trailofbits / testing-handbook
Trail of Bits Testing Handbook
☆53Updated this week
Related projects: ⓘ
- Manager of third-party sources of Semgrep rules 🗂☆74Updated last month
- Coverage-Guided Greybox Distributed Fuzzer☆127Updated last month
- CQ, a code security scanner☆97Updated 4 months ago
- Automatically fuzz Rust projects from scratch☆52Updated 4 months ago
- ☆31Updated last year
- Common Corpus is used to build coverage-minimized corpus data sets for fuzzing.☆23Updated last year
- Resources for Browser Security Research☆21Updated 2 years ago
- Toolkit for creating cryptographic figures and videos.☆27Updated 4 months ago
- A detailed repository of vulnerabilities that I discovered in The Squid Caching Proxy.☆20Updated 3 months ago
- ☆75Updated 3 months ago
- Materials for the Binary Analysis Workshop presented at NorthSec 2020☆63Updated 3 years ago
- ☆115Updated last year
- ☆81Updated 2 months ago
- A curated list of argument injection vectors☆37Updated 3 weeks ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆95Updated 7 months ago
- Nuclei plugins to audit Chrome extensions☆64Updated 2 months ago
- A rust utility for instrumenting binaries, used in Holiday Hack Challenge 2021☆26Updated 2 years ago
- DEbian Cve REproducer Tool☆22Updated 11 months ago
- ☆41Updated 2 months ago
- An automated setup for fuzzing Redis w/ AFL++☆26Updated 2 years ago
- Command line fuzzer and bruteforcer 🌪 wfuzz for command☆85Updated 2 years ago
- My collection of Semgrep rules for vulnerability detection on source code (swift, java)☆30Updated 6 months ago
- CodeQL queries developed by Trail of Bits☆72Updated 3 weeks ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆127Updated last year
- A coverage-guided REST API fuzzer developed on top of LibAFL☆67Updated this week
- Leveraging patch diffing to discover new vulnerabilities☆101Updated last year
- Atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆46Updated 2 weeks ago
- Informational Repository tracking times that real world bugs have come out of CTF challenges intentionally or otherwise☆55Updated last year
- Leveraging CVEs as North Stars in vulnerability discovery and comprehension.☆55Updated 5 months ago
- An extension to use Semgrep inside Burp Suite.☆86Updated last year