{"id":35226725,"url":"https://github.com/s-b-repo/rustsploit","last_synced_at":"2026-04-21T21:08:37.417Z","repository":{"id":286902185,"uuid":"962932670","full_name":"s-b-repo/rustsploit","owner":"s-b-repo","description":"orgininaly this was a rewrite of routersploit rebuild in rust but it has grown and started shaping into something more","archived":false,"fork":false,"pushed_at":"2026-04-21T19:46:30.000Z","size":5485,"stargazers_count":38,"open_issues_count":0,"forks_count":5,"subscribers_count":1,"default_branch":"main","last_synced_at":"2026-04-21T20:40:07.544Z","etag":null,"topics":["hacking","hacking-tool","iot","kali-linux","routersploit","routersploit-framework","rust","rust-lang"],"latest_commit_sha":null,"homepage":"https://x.com/ayuumimainuwu","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/s-b-repo.png","metadata":{"files":{"readme":"README.md","changelog":"changelogs/# --- Constants ---.txt","contributing":"docs/Contributing.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"docs/Security-Validation.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-04-08T22:36:54.000Z","updated_at":"2026-04-21T19:25:22.000Z","dependencies_parsed_at":"2025-05-22T15:03:51.584Z","dependency_job_id":null,"html_url":"https://github.com/s-b-repo/rustsploit","commit_stats":null,"previous_names":["s-b-repo/r-routersploit","s-b-repo/rustsploit"],"tags_count":30,"template":false,"template_full_name":null,"purl":"pkg:github/s-b-repo/rustsploit","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/s-b-repo%2Frustsploit","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/s-b-repo%2Frustsploit/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/s-b-repo%2Frustsploit/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/s-b-repo%2Frustsploit/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/s-b-repo","download_url":"https://codeload.github.com/s-b-repo/rustsploit/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/s-b-repo%2Frustsploit/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32110227,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-21T11:25:29.218Z","status":"ssl_error","status_checked_at":"2026-04-21T11:25:28.499Z","response_time":128,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["hacking","hacking-tool","iot","kali-linux","routersploit","routersploit-framework","rust","rust-lang"],"created_at":"2025-12-30T01:19:34.664Z","updated_at":"2026-04-21T21:08:37.412Z","avatar_url":"https://github.com/s-b-repo.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Rustsploit \n\nModular offensive tooling for embedded targets, written in Rust and inspired by RouterSploit/Metasploit. Rustsploit ships an interactive shell, a command-line runner, and an ever-growing library of exploits, scanners, and credential modules for routers, cameras, appliances, and general network services.\n\n\n![Demo GIF](https://github.com/s-b-repo/rustsploit/raw/main/preview.gif)\n![Testing GIF](https://github.com/s-b-repo/rustsploit/raw/main/testing.gif)\n\n---\n\n## 📖 Wiki \u0026 Documentation\n\nFull documentation lives in the **[Rustsploit Wiki](docs/Home.md)**. Below is a quick index — click through for detailed guides, examples, and reference material.\n\n| Document | Description |\n|----------|-------------|\n| [Getting Started](docs/Getting-Started.md) | Installation, build, quick-start, Docker deployment |\n| [Interactive Shell](docs/Interactive-Shell.md) | Shell walkthrough, command palette, chaining, shortcuts |\n| [CLI Reference](docs/CLI-Reference.md) | Command-line flags, non-shell usage, output formats |\n| [API Server](docs/API-Server.md) | REST + WebSocket API, PQ encryption, endpoints, rate limiting |\n| [API Usage Examples](docs/API-Usage-Examples.md) | Practical curl workflows, request/response samples |\n| [Module Catalog](docs/Module-Catalog.md) | All modules by category — exploits, scanners, creds |\n| [Module Development](docs/Module-Development.md) | How to author new modules, lifecycle, dispatcher |\n| [Security \u0026 Validation](docs/Security-Validation.md) | Input validation, security patterns, honeypot detection |\n| [Credential Modules Guide](docs/Credential-Modules-Guide.md) | Best practices for brute-force / cred modules |\n| [Exploit Modules Guide](docs/Exploit-Modules-Guide.md) | Best practices for exploit modules |\n| [Utilities \u0026 Helpers](docs/Utilities-Helpers.md) | `utils.rs` public API, target normalization, honeypot check |\n| [Testing \u0026 QA](docs/Testing-QA.md) | Build checks, smoke tests, wordlist validation |\n| [Changelog](docs/Changelog.md) | Release notes and version history |\n| [Contributing](docs/Contributing.md) | Fork guide, PR checklist, code style |\n| [Credits](docs/Credits.md) | Authors, acknowledgements, legal notice |\n\n---\n\n## Highlights\n\n-  **Auto-discovered modules:** `build.rs` indexes `src/modules/**` — drop in new code, no manual registration needed\n-  **Interactive shell:** 40+ commands with shortcuts, command chaining (`\u0026`), tab completion, and command history\n-  **Module metadata:** Optional `info()` and `check()` functions per module — CVE references, author, rank, non-destructive vulnerability verification\n-  **Global options (`setg`):** Persistent key-value settings that apply across all modules — like Metasploit's datastore\n-  **Credential store:** Track discovered credentials across sessions with `creds` commands and JSON persistence\n-  **Host/service tracking:** Workspace-based engagement tracking with `hosts`, `services`, `notes` commands\n-  **Loot management:** Structured evidence collection with file storage and metadata indexing\n-  **Resource scripts:** Automate workflows from files, auto-load startup scripts, save command history with `makerc`\n-  **Background jobs:** Run modules asynchronously with `run -j`, manage with `jobs` commands\n-  **Export/reporting:** Export all engagement data to JSON, CSV, or human-readable summary reports\n-  **Console logging:** `spool` command captures all output to file for documentation\n-  **Comprehensive credential tooling:** FTP(S), SSH, Telnet, POP3(S), SMTP, IMAP, RDP, RTSP, SNMP, L2TP, MQTT, VNC, MySQL, PostgreSQL, Redis, CouchDB, Elasticsearch, Memcached, HTTP Basic, Proxy, Fortinet — with IPv6 and TLS support\n-  **Exploit coverage:** CVEs for VNC (LibVNC, TigerVNC, TightVNC, x11vnc), honeypots (Cowrie, Dionaea, HoneyTrap, SNARE), WAFs (SafeLine), Apache Camel, Kubernetes ingress-nginx, Commvault, MISP, Zimbra, Next.js, Vite, and 100+ more\n-  **Scanners \u0026 utilities:** Port scanner, ping sweep, SSDP, HTTP title grabber, DNS recursion tester, directory bruteforcer, sequential fuzzer, proxy scanner, reflect scanner, vulnerability checker\n-  **API server:** PQ-encrypted WebSocket transport — post-quantum cryptography, full CRUD for credentials, hosts, services, loot, jobs\n-  **MCP server:** 38-tool Model Context Protocol server for AI-assisted pentesting via stdio\n-  **Plugin system:** Third-party modules via `src/modules/plugins/` with build-time discovery and startup safety warnings\n-  **Security hardened:** Input validation, path traversal protection, honeypot detection, root privilege checks, spool symlink protection, memory-safe operations\n-  **IPv4/IPv6 ready:** Both address families work out-of-the-box across all modules\n\n---\n\n## Quick Start\n\n**One command** (Debian/Ubuntu/Kali):\n\n```bash\nsudo apt update \u0026\u0026 sudo apt install -y build-essential pkg-config libssl-dev libdbus-1-dev cmake \u0026\u0026 (command -v cargo \u003e /dev/null 2\u003e\u00261 || (curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \u0026\u0026 . \"$HOME/.cargo/env\")) \u0026\u0026 git clone https://github.com/s-b-repo/rustsploit.git \u0026\u0026 cd rustsploit \u0026\u0026 cargo run\n```\n\n\u003cdetails\u003e\n\u003csummary\u003eWhat each dependency does\u003c/summary\u003e\n\n| Package | Required by | Why |\n|---------|------------|-----|\n| `build-essential` | Native crate compilation | gcc, make, libc headers |\n| `pkg-config` | `native-tls`, `ssh2` | Finds system libraries at build time |\n| `libssl-dev` | `native-tls`, `ssh2` | OpenSSL headers for TLS and SSH |\n| `libdbus-1-dev` | `btleplug` | D-Bus IPC for Bluetooth scanning |\n| `cmake` | `ssh2` (libssh2-sys) | Builds libssh2 from source |\n\n\n\u003c/details\u003e\n\nFor other distros (Arch, Gentoo, Fedora), Docker deployment, and one-liner installs, see **[Getting Started](docs/Getting-Started.md)**.\n\n---\n\n## Quick Navigation\n\n- **New user?** → [Getting Started](docs/Getting-Started.md)\n- **Writing a module?** → [Module Development](docs/Module-Development.md)\n- **Using the API?** → [API Server](docs/API-Server.md) + [API Usage Examples](docs/API-Usage-Examples.md)\n- **Running from CLI?** → [CLI Reference](docs/CLI-Reference.md)\n- **Full module list?** → [Module Catalog](docs/Module-Catalog.md)\n\n---\n\n## Private Internet Recommendations\n\nThe built-in proxy system has been removed in favor of system-level VPN solutions. We recommend **[Mullvad VPN](https://mullvad.net)** for its no-registration, audited no-logs policy, WireGuard support, and excellent Linux CLI. Simply connect your VPN before running the tool — all traffic routes through the tunnel.\n\n---\n\n## Contributing\n\nContributions welcome! See the **[Contributing Guide](docs/Contributing.md)** for the full process. In short:\n\n1. Fork + branch from `main`\n2. Add your module under the appropriate category\n3. Run `cargo fmt` and `cargo check` before opening a PR\n\n---\n\n## Credits\n\n- **Project Lead:** s-b-repo\n- **Language:** 100% Rust\n- **Inspired by:** RouterSploit, Metasploit Framework, pwntools\n\n\u003e ⚠️ Rustsploit is intended for authorized security testing and research purposes only. Obtain explicit permission before targeting any system you do not own.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fs-b-repo%2Frustsploit","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fs-b-repo%2Frustsploit","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fs-b-repo%2Frustsploit/lists"}