Awesome Rust Security
Curated list of awesome projects and resources related to Rust and computer security
Table of Contents
Tools
Web and Cloud Security
Pentesting
- sn0int - OSINT framework and package manager
- sniffglue - secure multithreaded packet sniffer
- badtouch - scriptable network authentication cracker
- rshijack - TCP connection hijacker
- feroxbuster - fast, simple and recursive content discovery tool
- rustbuster - web fuzzer and content discovery tool
- rustscan - The Modern Port Scanner
- kepler - NIST-based CVE lookup store and API powered by Rust.
- phaser - Automated attack surface mapper and vulnerability scanner
- pdfrip - Fast PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks.
- chromepass - Chromepass - Hacking Chrome Saved Passwords
Authorization & Authentication Frameworks
- biscuit - delegated, decentralized, capabilities based authorization token
- paseto.rs - PASETO Rust implementation
- webauthn.rs - WebAuthn implementation in Rust
- aliri - JWT authenticaiton and OAuth2 scope authorization implementations for many web frameworks
- OpenSK - open-source implementation for security keys written in Rust
- dacquiri - Attributed based access control (ABAC) framework with compile-time enforcement
Cloud and Infrastructure
- firecracker - secure and fast microVMs for serverless computing
- boringtun - CloudFlare's Rust implementation of WireGuard
- innernet - private network based on WireGuard
- vaultwarden - unofficial BitWarden implementation in Rust
Software Supply Chain
- rebuilderd - independent verification of binary packages
- rust-tuf - Rust implementation of the Update Framework
Secure Frameworks
- adblock-rust - Brave's Rust-based adblock engine
- libinjection - Rust bindings to libinjection
- http-desync-guardian - Analyze HTTP requests to minimize risks of HTTP Desync attacks
- ammonia - Repair and secure untrusted HTML
Vulnerability Assessment
Static Code Auditing
- RustSec - organization supporting vulnerability disclosure for Rust packages, audit Cargo.lock files for dependencies
- cargo-geiger - detect usage of unsafe Rust
- siderophile - find ideal fuzz targets in a Rust codebase
- cargo-crev - cryptographically verifiable code review for cargo
- arch-audit - audit installed Arch packages for vulnerabilities
- ripgrep - recursively search directories with regexes
- weggli - fast and robust semantic search tool for C and C++ codebases
- noseyparker - command-line program that finds secrets and sensitive information in textual data and Git history.
Fuzzing
- rust-fuzz - organization implementing cargo plugins for AFL, libFuzzer, and honggfuzz
- LibAFL - slot fuzzers together in Rust
- fuzzcheck.rs - structure-aware, in-process, coverage-guided, evolutionary fuzzing engine for Rust functions.
- onefuzz - self-hosted Fuzzing-As-A-Service platform
- lain - fuzzer framework implemented in Rust
- fzero - fast grammar-based fuzz generator implementation
- nautilus - grammar-based feedback fuzzer from RUB's Systems Security Lab
- sidefuzz - fuzzer for side-channel vulnerabilities
- arbitrary - trait for generating structured input from raw bytes, helpful for structure-aware fuzzing
- rust-san - sanitizers for Rust code
- lidiffuzz - memory allocator drop-in to test for uninitialized memory reads
- rewind - Snapshot-based coverage-guided Windows kernel fuzzer
- hyperpom - AArch64 fuzzer based on the Apple Silicon hypervisor
- icicle-emu - Fuzzing-specific multi-architecture emulation framework
Binary Analysis & Reversing
- goblin - binary parsing crate for Rust
- unicorn.rs - Rust bindings to the Unicorn framework
- cargo-call-stack - whole program stack analysis
- xori - disassembly library for PE32, 32+ and shellcode
- rd - record/replay debugger implemented in Rust
- binsec - Swiss Army Knife for Binary (In)Security
- radeco - Radare2-based decompiler and symbol executor
- falcon - Binary Analysis Framework in Rust
- mesos - binary coverage tool without modification for Windows
- guerilla - monkey patching Rust functions
- ropr - blazing fastβ’ multithreaded ROP Gadget finder
- pwninit - automate starting binary exploit challenges
- binaryninja-rs - Binary Ninja API support for Rust
Property-Based Testing
- quickcheck - property-based testing for Rust
- proptest - Hypothesis-like property testing for Rust
- bughunt-rust - example of using fuzzing QuickCheck models for bughunting
- mutagen - mutation testing framework for Rust
Symbolic Execution
- seer - symbolic execution engine for Rust
- haybale - LLVM IR-based symbolic execution engine from the USCD System Security Lab
Formal Verification
- MIRAI - abstract interpreter for Rust's MIR from Facebook
- electrolysis - formal verification of Rust programs with the Lean theorem prover
Offensive Security and Red Teaming
Command-and-Control Frameworks
- tetanus - Mythic agent written in Rust
Defense Evasion
- FunctionStomping - new shellcode injection technique.
Packing, Obfuscation, Encryption, Anti-analysis
- debugoff - Linux anti-debugging and anti-analysis rust library
- goldberg - procedural macro library for obfuscating Rust code.
- obfstr - string obfuscation for Rust
- oxide - PoC packer written in Rust.
- Linux.Fe2O3 - Simple ELF prepender virus / in-memory loader written in Rust
Threat Detection and Forensics
- yara-rust - Rust bindings to YARA
- BONOMEN - hunt for malware critical process impersonation
- confine - sandbox for threat detection
- redbpf - crate for writing BPF/eBPF modules
- cernan - telemetry aggregation and shipping
- chainsaw - Windows Event Log Hunting
- foniod - Data first monitoring agent using (e)BPF, built on RedBPF
- zerotect - attack/exploit Detector that utilizes Polymorphism and Diversity
- hayabusa - Sigma-based threat hunting and fast forensics timeline generator for Windows event logs written in Rust.
- medusa - fast and secure multi protocol honeypot.
- elegant-bouncer - experimental tool for detection of the FORCEDENTRY (CVE-2021-30860)
- cargo-sandbox - sandboxed cargo
Cryptography
Frameworks
- secrets - secure storage for cryptographic secrets in Rust
- mundane - BoringSSL-backed cryptography library
- rust-threshold-secret-sharing - Rust implementation of threshold-based secret sharing
- molasses - Rust implementation of the MLS group messaging protocol
- rust-security-framework - Rust bindings to the macOS
Security.framework
- microkv - minimal and secure key-value storage for Rust
- swanky - suite of rust libraries for secure multi-party computation
- tandem - maliciously secure two-party computation engine which is embeddable and accessible
Applications
- sniffnet - Application to comfortably monitor your Internet traffic π΅οΈββοΈ
- ripasso - password manager written in Rust
- sekey - TouchID / Secure Enclave for SSH authentication
- Mullvad VPN Client - Mullvad VPN app written in Rust
- fakio - lightweight secure tunnel proxy.
- firecracker - Secure and fast microVMs for serverless computing.
Educational
Books
Articles
Talks
- BlackHat EU 2018 - RustZone: Writing Trusted Applications in Rust
- DEFCON 30 - Lessons from fuzzing a smart contract compiler
Similar Lists
- awesome-rust
- rust-secure-code/projects
- analysis-tools-dev/static-analysis
- analysis-tools-dev/dynamic-analysis
- awesome-go-security
Contributing
Make a pull request if you are interested in adding more to this list! All contributions are appreciated.