| 2024-05-02 |
The life and times of an Abstract Syntax Tree |
Compilers ‧ Trail of Bits |
|
| 2024-04-30 |
Curvance: Invariants unleashed |
Audits ‧ Trail of Bits |
|
| 2024-04-26 |
Announcing two new LMS libraries |
Cryptography ‧ Trail of Bits |
|
| 2024-04-15 |
5 reasons to strive for better disclosure processes |
Uncategorized ‧ Trail of Bits |
|
| 2024-03-29 |
Introducing Ruzzy, a coverage-guided Ruby fuzzer |
Application Security ‧ Trail of Bits |
|
| 2023-08-29 |
Secure your Apollo GraphQL server with Semgrep |
Semgrep ‧ Trail of Bits |
|
| 2023-08-28 |
iVerify is now an independent company! |
iVerify ‧ Dan Guido |
|
| 2023-08-23 |
The Engineer’s Guide to Blockchain Finality |
Vulnerability Disclosure ‧ Trail of Bits |
|
| 2023-08-14 |
Can you pass the Rekt test? |
Blockchain ‧ Trail of Bits |
|
| 2023-08-09 |
Use our suite of eBPF libraries |
Uncategorized ‧ Trail of Bits |
|
| 2023-08-02 |
A mistake in the bulletproofs paper could have led to the theft of millions of dollars |
Cryptography ‧ Trail of Bits |
|
| 2023-07-31 |
How AI will affect cybersecurity: What we told the CFTC |
Machine Learning ‧ Dan Guido |
|
| 2023-07-28 |
The future of Clang-based tooling |
Compilers ‧ Trail of Bits |
|
| 2023-07-26 |
Announcing the Trail of Bits Testing Handbook |
Uncategorized ‧ Trail of Bits |
|
| 2023-07-21 |
Fuzzing on-chain contracts with Echidna |
Blockchain ‧ Trail of Bits |
|
| 2023-07-19 |
Trail of Bits’s Response to OSTP National Priorities for AI RFI |
Machine Learning ‧ Trail of Bits |
|
| 2023-07-14 |
Evaluating blockchain security maturity |
Audits ‧ Dan Guido |
|
| 2023-07-12 |
What we told the CFTC about blockchain threats |
Blockchain ‧ Trail of Bits |
|
| 2023-07-07 |
Differential fuzz testing upgradeable smart contracts with Diffusc |
Uncategorized ‧ Trail of Bits |
|
| 2023-07-05 |
Differential fuzz testing upgradeable smart contracts with Diffusc |
Uncategorized ‧ Trail of Bits |
|
| 2023-06-16 |
Trail of Bits’s Response to NTIA AI Accountability RFC |
Machine Learning ‧ Trail of Bits |
|
| 2023-06-15 |
Finding bugs in C code with Multi-Level IR and VAST |
Compilers ‧ Trail of Bits |
|
| 2023-05-23 |
Trusted publishing: a new benchmark for packaging security |
Ecosystem Security ‧ William Woodruff |
|
| 2023-05-16 |
Real World Crypto 2023 Recap |
Conferences ‧ Trail of Bits |
|
| 2023-05-15 |
Introducing Windows Notification Facility’s (WNF) Code Integrity |
Research Practice ‧ Trail of Bits |
|
| 2023-04-25 |
What should governments consider when getting involved with blockchain? |
Blockchain ‧ Trail of Bits |
|
| 2023-04-20 |
Typos that omit security features and how to test for them |
Audits ‧ Dominik 'disconnect3d' Czarnota |
|
| 2023-04-18 |
A Winter’s Tale: Improving messages and types in GDB’s Python API |
Internship Projects ‧ Trail of Bits |
|
| 2023-03-31 |
How to avoid the aCropalypse |
Uncategorized ‧ Trail of Bits |
|
| 2023-03-22 |
Can you pass The Rekt Test? |
Uncategorized ‧ Trail of Bits |
|
| 2023-03-22 |
Codex (and GPT-4) can’t beat humans on smart contract audits |
Blockchain ‧ Dan Guido |
|
| 2023-03-21 |
Circomspect has more passes! |
Blockchain ‧ Trail of Bits |
|
| 2023-03-14 |
We need a new way to measure AI security |
Audits ‧ Trail of Bits |
|
| 2023-02-27 |
Reusable properties for Ethereum contracts |
Blockchain ‧ Trail of Bits |
|
| 2023-02-23 |
Escaping well-configured VSCode extensions (for profit) |
Uncategorized ‧ Trail of Bits |
|
| 2023-02-21 |
Escaping misconfigured VSCode extensions |
Exploits ‧ Trail of Bits |
|
| 2023-02-16 |
Readline crime: exploiting a SUID logic bug |
Attacks ‧ Trail of Bits |
|
| 2023-02-14 |
cURL audit: How a joke led to significant findings |
Audits ‧ Trail of Bits |
|
| 2023-01-19 |
Harnessing the eBPF Verifier |
Internship Projects ‧ Trail of Bits |
|
| 2023-01-17 |
Introducing RPC Investigator |
Engineering Practice ‧ Trail of Bits |
|
| 2023-01-13 |
Announcing a stable release of sigstore-python |
Uncategorized ‧ Trail of Bits |
|
| 2023-01-12 |
Keeping the wolves out of wolfSSL |
Cryptography ‧ tobgreg |
|
| 2023-01-10 |
Another prolific year of open-source contributions |
Year in Review ‧ Trail of Bits |
|
| 2022-12-23 |
How to share what you’ve learned from our audits |
Audits ‧ Trail of Bits |
|
| 2022-12-22 |
Fast and accurate syntax searching for C and C++ |
Compilers ‧ Trail of Bits |
|
| 2022-12-20 |
What child is this? |
Program Analysis ‧ Trail of Bits |
|
| 2022-12-15 |
How I gave ManticoreUI a makeover |
Manticore ‧ Trail of Bits |
|
| 2022-12-13 |
Manticore GUIs made easy |
Binary Ninja ‧ Trail of Bits |
|
| 2022-12-08 |
Hybrid fuzzing: Sharpening the spikes of Echidna |
Fuzzing ‧ Trail of Bits |
|
| 2022-11-29 |
Specialized Zero-Knowledge Proof failures |
Cryptography ‧ Trail of Bits |
|
| 2022-11-15 |
ABI compatibility in Python: How hard could it be? |
Audits ‧ Trail of Bits |
|
| 2022-11-14 |
We’re streamers now |
Education ‧ Trail of Bits |
|
| 2022-11-10 |
Look out! Divergent representations are everywhere! |
Binary Ninja ‧ Trail of Bits |
|
| 2022-11-08 |
We sign code now |
Cryptography ‧ Trail of Bits |
|
| 2022-10-25 |
Stranger Strings: An exploitable flaw in SQLite |
Attacks ‧ Trail of Bits |
|
| 2022-10-18 |
We do Windows now |
Careers ‧ Trail of Bits |
|
| 2022-10-12 |
Porting the Solana eBPF JIT compiler to ARM64 |
Blockchain ‧ Trail of Bits |
|
| 2022-10-05 |
Working on blockchains as a Trail of Bits intern |
Blockchain ‧ Trail of Bits |
|
| 2022-10-03 |
Secure your machine learning with Semgrep |
Machine Learning ‧ Trail of Bits |
|
| 2022-09-15 |
It pays to be Circomspect |
Uncategorized ‧ Trail of Bits |
|
| 2022-08-25 |
Magnifier: An Experiment with Interactive Decompilation |
Internship Projects ‧ Trail of Bits |
|
| 2022-08-17 |
Using mutants to improve Slither |
Uncategorized ‧ Trail of Bits |
|
| 2022-08-12 |
The road to the apprenticeship |
Uncategorized ‧ Trail of Bits |
|
| 2022-07-28 |
Shedding smart contract storage with Slither |
Blockchain ‧ Trail of Bits |
|
| 2022-07-01 |
libmagic: The Blathering |
Uncategorized ‧ Evan Sultanik |
|
| 2022-06-30 |
A Typical Day as a Trail of Bits Engineer-Consultant |
Careers ‧ Nick Selby |
|
| 2022-06-28 |
The Trail of Bits Hiring Process |
Meta ‧ Nick Selby |
|
| 2022-06-24 |
Managing risk in blockchain deployments |
Blockchain ‧ Trail of Bits |
|
| 2022-06-21 |
Are blockchains decentralized? |
DARPA ‧ Trail of Bits |
|
| 2022-06-21 |
Announcing the new Trail of Bits podcast |
Meta ‧ Trail of Bits |
|
| 2022-06-09 |
Themes from PyCon US 2022 |
Conferences ‧ Trail of Bits |
|
| 2022-05-17 |
Interactive decompilation with rellic-xref |
Uncategorized ‧ Trail of Bits |
|
| 2022-05-03 |
Themes from Real World Crypto 2022 |
Compilers ‧ William Woodruff |
|
| 2022-04-26 |
Improving the state of go-fuzz |
Uncategorized ‧ Trail of Bits |
|
| 2022-04-20 |
Amarna: Static analysis for Cairo programs |
Cryptography ‧ fcasal |
|
| 2022-04-18 |
The Frozen Heart vulnerability in PlonK |
Uncategorized ‧ James Miller |
|
| 2022-04-15 |
The Frozen Heart vulnerability in Bulletproofs |
Uncategorized ‧ James Miller |
|
| 2022-04-14 |
The Frozen Heart vulnerability in Girault’s proof of knowledge |
Uncategorized ‧ James Miller |
|
| 2022-04-13 |
Coordinated disclosure of vulnerabilities affecting Girault, Bulletproofs, and PlonK |
Uncategorized ‧ James Miller |
|
| 2022-03-25 |
Towards Practical Security Optimizations for Binaries |
Attacks ‧ Trail of Bits |
|
| 2022-03-02 |
Optimizing a smart contract fuzzer |
Uncategorized ‧ Trail of Bits |
|
| 2022-02-23 |
Maat: Symbolic execution made easy |
Symbolic Execution ‧ Boyan MILANOV |
|
| 2022-02-01 |
Part 2: Improving crypto code in Rust using LLVM’s optnone |
Cryptography ‧ Henrik Brodin |
|
| 2022-01-26 |
Part 1: The life of an optimization barrier |
Cryptography ‧ Fredrik Dahlgren |
|
| 2022-01-19 |
C your data structures with rellic-headergen |
Uncategorized ‧ Trail of Bits |
|
| 2022-01-11 |
Finding unhandled errors using CodeQL |
CodeQL ‧ Fredrik Dahlgren |
|
| 2022-01-05 |
Toward a Best-of-Both-Worlds Binary Disassembler |
Research Practice ‧ Trail of Bits |
|
| 2021-12-31 |
Celebrating our 2021 Open Source Contributions |
Uncategorized ‧ Sam Moelius |
|
| 2021-12-21 |
Disclosing Shamir’s Secret Sharing vulnerabilities and announcing ZKDocs |
Uncategorized ‧ James Miller |
|
| 2021-12-17 |
Detecting MISO and Opyn’s msg.value reuse vulnerability with Slither |
Attacks ‧ Trail of Bits |
|
| 2021-12-16 |
What does your code use, and is it vulnerable? It-depends (2021) |
O__________O |
|
| 2021-11-17 |
MUI: Visualizing symbolic execution with Manticore and Binary Ninja |
Binary Ninja ‧ Trail of Bits |
|
| 2021-11-12 |
How to choose an interesting project |
Uncategorized ‧ Trent Brunson |
|
| 2021-11-12 |
Motivating global stabilization |
Uncategorized ‧ Trent Brunson |
|
| 2021-11-10 |
Announcing osquery 5: Now with EndpointSecurity on macOS |
Uncategorized ‧ Trent Brunson |
|
| 2021-11-10 |
All your tracing are belong to BPF |
Uncategorized ‧ Trent Brunson |
|
| 2021-11-09 |
PrivacyRaven: Implementing a proof of concept for model inversion |
Uncategorized ‧ Trent Brunson |
|
| 2021-11-09 |
Write Rust lints without forking Clippy |
Uncategorized ‧ Trent Brunson |
|
| 2021-11-09 |
Discovering goroutine leaks with Semgrep |
Uncategorized ‧ Trent Brunson |
|
| 2021-04-02 |
Solar: Context-free, interactive analysis for Solidity |
Blockchain ‧ Trent Brunson |
|
