Starred repositories
Fully autonomous AI hacker to find actual exploits in your web apps. Shannon has achieved a 96.15% success rate on the hint-free, source-aware XBOW Benchmark.
AGENTS.md — a simple, open format for guiding coding agents
A collection of skills for AI coding agents from Semgrep
The easiest, most secure way to use WireGuard and 2FA.
🎥 Make videos programmatically with React
A macOS app that provides an MCP server to your Messages, Contacts, Reminders and more
Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows
An Open-source Framework for Human Understanding, Meaning, and Progress.
Telos is an open-sourced framework for creating Deep Context about things that matter to humans.
Agentic AI Infrastructure for magnifying HUMAN capabilities.
Open-source AI hackers to find and fix your app’s vulnerabilities.
OpenSSF Scorecard - Security health metrics for Open Source
A demonstration of vulnerabilities analyzer based on CVE attributes, EPSS scores and simple Bayesian calculation. Showing how scanner-reported severities get refined based on actual exploitation pr…
High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)
Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, and orchestrating security tool usage, we confi…
OWASP Foundation web repository
A security system to protect your vibecoded apps
A tool for creating and running Linux containers using lightweight virtual machines on a Mac. It is written in Swift, and optimized for Apple silicon.
AI Security Shared Responsibility Model
CodeQL zero to hero blog post series challenges
CodeQL workshop materials for Secure Open Source Fund 2025.
CodeQL workshop presented during OrangeCon 2024 in Amsterdam. Learn how to use CodeQL for security research.
Streaming and realtime audio manipulation with AVAudioEngine
An AudioPlayer/Streaming library for iOS written in Swift using AVAudioEngine.