Python pickle
Fickling
Decompiler, static analyzer, and bytecode rewriter for Python pickle serializations.
View on GitHub
trailofbits/fickling
Best for
Reviewing model and package artifacts that move through unsafe serialization channels.
Surface
Python pickle
Catalog group
Protect Python, packaging, and ML-heavy workflows
Repository
trailofbits/fickling
From the README
Fickling is a decompiler, static analyzer, and bytecode rewriter for Python pickle object serializations. You can use fickling to detect, analyze, reverse engineer, or even create malicious pickle or pickle-based files, including PyTorch files. Fickling can be used both as a python library and a CLI. Fickling has been tested on Python 3.9 through Python 3.13 and has very few dependencies.Read the full README on GitHub ↗
Related tools · Protect Python, packaging, and ML-heavy workflows
- PrivacyRaven Privacy-testing library for deep-learning systems and privacy-preserving ML techniques.
- MPC-learning Multi-party computation library for machine-learning workflows built around a three-party protocol.
- abi3audit Scans Python extensions and wheels for abi3 compatibility violations across package histories.
- CVEdb Library and CLI for consuming NVD data directly without leaning on third-party APIs.