182 Repositories
Rust security-automation Libraries
Security advisory database for Rust crates published through crates.io
RustSec Advisory Database The RustSec Advisory Database is a repository of security advisories filed against Rust crates published via https://crates.
Firecracker takes your HTTP logs and uses them to map your API flows and to detect anomalies in them.
Who is BLST and what do we do? BLST (Business Logic Security Testing) is a startup company that's developing an automatic penetration tester, replacin
A CI inspired approach for local job automation.
nauman A CI inspired approach for local job automation. Features • Installation • Usage • FAQ • Examples • Job Syntax About nauman is an easy-to-use j
Audit Cargo.lock files for dependencies with security vulnerabilities
RustSec Crates 🦀 🛡️ 📦 The RustSec Advisory Database is a repository of security advisories filed against Rust crates published via crates.io. The a
Applied offensive security with the Rust programming language
Black Hat Rust Applied offensive security with the Rust programming language Buy the book now! While the Rust Book does an excellent job teaching What
Minimal and persistent key-value store designed with security in mind
microkv Minimal and persistent key-value store designed with security in mind. Introduction microkv is a persistent key-value store implemented in Rus
Bindings to the macOS Security.framework
macOS/iOS Security framework for Rust Documentation Bindings to the Apple's Security.framework. Allows use of TLS and Keychain from Rust. License Lice
A Rust implementation of the Message Layer Security group messaging protocol
Molasses An extremely early implementation of the Message Layer Security group messaging protocol. This repo is based on draft 4 of the MLS protocol s
Small container runtime for threat detection
confine Containers, but for dynamic malware analysis confine is a container runtime for dynamically analyzing suspicious executables. Given a sample s
The Swiss Army Knife for Binary (In)security
binsec Swiss Army Knife for Binary (In)security binsec is a minimal static analysis utility for detecting security capabilities in ELF/PE/Mach-O execu
Xori is an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode
Xori - Custom disassembly framework Xori is an automation-ready disassembly and static analysis library that consumes shellcode or PE binaries and pro
Custom memory allocator that helps discover reads from uninitialized memory
libdiffuzz: security-oriented alternative to Memory Sanitizer This is a drop-in replacement for OS memory allocator that can be used to detect uses of
A utility like pkg-audit for Arch Linux. Based on Arch Security Team data.
arch-audit pkg-audit-like utility for Arch Linux. Based on data from security.archlinux.org collected by the awesome Arch Security Team. Installation
A cryptographically verifiable code review system for the cargo (Rust) package manager.
image credit cargo-crev A cryptographically verifiable code review system for the cargo (Rust) package manager. Introduction Crev is a language and ec
Find the ideal fuzz targets in a Rust codebase
Siderophile Siderophile finds the "most unsafe" functions in your Rust codebase, so you can fuzz them or refactor them out entirely. It checks the cal
Independent verification of binary packages - reproducible builds
rebuilderd(1) Independent verification system of binary packages. Accessing a rebuilderd instance in your browser Scripting access to a rebuilderd ins
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
OpenSK This repository contains a Rust implementation of a FIDO2 authenticator. We developed OpenSK as a Tock OS application. We intend to bring a ful
An implementation of webauthn components for Rustlang servers
Webauthn-rs Webauthn is a modern approach to hardware based authentication, consisting of a user with an authenticator device, a browser or client tha
A paseto implementation in rust.
Paseto Rust Paseto is everything you love about JOSE (JWT, JWE, JWS) without any of the many design deficits that plague the JOSE standards. This is d
Use explicit container types with Scrypto! Leverage the Rust compiler's type checking to increase security and productivity when developing Radix blueprints.
Scrypto Static Types Use explicit container types with Scrypto! Leverage the Rust compiler's type checking to increase security and productivity when
suidsnoop is a tool based on eBPF LSM programs that logs whenever a suid binary is executed and implements custom allow/deny lists.
suidsnoop Log suid binaries and enforce per-uid suid policy. suidsnoop is a tool for logging whenever a suid binary is executed on your system and opt
Decode, explore, and sign JWTs
JWT Explorer A utility for inspecting, modifying, and attacking JWTs. Supports Windows and Linux and probably also works on macOS but this has not bee
An uploader honeypot designed to look like poor website security.
HoneyUp An uploader honeypot designed to look like poor website security. Requirements Linux server NGiNX Rust toolchain (build only) Installation Bui
Audit Cargo.lock files for dependencies with security vulnerabilities
RustSec Crates 🦀 🛡️ 📦 The RustSec Advisory Database is a repository of security advisories filed against Rust crates published via crates.io. The a
End-to-end encryption and mutual authentication for distributed applications.
✨ Hands-on Introduction: Build end-to-end encrypted, mutually-authenticated, secure messaging in Rust ✨ Rust and Elixir libraries for end-to-end encry
(Ab)using technology for fun & profit.
(Ab)using technology for fun & profit. Code accompanying my blog
GitLab Deploy is used for deploying software projects to multiple hosts during different phases.
GitLab Deploy is used for deploying software projects to multiple hosts during different phases. This program should be run on Linux.
Command line tool for cheap and efficient email automation written in Rust
Pigeon Pigeon is a command line tool for automating your email workflow in a cheap and efficient way. Utilize your most efficient dev tools you are al
Lightweight slowloris (HTTP DoS) implementation in Rust.
slowlorust Lightweight slowloris (HTTP DoS) implementation in Rust. Slowloris is a denial-of-service attack program which allows an attacker to overwh
An end-to-end encrypted, anonymous IP-hiding, decentralized, audio/video/file sharing/offline messaging multi-device platform built for both communications and application security and performance.
An end-to-end encrypted, anonymous IP-hiding, decentralized, audio/video/file sharing/offline messaging multi-device platform built for both communications and application security and performance.
Cross-platform GUI written in Rust using ADB to debloat non-rooted android devices. Improve your privacy, the security and battery life of your device.
Universal Android Debloater GUI DISCLAIMER: Use it at your own risk. I am not responsible for anything that could happen to your phone. This software
Keyscope is a key and secret workflow (validation, invalidation, etc.) tool built in Rust
✅ Automate your key and secret validation workflows 🤠 Over 30 different providers 🤖 Export to JSON, audit via CSV 🔑 Keyscope Keyscope is a key and
A suite of programs for Solana key management and security.
🔑 goki Goki is a suite of programs for Solana key management and security. It currently features: Goki Smart Wallet: A wallet loosely based on the Se
service_policy_kit is a Rust based toolkit for verifying HTTP services against policies.
Service Policy Kit service_policy_kit is a Rust based toolkit for verifying HTTP services against policies. You can: Build a complete testing framewor
desktop automation, screen capture, input listen/simulation, asar compress, color picker for nodejs and electron based on rust
desktop automation, screen capture, input listen/simulation, asar compress, color picker for nodejs and electron based on rust. 基于 Rust / WASM 提供截图、取色、键鼠事件监听模拟、压缩解压、图像处理、获取已安装应用等跨平台功能的现代异步 Nodejs 模块,占用空间小, 安装便捷, 使用简单, 高性能, 资源占用极小, 可取代 iohook 和 robotjs
Altruistic Angelshark is a project devoted to making Communication Manager (ACM) automation easier.
This project makes automating over one or more Communication Managers easier via OSSI over SSH.
kloak-rs: alternative implementation of kloak
An anti keystroke deanonymization tool that introduces random delays between key presses and releases to deter adversaries that use keystroke timing for identification.
Automate device security provisioning with edge intelligence.
UNiD Automate device security provisioning with edge intelligence Features Decentralized PKI(DPKI), DIDs, DKMS, and Credential Management End-to-End E
weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.
weggli Introduction weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify int
Libreddit - An alternative private front-end to Reddit
Libreddit - An alternative private front-end to Reddit
Experimental binary transparency for pacman with sigstore and rekor
pacman-bintrans This is an experimental implementation of binary transparency for pacman, the Arch Linux package manager. This project was originally
Shisho is a lightweight static analyzer for developers.
Lightweight static analyzer for several programming languages
Ruo is a dictionary-based password cracker written in rust 🦀 .
Ruo is a dictionary-based password cracker written in rust 🦀 . The primary purpose is to crack weak hashes/commonly used passwords.
Automated attack surface mapper and vulnerability scanner
Phaser Automated attack surface mapper and vulnerability scanner What is this? Phaser is a high-performance and automated attack surface mapper and vu
A Rust implementation of the Message Layer Security group messaging protocol
Molasses An extremely early implementation of the Message Layer Security group messaging protocol. This repo is based on draft 4 of the MLS protocol s
The Swiss Army Knife for Binary (In)security
binsec Swiss Army Knife for Binary (In)security binsec is a minimal static analysis utility for detecting security capabilities in ELF/PE/Mach-O execu
Xori is an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode
Xori - Custom disassembly framework Xori is an automation-ready disassembly and static analysis library that consumes shellcode or PE binaries and pro
Custom memory allocator that helps discover reads from uninitialized memory
libdiffuzz: security-oriented alternative to Memory Sanitizer This is a drop-in replacement for OS memory allocator that can be used to detect uses of
A utility like pkg-audit for Arch Linux. Based on Arch Security Team data.
arch-audit pkg-audit-like utility for Arch Linux. Based on data from security.archlinux.org collected by the awesome Arch Security Team. Installation
A cryptographically verifiable code review system for the cargo (Rust) package manager.
image credit cargo-crev A cryptographically verifiable code review system for the cargo (Rust) package manager. Introduction Crev is a language and ec
Find the ideal fuzz targets in a Rust codebase
Siderophile Siderophile finds the "most unsafe" functions in your Rust codebase, so you can fuzz them or refactor them out entirely. It checks the cal
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
OpenSK This repository contains a Rust implementation of a FIDO2 authenticator. We developed this as a Tock OS application and it has been successfull
An implementation of webauthn components for Rustlang servers
Webauthn-rs Webauthn is a modern approach to hardware based authentication, consisting of a user with an authenticator device, a browser or client tha
A paseto implementation in rust.
Paseto Rust Paseto is everything you love about JOSE (JWT, JWE, JWS) without any of the many design deficits that plague the JOSE standards. This is d
Curated list of awesome projects and resources related to Rust and computer security
Awesome Rust Security Curated list of awesome projects and resources related to Rust and computer security Table of Contents Tools Web and Cloud Secur
Imagine your SSH server only listens on an IPv6 address, and where the last 6 digits are changing every 30 seconds as a TOTP code...
tosh Imagine your SSH server only listens on an IPv6 address, and where the last 6 digits are changing every 30 seconds as a TOTP code... Inspired fro
server security proxy write by Rust
server-security-proxy server security proxy write by Rust how to use config toml file
Imagine the information security compliance guideline says you need an antivirus but you run Arch Linux
libredefender Imagine the information security compliance guideline says you need an antivirus but you run Arch Linux. libredefender is an antivirus p
Hidden parameters discovery suite
x8 Hidden parameters discovery suite written in Rust. How does it work Features Examples Send parameters via query Send parameters via body Custom tem
A cryptographically verifiable code review system for the cargo (Rust) package manager.
A cryptographically verifiable code review system for the cargo (Rust) package manager.
The simplest way to de-Google your life and business: Inbox, Calendar, Files, Contacts & much more
Bloom The all-in-one private workspace Try it for free! You no longer trust tech monopolies with your data? You are done with your privacy invaded by
Applied offensive security with Rust
Black Hat Rust - Early Access Deep dive into offensive security with the Rust programming language Buy the book now! Summary Whether in movies or main
Modern Cryptographic Firmware
Trussed® Modern Cryptographic Firmware Status Very much WIP. Actively developed. Unstable APIs.
Windows shellcode development in Rust
Write Windows Shellcode in Rust Project overview Windows shellcode project is located in shellcode/, it can build into a PE file with only .text secti
Arch Linux Security Update Notifications
arch-audit-gtk Show an indicator if there are any security updates missing for your Arch Linux system. Install git clone https://aur.archlinux.org/arc
Core Temporal SDK that can be used as a base for language specific Temporal SDKs
Core SDK that can be used as a base for all other Temporal SDKs. Getting started See the Architecture doc for some high-level information. This repo u
Sōzu HTTP reverse proxy, configurable at runtime, fast and safe, built in Rust. It is awesome! Ping us on gitter to know more
Sōzu · Sōzu is a lightweight, fast, always-up reverse proxy server. Why use Sōzu? Hot configurable: Sozu can receive configuration changes at runtime
A flexible web framework that promotes stability, safety, security and speed.
A flexible web framework that promotes stability, safety, security and speed. Features Stability focused. All releases target stable Rust. This will n
A simple, cross-platform GUI automation module for Rust.
AutoPilot AutoPilot is a Rust port of the Python C extension AutoPy, a simple, cross-platform GUI automation library for Python. For more information,
Bindings to the macOS Security.framework
macOS/iOS Security framework for Rust Documentation Bindings to the Apple's Security.framework. Allows use of TLS and Keychain from Rust. License Lice
Master Password in Pure Rust
Master Password •••| This is the Rust version of the original found here. This can be used as a drop-in replacement for the reference C version, offer
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An
Safe, fast, small crypto using Rust
THE SOFTWARE IS PROVIDED "AS IS" AND BRIAN SMITH AND THE AUTHORS DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
Migrate C code to Rust
C2Rust helps you migrate C99-compliant code to Rust. The translator (or transpiler) produces unsafe Rust code that closely mirrors the input C code. T
workspace productivity booster
fw Appveyor Why fw? With fw you have a configuration describing your workspace. It takes care of cloning projects and can run commands across your ent
A blazingly fast static web server with routing, templating, and security in a single binary you can set up with zero code. :zap::crab:
binserve ⚡ 🦀 A blazingly fast static web server with routing, templating, and security in a single binary you can set up with zero code. 🔥 UPDATE: N
[DEPRECATED] password manager thing
NOTE: this is pretty much abandoned, I recommend Bitwarden now. There is an export command in the CLI that produces CSV suitable for import into Bitwa
Check Have I Been Pwned and see if it's time for you to change passwords.
checkpwn Check Have I Been Pwned and see if it's time for you to change passwords. Getting started Install: cargo install checkpwn Update: cargo inst
Semi-automatic OSINT framework and package manager
sn0int sn0int (pronounced /snoɪnt/) is a semi-automatic OSINT framework and package manager. It was built for IT security professionals and bug hunter
🤖 The Modern Port Scanner 🤖
➡️ Discord | Installation Guide | Usage Guide ⬅️ The Modern Port Scanner. Fast, smart, effective. 🐋 Docker (Recommended) 👩💻 Kali / Debian 🏗️ Arch
Secure drive wipe
Lethe A secure, free, cross-platform and open-source drive wiping utility. Should work with any HDD, SSD (read limitations) and flash drives. The usua
A tokio-based modbus library
tokio-modbus A tokio-based modbus library. Features pure Rust library async (non-blocking) sync (blocking) Modbus TCP Modbus RTU Client & Server Open