252 Repositories
Rust solana-security-txt Libraries
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
moonwalk-back Cover your tracks during Linux Exploitation / Penetration Testing by leaving zero traces on system logs and filesystem timestamps. 📖 Ta
Uniswap V2 / constant-product AMM implemented in Solana's Anchor -- add and remove liquidity, swap tokens, earn fees
Uniswap V2 AMM implemented in Anchor programs/ammv2/src/draft.rs: outline of program with comments -- drafted before implementation Supported Instruct
Ore Pool Miner coded in Rust for the Ore v2 program on Solana!
Ore Pool Miner Ore Pool Miner coded in Rust for the Ore v2 program on Solana Default Ore Mining Pool Alvarium Mining Pool is operated by Bifrost and i
launchpad smart contract create token, bonding curve, pool creation on solana
Tokenix Smart Contract This repository contains the smart contract for Tokenix, a launchpad project currently under development at https://tokenix.fin
The example anchor implementation for solana-swap
anchor-liquidity-pool This is the example anchor implementation for solana-swap. The curve is always ConstantProduct in this implementation. The fee r
Standing watch over the Pi Network, PiSentinel is a consensus algorithm that safeguards security, decentralization, and scalability.
pi-sentinel Standing watch over the Pi Network, PiSentinel is a consensus algorithm that safeguards security, decentralization, and scalability. Intro
Solana SVM, modularized.
The Case for a Modular SVM An effort is underway at Anza to extract most of the transaction processing pipeline out of the validator and into what wil
Authenticate the cryptographic chain-of-custody of Linux distributions (like Arch Linux and Debian) to their source code inputs
backseat-signed Authenticate the cryptographic chain-of-custody of Linux distributions (like Arch Linux and Debian) to their source code inputs. This
A mono-repo for the Engineering Practice Domains of Development, Data, Infrastructure, Testing, and Platforms
Engineering Practice Domains Introduction Welcome to the Engineering Practice Domains at Fearless! This repository serves as a monorepo for our collab
Rust no-BS Dead Man's Switch TUI
Dead Man's Switch This is a simple implementation of a Dead Man's Switch. Use at your own risk. Check the f****(as in friendly) code. Dead man's switc
CVE-2024-24576 Proof of Concept
CVE-2024-24576-Exploit The Command::arg and Command::args APIs state in their documentation that the arguments will be passed to the spawned process a
a Solana program for granting friends permissions on your account without revealing your private key.
Delegatooooor Granting Permission: An account holder (the delegator) decides to grant permission to a delegate. They create and sign a transaction tha
Automated Solana tool for quick arbitrage, customizable, with real-time data and wallet integration. Trade responsibly.
Solana Arbitrage Trading Tool The Solana Arbitrage Trading Tool is an automated solution crafted to spot and capitalize on arbitrage opportunities wit
Solstice Flare - CLI Tool for interacting with Solana
🚧 WIP: This tool is in active development, and can experience breaking changes. For safety, it currently operates on Devnet by default Flare Flare is
My attempt at learning Solana program (smart contract) development through RareSkill's Solana course.
60-days-of-solana My attempt at learning Solana program (smart contract) development through RareSkill's Solana course. Originally, I was trying to cr
Secure your on-chain approvals and sleep with ease.
🇹🇷 Eth Global Istanbul 2023 Hackaton Project 🇹🇷 Table of Contents Table of Contents About The Project Built With Getting Started Installation Cont
A tool for bulk downloading and exporting the account data inside Solana snapshots.
Memento Memento is a tool used to load and save accounts from old Solana snapshots in Google Cloud Storage. Why should I use Memento? No fighting sola
RustRedOps is a repository dedicated to gathering and sharing advanced techniques and malware for Red Team, with a specific focus on the Rust programming language. (In Construction)
RustRedOps In Construction.... The project is still under development Overview RustRedOps is a repository that houses various tools and projects relat
A merkle-based token distributor for the Solana network that allows distributing a combination of unlocked and linearly unlocked tokens.
merkle-distributor A program for distributing tokens efficiently via uploading a Merkle root. Claiming Airdrop via CLI To claim via CLI instead of usi
cargo-crev to cargo-vet code review exporter
cargo-crev to cargo-vet converter Crev and Vet are supply-chain security tools for auditing Rust/Cargo dependencies. This tool (crevette) is a helper
Hopper is a tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing.
Hopper Hopper is an tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing. It transforms the problem of libr
Hopper is a tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing.
Hopper Hopper is an tool for generating fuzzing test cases for libraries automatically using interpretative fuzzing. It transforms the problem of libr
zk-rollup in rust for the advanced security and privacy course
Efficient zk-Rollup Implementation in Rust This repository contains a simple, single transaction, zero-knowledge rollup made in Rust. We have combined
An implementation of Messaging Layer Security (RFC 9420)
mls-rs An implementation of the IETF Messaging Layer Security end-to-end encryption (E2EE) protocol. What is MLS? MLS is a new IETF end-to-end encry
Threadless Module Stomping In Rust with some features
NovaLdr is a Threadless Module Stomping written in Rust, designed as a learning project while exploring the world of malware development. It uses advanced techniques like indirect syscalls and string encryption to achieve its functionalities. This project is not intended to be a complete or polished product but rather a journey into the technical aspects of malware, showcasing various techniques and features.
A CLI application that implements multi-key-turn security via Shamir's Secret Sharing.
agree agree is a CLI tool for easily applying multi-key-turn security via Shamirs Secret Sharing. Project state agree is unstable. Version semantics:
Lockbox is a command-line tool for generating and managing passwords
Lockbox is a command-line tool for generating and managing passwords. It uses strong encryption algorithms to securely store your passwords, so you can be sure that your data is safe.
A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS
TSFFS: Target Software Fuzzer For SIMICS TSFFS is a snapshotting, coverage-guided fuzzer built on the SIMICS full system simulator. TSFFS makes it eas
FUSE filesystem that provides FizzBuzz.txt(8 Exabyte)
FizzBuzzFS root@8a2db3fc6292:/# cd /mnt/FizzBuzz/ root@8a2db3fc6292:/mnt/FizzBuzz# ls -l total 9007199254740992 -rw-r--r-- 1 501 dialout 9223372036854
Assured Confidential Execution (ACE) for RISC-V
Assured Confidential Execution (ACE) for RISC-V ACE-RISCV is an open-source project, whose goal is to deliver a confidential computing framework with
A lightweight async Web crawler in Rust, optimized for concurrent scraping while respecting `robots.txt` rules.
🕷️ crawly A lightweight and efficient web crawler in Rust, optimized for concurrent scraping while respecting robots.txt rules. 🚀 Features Concurren
Authentication and authorization service, written in Rust
auth-rs auth-rs provides a simple authentication and authorization service for use in other services. The service is written in Rust and uses the acti
Tool and framework for securely reading untrusted USB mass storage devices.
usbsas is a free and open source (GPLv3) tool and framework for securely reading untrusted USB mass storage devices. Description Following the concept
Prototype risk modeling simulation for Portfolio using Arbiter.
proto-sim Prototype simulation using Arbiter as the simulation & agent engine. Build & Run build.sh cargo run Arbiter config The arbiter.toml config
Superfast Solana Tests for Node.js
Bankrun Bankrun is a superfast, powerful and lightweight framework for testing Solana programs in NodeJS. While people often use solana-test-validator
Harness the power of signify(1) to sign arbitrary git objects
git-signify A tool to sign arbitrary objects in a git repository. Generating keys Signing keys can be generated with signify, from the OpenBSD project
📱️🚫️🌝️💾️ 3FakeIM is a joke program meant to imitate various fictional characters, and the "[CHARACTER] CALLED ME AT 3:00 AM" clickbait trend, while poking fun.
3FakeIM 📱️🚫️🌝️💾️ 3FakeIM is a joke program meant to imitate various fictional characters, and the "[CHARACTER] CALLED ME AT 3:00 AM" clickbait tre
Token management program (vesting and mining) implemented in Anchor
Deep Dive into Anchor by Implementing Token Management Program Author: @ironaddicteddog, @emersonliuuu [Updated at 2022.5.21] You can find the full co
A modular and blazing fast runtime security framework for the IoT, powered by eBPF.
Pulsar is a security tool for monitoring the activity of Linux devices at runtime, powered by eBPF. The Pulsar core modules use eBPF probes to collect
Dependency lockfiles for a reproducible build environment 📦🔒
repro-env Imagine you had a tool that takes a config like this: # repro-env.toml [container] image = "rust:1-alpine3.18" and turns it into something l
Retina is a network analysis framework that supports 100+ Gbps traffic analysis on a single server with no specialized hardware.
Retina Retina is a network analysis framework that enables operators and researchers to ask complex questions about high-speed (100gbE) network links
Demonstrating how to use Rust to interact with the Solana blockchain.
Solana Scripts This is a library of Rust scripts for specific purposes: Generate a new wallet Create an SPL token Mint an SPL token Get an associated
A comprehensive and FREE Online Rust hacking tutorial utilizing the x64, ARM64 and ARM32 architectures going step-by-step into the world of reverse engineering Rust from scratch.
FREE Reverse Engineering Self-Study Course HERE Hacking Rust A comprehensive and FREE Online Rust hacking tutorial utilizing the x64, ARM64 and ARM32
python dependency vulnerability scanner, written in Rust.
🐍 Pyscan A dependency vulnerability scanner for your python projects, straight from the terminal. 🚀 blazingly fast scanner that can be used within l
Extract data from helium-programs via Solana RPC and serves it via HTTP
hnt-explorer This application extracts data from helium-programs via Solana RPC and serves it via HTTP. There are CLI commands meant to run and test t
A library for building tools to determine if vulnerabilities are reachable in a code base.
Overview Vuln Reach is a library for developing tools that determine if a given vulnerability is reachable. Provided to the open source community by P
job control from anywhere!
job-security - job control from anywhere! job-security is a tool that lets you put your running programs into background, then bring them to the foreg
Retrieve all requested SBOMs from the GitHub repositories.
GitHub SBOM(s) Generator Action This GitHub Action and/or standalone CLI application generates a Software Bill of Materials (SBOM) for a given GitHub
Implementation of Sunny's Mesh Security talk (Hackathon / Prototype status)
mesh-security (Hackathon / Prototype status) An implementation of Sunny's Mesh Security talk from Cosmoverse 2022. This should run on any CosmWasm ena
A simple command line tool which quickly audits the Disallow entries of a site's robots.txt.
Domo Arigato A simple command line tool which quickly audits the Disallow entries of a site's robots.txt. Disallow entries can be used to stop search
Rust Offensive Security Library for making you .EXE go GHOST 🥷🏾
Ghost Ghost is a rust library that allows you to delete your executable while it's running. Usage // With a default placeholder value on windows (`svc
`memory_pages` is a small library provinig a cross-platform API to request pages from kernel with certain premisions
memory_pages: High level API for low level memory management While using low-level memory management in a project can provide substantial benefits, it
subscout is a simple, nimble subdomain enumeration tool written in Rust language
subscout is a simple, nimble subdomain enumeration tool written in Rust language. It is designed to help bug bounty hunters, security professionals and penetration testers discover subdomains of a given target domain.
🥸P2P gossip network for update transparency, based on pgp 🥸
apt-swarm An attempt to make a secure public p2p protocol that gossips about signed InRelease files to implement an update transparency log. Running a
Collect crash reports, triage, and estimate severity.
CASR: Crash Analysis and Severity Report CASR – collect crash reports, triage, and estimate severity. It is based on ideas from exploitable and apport
Write Anchor-compatible Solana programs in TypeScript
Axolotl Write Achor-compatible Solana programs using TypeScript. Writing Rust is hard, but safe. It's also the go-to language for writing Solana progr
Manage lockfiles in PKGBUILDs for upstreams that don't ship them, `updpkgsums` for dependency trees (Arch Linux tooling)
updlockfiles Manage lockfiles for packages that don't ship any upstream. Like updpkgsums but for 3rd party dependency trees. If you're not actively ma
CLI tool for deterministically building and verifying executable against on-chain programs or buffer accounts
Solana Verify CLI A command line tool to build and verify solana programs. Users can ensure that the hash of the on-chain program matches the hash of
rsv is a command line tool to deal with small and big CSV, TXT, EXCEL files (especially 10G)
csv, excel toolkit written in Rust rsv is a command line tool to deal with small and big CSV, TXT, EXCEL files (especially 10G). rsv has following fe
Ethernaut solutions with ethers-rs
the full repository is using Ethers-rs for the finding of CTF unless requirement of smart contract like in case of re-entrancy. best way get good at e
Kinda functional block engine for testing bundles on jito-solana locally
Half Baked Block Engine About This is a half-baked block engine. It can be used for testing bundles running through jito-solana. Shortcomings The bare
Secure Boot for NixOS [maintainers=@blitz @raitobezarius @nikstur]
Lanzaboote: Secure Boot for NixOS This repository contains tooling for UEFI Secure Boot on NixOS. The goal is to make Secure Boot available from nixpk
Koofr Vault is an open-source, client-side encrypted folder for your Koofr cloud storage offering an extra layer of security for your most sensitive files.
Koofr Vault https://vault.koofr.net Koofr Vault is an open-source, client-side encrypted folder for your Koofr cloud storage offering an extra layer o
Formats output of Solana's cargo test-bpf/test-sbf command
solfmt Formats output of Solana's cargo test-bpf/test-sbf command. Installation cargo install solfmt Usage Run the your test command as usual (cargo t
Common vulnerability scanning on steroids ☄️
Hogg 🐽 An experimental passive website scanner. Hogg acts as a proxy between you and your DNS server and scans every website you visit for common vul
irulescan is a static security analyzer for iRules
irulescan is a tool to scan iRules for unexpected/unsafe expressions that may have undesirable effects like double substitution.
A crate built on top of `axum-sessions`, implementing the CSRF Synchronizer Token Pattern
Axum Synchronizer Token Pattern CSRF prevention This crate provides a Cross-Site Request Forgery protection layer and middleware for use with the axum
This is a solana lite rpc which optimizes sending transactions and confirming transactions strategies.
Solana Lite RPC This project aims to create a lite rpc server which is responsible only for sending and confirming the transactions. The lite-rpc serv
Tic-Tac-Toe Game Solana Contract 🦄
Tic Tac Toe Implemenattion of a Tic-Tac-Toe Game on Solana You can play the game here. Make sure you have Phantom installed and you are using Solana D
Nitrogen - a tool for deploying web services to AWS Nitro Enclaves
Nitrogen CLI Nitrogen is a tool for deploying web services to AWS Nitro Enclaves. Given a dockerfile and an ssh key, Nitrogen will spin up an EC2, con
Minimal server (with maximal security) for turning off an X10-controlled fan over HTTP
"Fan Remote" A self-contained Rust binary to expose a single X10 command (turn off that fan) as an HTML form button. In its current form, it's highly
A simple CLI for creating and managing Solana Lookup Tables.
LUT - A simple CLI for creating and managing Solana Lookup Tables Commands lut create Creates a new LUT using the default keypair in the Solana config
OSINT from your favorite services in a friendly terminal user interface
osintui Open Source Intelligence Terminal User Interface Report Bug · Request Feature Installation First, install Rust (using the recommended rustup i
⚡ Fast Web Security Scanner written in Rust based on Lua Scripts 🌖 🦀
⚡ Fast Web Security Scanner written in Rust based on Lua Scripts 🌖 🦀
Cloud Native high performance security and privacy SQL proxy.
Fern proxy With the advent of Cloud Native applications, architecture patterns evolved and emerged to take advantage of cloud computing, and build mor
VSCode extension to quickly write and customize well tested Solana snippets.
Solana Snippets The Solana Snippets VSCode Extension allows you to quickly insert Solana snippets into your code. This snippets are well tested in a r
🕵️♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️
Recon Find, locate, and query files for ops and security experts Key Features • How To Use • Download • Contributing • License Key Features Query with
Enum path && dir on target URL. Powered by Rust ! 🦀
enum-dir 一款快速枚举目录的小工具,使用 Rust 编写,扫起来真的很快。 用于发现目标站点中可能存在的路径信息,同时支持字典模式和暴力枚举模式。 本工具仅用于学习 Rust 以及 Rust 协程 Tokio 使用,严禁用于非法用途。 如果使用本工具从事违法犯罪活动,造成的任何后果,本人不承
tool for generating wordlists or extending an existing one using mutations.
gorilla gorilla is the ultimate wordlist tool packing a lot of amazing utilities like: building wordlists based on patterns (like crunch) building wor
Single stub direct and indirect syscalling with runtime SSN resolving for windows.
RUST_SYSCALLS Single stub direct and indirect syscalling with runtime SSN resolving for windows. Features: One single line for all your syscalls Funct
Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑🍆
privacy-sexy Open-source tool to enforce privacy & security best-practices on Windows and MacOs, because privacy is sexy 🍑 🍆 privacy-sexy is a data-
hello-world geyser plugin to stream accounts and transactions from a solana node
src/lib.rs: entrypoint src/plugin.rs: main plugin code to run: cargo build && solana-test-validator -r --geyser-plugin-config config.json note: make s
A security-focused telemetry agent written in Rust using eBPF.
Vesper A security-focused telemetry agent written in Rust using eBPF. Important: While public, this project is an educational endeavor and is not mean
Unopinionated low level API bindings focused on soundness, safety, and stronger types over raw FFI.
🔥 firehazard 🔥 Create a fire hazard by locking down your (Microsoft) Windows so nobody can escape (your security sandbox.) Unopinionated low level A
Write Anchor-compatible Solana programs in Python
seahorse: Write Solana programs in Python The ease of Python with the safety of Rust. Seahorse lets you write Solana programs in Python. It is a commu
🚩 Show sensitive command summary when open a new terminal
🚩 Show sensitive command summary when open a new terminal 👀 Clear sensitive commands from shell history 🙈 Stash your history command before present
Automated security testing for open source libraries and applications.
autovet continuously searches for security breaches in open source libraries and applications. Recently processed packages package version channel las
Generate Anchor IDL for Native Solana Programs.
Native Solana To Anchor IDL Autogenerate Anchor IDL from programs written in Native Solana. Disclaimer The instructions must follow strict set of rule
Stealer with webhook protection
Discoon Stealer with webhook protection Educational purposes only Only use this on your own machine and do not use it maliciously. License This projec
Build some cyber security tools in Rust :crab: :rocket:
here we're trying to write some tools for cyber security in Rust because we don't have enough community for Rust in the cyber security field soo this
Authenticate a tarball through a signed tag in a git repository (with reproducible builds)
auth-tarball-from-git Authenticate a tarball through a signed tag in a git repository (with reproducible builds). The signed git tag contains a hash o
supply-chain security for Rust
cargo-vet Note: cargo-vet is under heavy development and not quite ready for general use. Feel free to give it a try you're feeling adventerous — feed
An NTP implementation in Rust, supported by Internet Security Research Group's Prossimo project.
NTPD-rs NTPD-rs is an implementation of NTP completely written in Rust, with a focus on exposing a minimal attack surface. The project is currently in
tulipv2 vaults and v1 lending program sdk & examples
tulipv2-sdk Warning Unaudited, possibly untested sdk Tulip Protocol takes no responsibility for any (financial, physical, emotional, etc..) damage tha
Final Project for "Computer Networking Security": A Layer-3 VPN implementation over TLS
Final Project for "Computer Networking Security": A Layer-3 VPN implementation over TLS
The free password manager for power users
The free password manager for power users
Xiu - A simple and secure live media server in pure Rust (RTMP/HTTP-FLV/HLS/Relay).🦀
Xiu is a simple and secure live media server written by pure Rust, it now supports popular live protocols like RTMP/HLS/HTTP-FLV (and maybe other protocols in the future), you can deploy it as a stand-alone server or a cluster using the relay feature.
Deploy your Solana programs during high load.
solana-deployer IMPORTANT: There is a known bug with the current program that will be fixed soon. In the meantime you should deploy from Solana Playgr
A new, simple NFT standard for Solana
New Solana NFT Standard Current Issues The current NFT spec is pretty bad for a few reasons: every NFT requires multiple accounts (3+) the token accou
An easily deployable service to monitor mission-critical SPL token accounts
Vault watcher Monitoring critical spl-token accounts in real time Table of contents Introduction Usage Configuration Configuration examples Grafana In