| 2024-11-19 |
Evaluating Solidity support in AI coding assistants |
Artificial Intelligence ‧ Trail of Bits |
|
| 2024-11-14 |
Attestations: A new generation of signatures on PyPI |
Uncategorized ‧ William Woodruff |
|
| 2024-11-13 |
Killing Filecoin nodes |
Blockchain ‧ Trail of Bits |
|
| 2024-10-31 |
Fuzzing between the lines in popular barcode software |
Application Security ‧ Trail of Bits |
|
| 2024-10-25 |
A deep dive into Linux’s new mseal syscall |
Linux ‧ Trail of Bits |
|
| 2024-10-11 |
Auditing Gradio 5, Hugging Face’s ML GUI framework |
Machine Learning ‧ Trail of Bits |
|
| 2024-10-01 |
Securing the software supply chain with the SLSA framework |
Application Security ‧ Trail of Bits |
|
| 2024-09-24 |
A few notes on AWS Nitro Enclaves: Attack surface |
Application Security ‧ Trail of Bits |
|
| 2024-09-19 |
Announcing the Trail of Bits and Semgrep partnership |
Semgrep ‧ Trail of Bits |
|
| 2024-09-17 |
Inside DEF CON: Michael Brown on how AI/ML is revolutionizing cybersecurity |
AIxCC ‧ Trail of Bits |
|
| 2024-09-13 |
Friends don’t let friends reuse nonces |
Cryptography ‧ Trail of Bits |
|
| 2024-09-10 |
Sanitize your C++ containers: ASan annotations step-by-step |
Application Security ‧ Trail of Bits |
|
| 2024-09-06 |
“Unstripping” binaries: Restoring debugging information in GDB with Pwndbg |
Application Security ‧ Trail of Bits |
|
| 2024-09-05 |
What would you do with that old GPU? |
Research Practice ‧ Trail of Bits |
|
| 2024-08-27 |
Provisioning cloud infrastructure the wrong way, but faster |
Machine Learning ‧ Trail of Bits |
|
| 2024-08-21 |
“YOLO” is not a valid hash construction |
Cryptography ‧ Trail of Bits |
|
| 2024-08-15 |
We wrote the code, and the code won |
Cryptography ‧ Dan Guido |
|
| 2024-08-13 |
Trail of Bits Advances to AIxCC Finals |
AIxCC ‧ Dan Guido |
|
| 2024-08-09 |
Trail of Bits’ Buttercup heads to DARPA’s AIxCC |
AIxCC ‧ Trail of Bits |
|
| 2024-08-07 |
Beyond the best: A new era of recommendations |
Policy ‧ Trail of Bits |
|
| 2024-08-05 |
Cloud cryptography demystified: Google Cloud Platform |
Cryptography ‧ Trail of Bits |
|
| 2024-07-30 |
Our audit of Homebrew |
Research Practice ‧ Trail of Bits |
|
| 2024-07-25 |
Our crypto experts answer 10 key questions |
Cryptography ‧ Trail of Bits |
|
| 2024-07-12 |
Announcing AES-GEM (AES with Galois Extended Mode) |
Cryptography ‧ Trail of Bits |
|
| 2024-07-09 |
Trail of Bits named a leader in cybersecurity consulting services |
Press Release ‧ Trail of Bits |
|
| 2024-07-05 |
Auditing the Ask Astro LLM Q&A app |
Machine Learning ‧ Trail of Bits |
|
| 2024-07-01 |
Quantum is unimportant to post-quantum |
Cryptography ‧ Trail of Bits |
|
| 2024-06-24 |
Disarming Fiat-Shamir footguns |
Cryptography ‧ Trail of Bits |
|
| 2024-06-21 |
EuroLLVM 2024 trip report |
Compilers ‧ Trail of Bits |
|
| 2024-06-18 |
Themes from Real World Crypto 2024 |
Conferences ‧ Trail of Bits |
|
| 2024-06-17 |
Finding mispriced opcodes with fuzzing |
Fuzzing ‧ Trail of Bits |
|
| 2024-06-15 |
Understanding Apple’s On-Device and Server Foundation Models release |
Machine Learning ‧ Trail of Bits |
|
| 2024-06-15 |
PCC: Bold step forward, not without flaws |
Machine Learning ‧ Trail of Bits |
|
| 2024-06-14 |
Announcing the Burp Suite Professional chapter in the Testing Handbook |
Application Security ‧ Trail of Bits |
|
| 2024-06-11 |
Exploiting ML models with pickle file attacks: Part 2 |
Machine Learning ‧ Trail of Bits |
|
| 2024-06-11 |
Exploiting ML models with pickle file attacks: Part 1 |
Machine Learning ‧ Trail of Bits |
|
| 2024-06-07 |
Announcing AI/ML safety and security trainings |
Machine Learning ‧ Trail of Bits |
|
| 2024-05-16 |
Understanding AddressSanitizer: Better memory safety for your code |
Application Security ‧ Trail of Bits |
|
| 2024-05-14 |
A peek into build provenance for Homebrew |
Cryptography ‧ Trail of Bits |
|
| 2024-05-08 |
Using benchmarks to speed up Echidna |
Blockchain ‧ Trail of Bits |
|
| 2024-05-02 |
The life and times of an Abstract Syntax Tree |
Compilers ‧ Trail of Bits |
|
| 2024-04-30 |
Curvance: Invariants unleashed |
Audits ‧ Trail of Bits |
|
| 2024-04-26 |
Announcing two new LMS libraries |
Cryptography ‧ Trail of Bits |
|
| 2024-04-15 |
5 reasons to strive for better disclosure processes |
Uncategorized ‧ Trail of Bits |
|
| 2024-03-29 |
Introducing Ruzzy, a coverage-guided Ruby fuzzer |
Application Security ‧ Trail of Bits |
|
| 2023-08-29 |
Secure your Apollo GraphQL server with Semgrep |
Semgrep ‧ Trail of Bits |
|
| 2023-08-28 |
iVerify is now an independent company! |
iVerify ‧ Dan Guido |
|
| 2023-08-23 |
The Engineer’s Guide to Blockchain Finality |
Vulnerability Disclosure ‧ Trail of Bits |
|
| 2023-08-14 |
Can you pass the Rekt test? |
Blockchain ‧ Trail of Bits |
|
| 2023-08-09 |
Use our suite of eBPF libraries |
Uncategorized ‧ Trail of Bits |
|
| 2023-08-02 |
A mistake in the bulletproofs paper could have led to the theft of millions of dollars |
Cryptography ‧ Trail of Bits |
|
| 2023-07-31 |
How AI will affect cybersecurity: What we told the CFTC |
Machine Learning ‧ Dan Guido |
|
| 2023-07-28 |
The future of Clang-based tooling |
Compilers ‧ Trail of Bits |
|
| 2023-07-26 |
Announcing the Trail of Bits Testing Handbook |
Uncategorized ‧ Trail of Bits |
|
| 2023-07-21 |
Fuzzing on-chain contracts with Echidna |
Blockchain ‧ Trail of Bits |
|
| 2023-07-19 |
Trail of Bits’s Response to OSTP National Priorities for AI RFI |
Machine Learning ‧ Trail of Bits |
|
| 2023-07-14 |
Evaluating blockchain security maturity |
Audits ‧ Dan Guido |
|
| 2023-07-12 |
What we told the CFTC about blockchain threats |
Blockchain ‧ Trail of Bits |
|
| 2023-07-07 |
Differential fuzz testing upgradeable smart contracts with Diffusc |
Uncategorized ‧ Trail of Bits |
|
| 2023-07-05 |
Differential fuzz testing upgradeable smart contracts with Diffusc |
Uncategorized ‧ Trail of Bits |
|
| 2023-06-16 |
Trail of Bits’s Response to NTIA AI Accountability RFC |
Machine Learning ‧ Trail of Bits |
|
| 2023-06-15 |
Finding bugs in C code with Multi-Level IR and VAST |
Compilers ‧ Trail of Bits |
|
| 2023-05-23 |
Trusted publishing: a new benchmark for packaging security |
Ecosystem Security ‧ William Woodruff |
|
| 2023-05-16 |
Real World Crypto 2023 Recap |
Conferences ‧ Trail of Bits |
|
| 2023-05-15 |
Introducing Windows Notification Facility’s (WNF) Code Integrity |
Research Practice ‧ Trail of Bits |
|
| 2023-04-25 |
What should governments consider when getting involved with blockchain? |
Blockchain ‧ Trail of Bits |
|
| 2023-04-20 |
Typos that omit security features and how to test for them |
Audits ‧ Dominik 'disconnect3d' Czarnota |
|
| 2023-04-18 |
A Winter’s Tale: Improving messages and types in GDB’s Python API |
Internship Projects ‧ Trail of Bits |
|
| 2023-03-31 |
How to avoid the aCropalypse |
Uncategorized ‧ Trail of Bits |
|
| 2023-03-22 |
Can you pass The Rekt Test? |
Uncategorized ‧ Trail of Bits |
|
| 2023-03-22 |
Codex (and GPT-4) can’t beat humans on smart contract audits |
Blockchain ‧ Dan Guido |
|
| 2023-03-21 |
Circomspect has more passes! |
Blockchain ‧ Trail of Bits |
|
| 2023-03-14 |
We need a new way to measure AI security |
Audits ‧ Trail of Bits |
|
| 2023-02-27 |
Reusable properties for Ethereum contracts |
Blockchain ‧ Trail of Bits |
|
| 2023-02-23 |
Escaping well-configured VSCode extensions (for profit) |
Uncategorized ‧ Trail of Bits |
|
| 2023-02-21 |
Escaping misconfigured VSCode extensions |
Exploits ‧ Trail of Bits |
|
| 2023-02-16 |
Readline crime: exploiting a SUID logic bug |
Attacks ‧ Trail of Bits |
|
| 2023-02-14 |
cURL audit: How a joke led to significant findings |
Audits ‧ Trail of Bits |
|
| 2023-01-19 |
Harnessing the eBPF Verifier |
Internship Projects ‧ Trail of Bits |
|
| 2023-01-17 |
Introducing RPC Investigator |
Engineering Practice ‧ Trail of Bits |
|
| 2023-01-13 |
Announcing a stable release of sigstore-python |
Uncategorized ‧ Trail of Bits |
|
| 2023-01-12 |
Keeping the wolves out of wolfSSL |
Cryptography ‧ tobgreg |
|
| 2023-01-10 |
Another prolific year of open-source contributions |
Year in Review ‧ Trail of Bits |
|
| 2022-12-23 |
How to share what you’ve learned from our audits |
Audits ‧ Trail of Bits |
|
| 2022-12-22 |
Fast and accurate syntax searching for C and C++ |
Compilers ‧ Trail of Bits |
|
| 2022-12-20 |
What child is this? |
Program Analysis ‧ Trail of Bits |
|
| 2022-12-15 |
How I gave ManticoreUI a makeover |
Manticore ‧ Trail of Bits |
|
| 2022-12-13 |
Manticore GUIs made easy |
Binary Ninja ‧ Trail of Bits |
|
| 2022-12-08 |
Hybrid fuzzing: Sharpening the spikes of Echidna |
Fuzzing ‧ Trail of Bits |
|
| 2022-11-29 |
Specialized Zero-Knowledge Proof failures |
Cryptography ‧ Trail of Bits |
|
| 2022-11-15 |
ABI compatibility in Python: How hard could it be? |
Audits ‧ Trail of Bits |
|
| 2022-11-14 |
We’re streamers now |
Education ‧ Trail of Bits |
|
| 2022-11-10 |
Look out! Divergent representations are everywhere! |
Binary Ninja ‧ Trail of Bits |
|
| 2022-11-08 |
We sign code now |
Cryptography ‧ Trail of Bits |
|
| 2022-10-25 |
Stranger Strings: An exploitable flaw in SQLite |
Attacks ‧ Trail of Bits |
|
| 2022-10-18 |
We do Windows now |
Careers ‧ Trail of Bits |
|
| 2022-10-12 |
Porting the Solana eBPF JIT compiler to ARM64 |
Blockchain ‧ Trail of Bits |
|
| 2022-10-05 |
Working on blockchains as a Trail of Bits intern |
Blockchain ‧ Trail of Bits |
|
| 2022-10-03 |
Secure your machine learning with Semgrep |
Machine Learning ‧ Trail of Bits |
|
| 2022-09-15 |
It pays to be Circomspect |
Uncategorized ‧ Trail of Bits |
|
