Capability-based sandboxes with fine-grained policies . Brokering access directly within the agent's operating context, with zero setup and zero latency

A save game exploit for Rollercoaster Tycoon 1, as presented at Districtcon Junkyard 2026

Real-time face swap for PC streaming or video calls

Python port of Bluefluff. Resurrect your Furby Connect.

Microsoft's public Common Annotated Security Key (CASK) standard specification, C# reference API + tests, etc.

get things from one computer to another, safely

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Jaqen - Simple DNS rebinding

Cybersecurity AI (CAI), the framework for AI Security

Casting light on shadow cloud deployments. Detect exposure of resources deployed in AWS or GCP.

Next generation web scanner

A web interface for ComputerCraft

Programmable, asynchronous, event-based reverse proxy for JVM.

SL(1): Cure your bad habit of mistyping

Iconic font aggregator, collection, & patcher. 3,600+ icons, 50+ patched fonts: Hack, Source Code Pro, more. Glyph collections: Font Awesome, Material Design Icons, Octicons, & more

Fast web fuzzer written in Go

Python code that removes weak redactions from PDF files.

Project for identifying executables that have command-line options that can be obfuscated, possibly bypassing detection rules.

Publications from Trail of Bits

Integrated web scraper and email account data breach comparison tool

Tool for building Kubernetes attack paths

A virtual monitor for screen sharing

Example repository for GitHub Actions Time of Check to Time of Use (TOCTOU vulnerabilities)

🏡 Open source home automation that puts local control and privacy first.

A lightweight CLI to control your Elgato Key Lights

A Google App Script that adds notification reminders for the previous day when you have early events

Automatic Ripping Machine (ARM) Scripts