-gatech / AndroidCoverageAgent

  View on GitHub
  Coverage gathering JVMTI agent for Android
  ☆28Oct 11, 2023Updated 2 years ago
• fkie-cad / cwe_checker

  View on GitHub
  cwe_checker finds vulnerable patterns in binary executables
  ☆1,342Apr 10, 2025Updated last year
• tl455047 / DTaint

  View on GitHub
  Dtaint: taint analysis based on DFSan and llvm instrumentation
  ☆28Dec 28, 2021Updated 4 years ago
• season-lab / fuzzolic

  View on GitHub
  fuzzing + concolic = fuzzolic :)
  ☆131Nov 6, 2025Updated 7 months ago
• microsoft / codeql-container

  View on GitHub
  Prepackaged and precompiled github codeql container for rapid analysis, deployment and development.
  ☆125Nov 27, 2023Updated 2 years ago
• AFLplusplus / Grammar-Mutator

  View on GitHub
  A grammar-based custom mutator for AFL++
  ☆272May 12, 2026Updated last month
• hgarrereyn / nfuncs-agent

  View on GitHub
  Proof of concept agentic solver for nfuncs from DEF CON Quals 2025
  ☆23Apr 18, 2025Updated last year
• Cybergenik / hopper

  View on GitHub
  Coverage-Guided Greybox Distributed Fuzzer
  ☆134Jan 26, 2026Updated 5 months ago
• Deploy on Railway without the complexity - Free Credits Offer • Ad
  Connect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
• fullwaywang / QlRules

  View on GitHub
  Auto-generated CodeQL rules for matching CVE vulnerabilities and variants.
  ☆184Sep 19, 2024Updated last year
• FlappyPig / WCTF-pigdriver

  View on GitHub
  by http://whereisk0shl.top/
  ☆33Jul 9, 2018Updated 7 years ago
• interruptlabs / semgrep_bn

  View on GitHub
  Binary Ninja plugin to automate the process of generating pseudo-C code, running Semgrep over the pseudo-C, and presenting the results.
  ☆37Feb 4, 2025Updated last year
• advanced-security / codeql-queries

  View on GitHub
  [Deprecated] GitHub's Field Team's CodeQL Custom Queries, Suites, and Configurations. See GitHubSecurityLab/CodeQL-Community-Packs instea…
  ☆85May 1, 2024Updated 2 years ago
• ucsb-seclab / karonte

  View on GitHub
  Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware
  ☆429Sep 18, 2021Updated 4 years ago
• R00tkitSMM / Pishi

  View on GitHub
  Pishi is a code coverage tool like kcov for macOS.
  ☆76Apr 17, 2025Updated last year
• GitHubSecurityLab / gh-mrva

  View on GitHub
  Run CodeQL queries at scale using Multi-Repository Variant Analysis (MRVA)
  ☆68Apr 16, 2025Updated last year
• h0mbre / Lucid

  View on GitHub
  An educational Bochs-based snapshot fuzzer project
  ☆246Oct 27, 2025Updated 8 months ago
• jamiesanson / exploring-appfunctions

  View on GitHub
  An exploration of Android App Functions
  ☆18May 26, 2025Updated last year
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• sslab-gatech / freedom

  View on GitHub
  A DOM fuzzer
  ☆158Aug 18, 2022Updated 3 years ago
• zhunki / Superion

  View on GitHub
  Superion is a fuzzer which extends the famous AFL to support structured inputs such as JavaScript and XML.
  ☆140Aug 18, 2022Updated 3 years ago
• caido / workshop-defcon

  View on GitHub
  ☠️ Code for the Defcon Workshop
  ☆23Aug 6, 2024Updated last year
• Fireboyd78 / lucid

  View on GitHub
  An Interactive Hex-Rays Microcode Explorer
  ☆17Feb 8, 2024Updated 2 years ago
• mahaloz / pyjoern

  View on GitHub
  ☆15Jul 25, 2025Updated 11 months ago
• hgarrereyn / GraphFuzz

  View on GitHub
  GraphFuzz is an experimental framework for building structure-aware, library API fuzzers.
  ☆274Jan 16, 2024Updated 2 years ago
• nccgroup / Cartographer

  View on GitHub
  Code Coverage Exploration Plugin for Ghidra
  ☆380Jul 19, 2024Updated last year