Rust Security tools Resources

CVE-2024-24576 PoC The Command::arg and Command::args APIs state in their documentation that the arguments will be passed to the spawned process as-is

atomicslice A Rust library for thread-safe shared slices that are just about as fast as possible to read while also being writable. Overview Use Atomi

EPI EPI (Entry Point Injection) is a tool that leverages a new threadless process injection technique that relies on hijacking loaded dll's entry poin

Heartbleed 💔 Heartbleed vulnerability exploit written in Rust What is it Heartbleed is a buffer over-read vulnerability in outdated versions of OpenS

Description This tool looks for either the processes that have a certain binary loaded or the processes that don't. This is useful in the following sc

PID Controller Simualation A Proportional-Integral-Derivative controller to self balance a ball on a rolling cart. Use arrow keys to control the cart,

Overview Vuln Reach is a library for developing tools that determine if a given vulnerability is reachable. Provided to the open source community by P

TrojanX A Trojan-based proxy implementation. Attention Early Version This is an early version. Security, features, and potential bugs may be insuffici

Introduction Note This is a fork of topgrade by r-darwish to keep it maintained. Keeping your system up to date usually involves invoking multiple pac

Description A fiber is a unit of execution that must be manually scheduled by the application rather than rely on the priority-based scheduling mechan

Ronflex Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with 3 for penteste

Domo Arigato A simple command line tool which quickly audits the Disallow entries of a site's robots.txt. Disallow entries can be used to stop search

subscout is a simple, nimble subdomain enumeration tool written in Rust language. It is designed to help bug bounty hunters, security professionals and penetration testers discover subdomains of a given target domain.

h3o h3o is a system-dependency free package to interact with the H3 Geospatial Indexing system by Uber. h3o utilizes the Rust library h3o with is a pu

tdl tdl is a rust implementation of the Python Script Tidal-Media-Downloader. Overview tdl offers significant performance improvements over the origin

apt-swarm An attempt to make a secure public p2p protocol that gossips about signed InRelease files to implement an update transparency log. Running a

h3o Rust implementation of the H3 geospatial indexing system. Design This is not a binding of the reference implementation, but a reimplementation fro

thc — The H3 Compressor This library allows to compress an H3 cell set into a compacted space-efficient representation. This is especially useful for

owowon - A small oscilloscope UI for the Owon HDS series portable oscilloscopes Screenshot of the program, reading a 10 MHz sinewave generated by the

➡️ Discord | Installation Guide | Usage Guide ⬅️ The Modern Port Scanner. Fast, smart, effective. 🐋 Docker (Recommended) 👩‍💻 Kali / Debian 🏗️ Arch

Mullvad VPN desktop and mobile app Welcome to the Mullvad VPN client app. This repository contains all the source code for the desktop and mobile vers

OneFuzz A self-hosted Fuzzing-As-A-Service platform Project OneFuzz enables continuous developer-driven fuzzing to proactively harden software prior t

Miri An experimental interpreter for Rust's mid-level intermediate representation (MIR). It can run binaries and test suites of cargo projects and det

Black Hat Rust Applied offensive security with the Rust programming language Buy the book now! While the Rust Book does an excellent job teaching What

Proptest Introduction Proptest is a property testing framework (i.e., the QuickCheck family) inspired by the Hypothesis framework for Python. It allow

Alternative implementation of the Bitwarden server API written in Rust and compatible with upstream Bitwarden clients*, perfect for self-hosted deploy

DebugOff Library Linux anti-analysis Rust library The goal of this library is to make both static and dynamic (debugging) analysis more difficult. The

OpenSK This repository contains a Rust implementation of a FIDO2 authenticator. We developed OpenSK as a Tock OS application. We intend to bring a ful

LibAFL, the fuzzer library. Advanced Fuzzing Library - Slot your own fuzzers together and extend their features using Rust. LibAFL is written and main

moonwalk Cover your tracks during Linux Exploitation / Penetration Testing by leaving zero traces on system logs and filesystem timestamps. 📖 Table o

innernet A private network system that uses WireGuard under the hood. See the announcement blog post for a longer-winded explanation. innernet is simi

Fuzzcheck Fuzzcheck is a modular, structure-aware, and feedback-driven fuzzing engine for Rust functions. Given a function test: (T) - bool, you can

Ad Block engine in Rust Native Rust module for Adblock Plus syntax (e.g. EasyList, EasyPrivacy) filter parsing and matching. It uses a tokenisation ap

RustSec Crates 🦀 🛡️ 📦 The RustSec Advisory Database is a repository of security advisories filed against Rust crates published via crates.io. The a

image credit cargo-crev A cryptographically verifiable code review system for the cargo (Rust) package manager. Introduction Crev is a language and ec

MimiRust - Hacking the Windows operating system to hand us the keys to the kingdom with Rust. ███▄ ▄███▓ ██▓ ███▄ ▄███▓ ██▓ ██▀███ █ ██ ██

cargo-geiger ☢️ Looking for maintainer: https://github.com/rust-secure-code/cargo-geiger/issues/210 A program that lists statistics related to the usa

BoringTun BoringTun is an implementation of the WireGuard® protocol designed for portability and speed. BoringTun is successfully deployed on millions

Breaking your Rust code for fun & profit this is an architecture-preview, not all components are there This is a mutation testing framework for Rust c

FunctionStomping Description This is a brand-new technique for shellcode injection to evade AVs and EDRs. This technique is inspired by Module Stompin

MPC over Signal Overview This library provides a high-level interface for connecting to Signal Server and using it to exchange messages with other con

Memory hacking library for windows.

Mundane Mundane is a Rust cryptography library backed by BoringSSL that is difficult to misuse, ergonomic, and performant (in that order). Issues and

microkv Minimal and persistent key-value store designed with security in mind. Introduction microkv is a persistent key-value store implemented in Rus

macOS/iOS Security framework for Rust Documentation Bindings to the Apple's Security.framework. Allows use of TLS and Keychain from Rust. License Lice

heim Cross-platform library for system information fetching heim is an ongoing attempt to create the best tool for system information fetching (ex., C

Overview rr is a lightweight tool for recording, replaying and debugging execution of applications (trees of processes and threads). Debugging extends

Biscuit authentication/authorization token Goals Biscuit is an authentication and authorization token for microservices architectures with the followi

rshijack tcp connection hijacker, rust rewrite of shijack from 2001. This was written for TAMUctf 2018, brick house 100. The target was a telnet serve

RedBPF A Rust eBPF toolchain. Overview The redbpf project is a collection of tools and libraries to build eBPF programs using Rust. It includes: redbp

RustSec Advisory Database The RustSec Advisory Database is a repository of security advisories filed against Rust crates published via https://crates.

Our mission is to enable secure, multi-tenant, minimal-overhead execution of container and function workloads. Read more about the Firecracker Charter

haybale: Symbolic execution of LLVM IR, written in Rust haybale is a general-purpose symbolic execution engine written in Rust. It operates on LLVM IR

Skanuvaty Dangerously fast dns/network/port scanner, all-in-one. Start with a domain, and we'll find everything about it. Features: Finds subdomains f