Awesome-Rust-Checker

A curated list of awesome Rust checkers
https://github.com/CodeSentryAI/Awesome-Rust-Checker

Last synced: 2 days ago
JSON representation

Academic Papers
- Dynamic Analysis Papers (no source code yet)
  - Rustcheck, QRS-C'23
  - Poster@ACSAC'20 - | Vulnerabilities | Fuzzing, Concolic Testing, Property-based Testing |
  - ASE'24
  - arxiv
  - FRIES, ISSTA'24
  - CCS'25 - IR analysis, Dynamic taint analysis, Fuzzer |
- Static Analysis Papers (no source code yet)
  - Rupair, ACSAC'21 - flow Analysis |
  - CRUST, QRS'22 - of-bounds, Use-after-Free, Double-Free, Stack-Overflow, Buffer-Overflow), Arithmetic (Divide-by-zero, Integer-Overflow) | Program Analysis Framework |
  - ACORN - of-bounds, Use-after-Free, Double-Free, Stack-Overflow, Buffer-Overflow), Arithmetic (Divide-by-zero, Integer-Overflow) | Program Analysis Framework |
  - Yu Zhang - flow Analysis |
  - Kaiwen Zhang
  - ASE'24
  - OOPSLA'26
  - arXiv'25
  - PanicFI
  - rustc++
- Verification Papers (no source code yet)
  - GillianRust - | Separation Logic based Hybrid Verification |
  - UnsafeCop, FM'24 - | Memory safety issues | Bounded Model Checking |
  - SAFE - | Verus Verifier, LLM |
  - PanicCheck, ICSE-SEIP'24
  - ATC'25
Dependency & Supply Chain Security
- cargo-deny - 06-05 |
- cargo-audit - 06-05 |
- cargo-geiger - 08-31 |
- cargo-vet - chain security for Rust - audit your dependencies for trustworthiness | Cargo.lock, Source | Untrusted dependencies | Supply Chain Auditing | 2026-04-19 |
- cargo-auditable - embed dependency info into binaries | Binary | Dependency vulnerabilities in production binaries | Binary Auditing | 2026-05-28 |
- cargo-scan - scans for unsafe patterns and security-sensitive operations. Paper: [Auditing Rust Crates Effectively, ESOP'26](https://link.springer.com/chapter/10.1007/978-3-032-22723-2_15) | Source Code, MIR | Unsafe patterns, Security-sensitive operations | Static Analysis | 2026-06-05 |
- cargo-udeps - 04-29 |
- cargo-semver-checks - 05-31 |
- cargo-safety - 01-07 |
Dynamic Checkers
- miri - level intermediate representation. Paper: [Miri, POPL'26](https://dl.acm.org/doi/abs/10.1145/3776690) | MIR | Undefined Behavior | Abstract Interpretation | 2026-06-06 |
- cargo-careful - | Undefined Behavior | Enable Debug Assertion in std | 2026-04-01 |
- cargo-fuzz - 05-26 |
- Loom - 02-20 |
- Shuttle - us/research/wp-content/uploads/2016/02/asplos277-pct.pdf) | Source Code | Concurrency Bugs | Randomized testing | 2026-05-22 |
- ERASAN - article/sp/2024/313000a239/1WPcYZde4BW) | - | Memory Access Bugs | Fuzzing | 2025-06-30 |
- Automated-Fuzzer - | Panic | Fuzzing | 2026-05-19 |
- RULF - | Out-of-bound, Panic (including arithmetic) | Fuzzing | 2023-11-09 |
- RPG - based Fuzz Target. Paper: [RPG, ICSE'24](https://dl.acm.org/doi/10.1145/3597503.3639102) | - | Out-of-bound, Panic (including arithmetic) | Fuzzing | 2022-10-09 |
- SyRust - Aware Program Synthesis. Paper: [SyRust, PLDI'21](https://dl.acm.org/doi/pdf/10.1145/3453483.3454084) | - | - | Program Synthesis | 2021-04-14 |
- NADER - Aware Safety Enhancement for Rust. Paper: [OOPSLA'21](https://dl.acm.org/doi/pdf/10.1145/3485480) | MIR, Source Code | Unchecked Indexing | API Replacing | 2021-07-13 |
- casr - Cluster, ISPRAS'21](https://www.doi.org/10.1109/ISPRAS53967.2021.00012), [Ivannikov Memorial Workshop'24](https://arxiv.org/abs/2405.18174) | Crash Reports from ASan, UBSan, GDB | - | Analyze crashes | 2026-05-30 |
- rustsmith - paper.pdf) [rustsmith, thesis](https://rustsmith.github.io/docs/rustsmith-thesis.pdf) | AST | Rust compiler bugs | Differential testing | 2023-07-21 |
- rustlantis - free and deterministic rustc fuzzer. Paper: [rustlantis, OOPSLA'24](https://dl.acm.org/doi/pdf/10.1145/3689780) | MIR | Rust compiler bugs | Differential testing | 2025-11-15 |
- RuMono - | Generic APIs | Fuzzing | 2023-11-09 |
- rtsan-standalone-rs - in-rust/) | Source Code | Real-time Violations | Instrumentation | 2025-09-27 |
- RustSan - kyuwon) | LLVM IR | Memory bugs | Instrumentation | 2024-10-11 |
- SafeFFI - Language Applications [USENIX Security'26](https://www.plai.ifi.lmu.de/publications/usenixsecurity26-safeffi.pdf) [NDSS'24 Poster](https://www.ndss-symposium.org/wp-content/uploads/ndss24-posters-37.pdf) | MIR, LLVM IR | Memory safety in C/C++ and Rust Mixed Code | Instrumentation | 2026-03-10 |
- Hopper - 05-16 |
- dhat-rs - | Memory leaks, Heap allocation patterns | Instrumentation | 2025-02-20 |
- afl.rs - 05-11 |
- LibAFL - Slot your Fuzzer together in Rust! Scales across cores and machines. [PR#981](https://github.com/AFLplusplus/LibAFL/pull/981) from Paper: [CrabSandwich, Fuzzing'23](https://dl.acm.org/doi/abs/10.1145/3605157.3605176). See [issue#5](https://github.com/CodeSentryAI/Awesome-Rust-Checker/issues/5) | Binary | Memory corruption, Panics, Crashes | Fuzzing Framework | 2026-05-19 |
- test-fuzz - automated fuzz target generation | Source Code | Panics, Crashes | Fuzzing | 2026-06-04 |
- fuzzcheck-rs - aware, and feedback-driven fuzzing engine for Rust functions | Source Code | Panics, Crashes | Fuzzing | 2026-01-22 |
- honggfuzz-rs - developed Honggfuzz | Binary | Memory corruption, Panics | Fuzzing (Honggfuzz) | 2026-03-28 |
- deepSURF - Augmented Harnesses. Paper: [IEEE S&P'26](https://arxiv.org/abs/2506.15648) | HIR, MIR | Memory Bugs | Hybrid, LLM | 2025-11-29 |
- rl-guided-static-analysis-rust - 01-26 |
- here
- zjp-CN
Linters
- clippy - Companion'24](https://dl.acm.org/doi/abs/10.1145/3639478.3643096) | HIR | Versatile | Pattern matching | 2026-06-06 |
- dylint - 06-02 |
- snarf - line false sharing linter for Rust structs — detects potential cache-line false sharing by finding cases where atomic or contended fields share a cache line | Source Code | Cache-line false sharing (performance) | Layout analysis | 2026-05-25 |
- redpen - crate panic reachability tracking | HIR, MIR | Panic reachability, Type parameter restrictions | Pattern matching | 2024-06-10 |
Static Checkers
- MIRAI - level IR Abstract Interpreter | MIR | Panic, Security bugs, Correctness | Abstract Interpretation | 2025-03-04 |
- lockbud - tse.pdf) | MIR | Double-Lock, Conflicting-Lock-Order, Atomicity-Violation, Use-After-Free, Invalid-Free, Panic Locations | Data-flow Analysis | 2026-05-15 |
- RAPx - After-Free, Memory Leakage | Static Program Analysis, Model Checking | 2026-06-04 |
- safety-tags - 04-24 |
- Rudra - flow Analysis | 2026-04-02 |
- Yuga - flow Analysis | 2024-04-01 |
- MirChecker - 05-24 |
- FFIChecker - 3-031-17143-7_33) | LLVM IR | Memory issues across the Rust/C FFI | Abstract Interpretation | 2022-05-31 |
- RUPTA - based pointer analysis. Paper: [RUPTA, CC'24](https://dl.acm.org/doi/10.1145/3640537.3641574), [Stack Filtering, CGO'25](https://dl.acm.org/doi/pdf/10.1145/3696443.3708921) | MIR | Not bugs, for callgraph construction | Callsite-based pointer analysis | 2025-06-17 |
- Pincer - safety bugs. Paper: [Pincer, OOPSLA'26](https://dl.acm.org/doi/abs/10.1145/3798266) | MIR | Use-after-free, Double-free, Dangling pointer | Demand-driven IFDS alias analysis, Typestate analysis | 2026-04-14 |
- Cocoon - 03-20 |
- rustsp_analyzer - friendly Document for Unsafe Rust Programming Base on Refined Safety Properties. Paper: [Fearless Unsafe](https://arxiv.org/pdf/2412.06251) | HIR | Safety Properties | Summarization | 2025-01-01 |
- AtomVChecker - flow Analysis | 2025-06-27 |
- rustowl - 06-02 |
- cargo-pinch(pinchecker) - nju/mir2rpil) | unsafe code that fails to uphold its safety requirements (Pin-related memory bugs for now) | - | 2025-03-04 |
- mirilli - | 2025-02-13 |
- TypePulse - prepub-952-chen-hung-mao.pdf) | MIR | Type confusion | Type conversion & pointer alias analysis | 2025-12-13 |
- Rust-API-Bypass-Checker - based static analysis tool that identifies redundant safety checks in Rust programs to improve performance | MIR | Redundant safety checks | Interval analysis | 2026-05-22 |
- the-janitor - analysis security research platform for IFDS, Z3/Kani proof obligations, exploit-witness generation | MIR, LLVM IR | Security vulnerabilities, Memory safety | Static Analysis, Symbolic Execution | 2026-06-02 |
- Crema - C FFI detecting memory leaks, double-free and use-after-free in pure unsafe Rust and Rust-C interaction. Paper: [SEFM'25](https://doi.org/10.1007/978-3-032-10444-1_11) | LLVM IR (SVF) | Memory leak, Double-free, Use-after-free (FFI) | Static Value-Flow Analysis | 2025-12-06 |
- Rust-IR-BERT - Based Vulnerability Detection in Rust Code Using LLVM IR and Transformer Model. Paper: [Machine Learning and Knowledge Extraction](https://www.mdpi.com/2504-4990/7/3/79) | Source Code, LLVM IR | Vulnerabilities | BERT | 2026-10-20 |
Thanks
- Verification Papers (no source code yet)
Verifiers
- kani - precise model checker for Rust. Paper: [kani, ICSE-SEIP'22](https://dl.acm.org/doi/abs/10.1145/3510457.3513031) | MIR | Memory safety, User-specified assertions, Panics, Unexpected behavior (e.g., arithmetic overflows) | Model Checking | 2026-06-03 |
- prusti - 3-031-06773-0_5) | Viper | Panic (including arithmetic), User-specified assertions | Symbolic Execution | 2024-03-26 |
- crux-mir - | - | Symbolic Testing | 2026-06-03 |
- verus - level systems code. Paper: [verus, OOPSLA'23](https://dl.acm.org/doi/pdf/10.1145/3586037), [SOSP'24](https://www.microsoft.com/en-us/research/publication/verus-a-practical-foundation-for-systems-verification/) | - | - | SMT-based Verification | 2026-06-05 |
- AutoVerus - | - | LLM, SMT-based Verification | 2026-06-02 |
- flux - | - | - | 2026-06-05 |
- Aeneas - | - | 2026-06-05 |
- hax - | Panic, Properties, Data Invariants | Translation to F* or Rocq | 2026-06-04 |
- RustHorn - based automated verifier for Rust [RustHorn, TOPLAS'21](https://dl.acm.org/doi/full/10.1145/3462205) | MIR | - | - | 2024-08-27 |
- Creusot - 03737878/file/main.pdf) | WhyML | Panics, overflows, Assertion failures | Deductive Verification | 2026-06-05 |
- RustHornBelt - | - | 2023-02-14 |
- VerusBelt - Oriented Extensions to the Rust Type System. Paper: [VerusBelt, PLDI'26](https://iris-project.org/pdfs/2026-pldi-verusbelt.pdf), [Artifact](https://zenodo.org/records/19613067) | Rocq, Iris | Soundness of Verus proof-oriented extensions | Semantic Foundation | 2026-03-18 |
- RefinedRust<sup>1</sup> - Assurance Verification of Rust Programs. Paper: [RefinedRust, PLDI'24](https://dl.acm.org/doi/10.1145/3656422) | Radium | - | - | 2025-01-03 |
- VeriFast<sup>2</sup> - 3-642-20398-5_4) | - | - | Symbolic Execution | 2026-05-10 |
- mendel-verifier - based verifier for safe Rust clients of interior mutability. Paper: [Poli](https://arxiv.org/abs/2405.08372), [Thesis](https://www.research-collection.ethz.ch/bitstream/handle/20.500.11850/703796/Poli2024.pdf?sequence=3&isAllowed=y) | Viper | Interior Mutability | Symbolic Execution | 2024-07-16 |
- silver-sif-extension - interest/infk/chair-program-method/pm/documents/Education/Theses/Till_Arnold_MA_Report.pdf) | Viper | Differential Privacy | Symbolic Execution | 2026-01-23 |
- soteria-rust - 06-05 |
- mir-semantics - | Symbolic Execution | 2026-05-28 |
- cuq - to-Coq Framework Targeting PTX for Formal Semantics and Verified Translation of Rust GPU Kernels | MIR, Coq | GPU kernel-level bugs | Translate MIR to Coq for PTX semantics | 2026-05-04 |
- chronicle - based formal model extraction for Rust concurrent systems — TLA+ codegen & model checking | MIR | Concurrency bugs | Model extraction + TLA+ | 2026-03-18 |
- seer - 07-17 |
- haybale - 10-27 |
- rure - 04-26 |
- jedbrown - related verification tools.

Programming Languages

Rust 45 OCaml 3 Python 1 Kotlin 1 R 1 Mercury 1 Scala 1 LLVM 1 SMT 1

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Awesome

Awesome-Rust-Checker

Academic Papers

Dynamic Analysis Papers (no source code yet)

Static Analysis Papers (no source code yet)

Verification Papers (no source code yet)

Dependency & Supply Chain Security

Dynamic Checkers

Linters

Static Checkers

Thanks

Verification Papers (no source code yet)

Verifiers