Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

awesome-rust-security

Curated list of awesome projects and resources related to Rust and computer security
https://github.com/osirislab/awesome-rust-security

Last synced: 3 days ago
JSON representation

Web and Cloud Security
- Pentesting
  - sn0int - OSINT framework and package manager
  - sniffglue - secure multithreaded packet sniffer
  - rshijack - TCP connection hijacker
  - feroxbuster - fast, simple and recursive content discovery tool
  - rustbuster - web fuzzer and content discovery tool
  - rustscan - The Modern Port Scanner
  - kepler - NIST-based CVE lookup store and API powered by Rust.
  - phaser - Automated attack surface mapper and vulnerability scanner
  - pdfrip - Fast PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks.
  - chromepass - Chromepass - Hacking Chrome Saved Passwords
- Authorization & Authentication Frameworks
  - paseto.rs - PASETO Rust implementation
  - webauthn.rs - WebAuthn implementation in Rust
  - aliri - JWT authenticaiton and OAuth2 scope authorization implementations for many web frameworks
  - OpenSK - open-source implementation for security keys written in Rust
  - dacquiri - Attributed based access control (ABAC) framework with compile-time enforcement
- Cloud and Infrastructure
  - boringtun - CloudFlare's Rust implementation of WireGuard
  - innernet - private network based on WireGuard
  - vaultwarden - unofficial BitWarden implementation in Rust
- Software Supply Chain
  - rebuilderd - independent verification of binary packages
- Secure Frameworks
  - adblock-rust - Brave's Rust-based adblock engine
  - libinjection - Rust bindings to libinjection
  - http-desync-guardian - Analyze HTTP requests to minimize risks of HTTP Desync attacks
  - ammonia - Repair and secure untrusted HTML
Vulnerability Assessment
- Static Code Auditing
  - siderophile - find ideal fuzz targets in a Rust codebase
  - cargo-crev - cryptographically verifiable code review for cargo
  - arch-audit - audit installed Arch packages for vulnerabilities
  - ripgrep - recursively search directories with regexes
  - noseyparker - command-line program that finds secrets and sensitive information in textual data and Git history.
  - L3X - AI-driven Static Analyzer
  - RustSec - organization supporting vulnerability disclosure for Rust packages, audit Cargo.lock files for dependencies
- Fuzzing
  - LibAFL - slot fuzzers together in Rust
  - fuzzcheck.rs - structure-aware, in-process, coverage-guided, evolutionary fuzzing engine for Rust functions.
  - onefuzz - self-hosted Fuzzing-As-A-Service platform
  - lain - fuzzer framework implemented in Rust
  - fzero - fast grammar-based fuzz generator implementation
  - nautilus - grammar-based feedback fuzzer from RUB's Systems Security Lab
  - sidefuzz - fuzzer for side-channel vulnerabilities
  - arbitrary - trait for generating structured input from raw bytes, helpful for structure-aware fuzzing
  - rust-san - sanitizers for Rust code
  - lidiffuzz - memory allocator drop-in to test for uninitialized memory reads
  - rewind - Snapshot-based coverage-guided Windows kernel fuzzer
  - hyperpom - AArch64 fuzzer based on the Apple Silicon hypervisor
  - icicle-emu - Fuzzing-specific multi-architecture emulation framework
  - rust-fuzz - organization implementing cargo plugins for AFL, libFuzzer, and honggfuzz
- Binary Analysis & Reversing
  - goblin - binary parsing crate for Rust
  - unicorn.rs - Rust bindings to the Unicorn framework
  - cargo-call-stack - whole program stack analysis
  - xori - disassembly library for PE32, 32+ and shellcode
  - rd - record/replay debugger implemented in Rust
  - binsec - Swiss Army Knife for Binary (In)Security
  - radeco - Radare2-based decompiler and symbol executor
  - falcon - Binary Analysis Framework in Rust
  - mesos - binary coverage tool without modification for Windows
  - guerilla - monkey patching Rust functions
  - ropr - blazing fast™ multithreaded ROP Gadget finder
  - pwninit - automate starting binary exploit challenges
  - binaryninja-rs - Binary Ninja API support for Rust
- Property-Based Testing
  - quickcheck - property-based testing for Rust
  - bughunt-rust - example of using fuzzing QuickCheck models for bughunting
  - mutagen - mutation testing framework for Rust
  - proptest - Hypothesis-like property testing for Rust
- Symbolic Execution
  - seer - symbolic execution engine for Rust
  - haybale - LLVM IR-based symbolic execution engine from the USCD System Security Lab
- Formal Verification
  - MIRAI - abstract interpreter for Rust's MIR from Facebook
  - electrolysis - formal verification of Rust programs with the Lean theorem prover
Offensive Security and Red Teaming
- Command-and-Control Frameworks
  - tetanus - Mythic agent written in Rust
- Defense Evasion
  - FunctionStomping - new shellcode injection technique.
- Packing, Obfuscation, Encryption, Anti-analysis
  - debugoff - Linux anti-debugging and
  - goldberg - procedural macro library for
  - obfstr - string obfuscation for Rust
  - oxide - PoC packer written in Rust.
  - Linux.Fe2O3 - Simple ELF prepender virus / in-memory loader written in Rust
Threat Detection and Forensics
- Packing, Obfuscation, Encryption, Anti-analysis
  - yara-rust - Rust bindings to YARA
  - BONOMEN - hunt for malware critical process impersonation
  - confine - sandbox for threat detection
  - redbpf - crate for writing BPF/eBPF modules
  - cernan - telemetry aggregation and shipping
  - foniod - Data first monitoring agent using (e)BPF, built on RedBPF
  - zerotect - attack/exploit Detector that utilizes Polymorphism and Diversity
  - hayabusa - Sigma-based threat hunting and fast forensics timeline generator for Windows event logs written in Rust.
  - medusa - fast and secure multi protocol honeypot.
  - elegant-bouncer - experimental tool for detection of the FORCEDENTRY (CVE-2021-30860)
  - cargo-sandbox - sandboxed cargo
Cryptography
- Frameworks
  - secrets - secure storage for cryptographic secrets in Rust
  - mundane - BoringSSL-backed cryptography library
  - rust-threshold-secret-sharing - Rust implementation of threshold-based secret sharing
  - rust-security-framework - Rust bindings to the macOS `Security.framework`
  - microkv - minimal and secure key-value storage for Rust
  - swanky - suite of rust libraries for secure multi-party computation
  - tandem - maliciously secure two-party computation engine which is embeddable and accessible
Applications
- Frameworks
  - sniffnet - Application to comfortably monitor your Internet traffic 🕵️‍♂️
  - ripasso - password manager written in Rust
  - sekey - TouchID / Secure Enclave for SSH authentication
  - Mullvad VPN Client - Mullvad VPN app written in Rust
  - fakio - lightweight secure tunnel proxy.
  - firecracker - Secure and fast microVMs for serverless computing.
  - ripasso - password manager written in Rust
Books
- Frameworks
Articles
- Frameworks
  - str::repeat wildcopy exploit writeup
  - Introduction to Fuzzing Rust code
Talks
- Frameworks

Programming Languages

Rust 95 Shell 2 Markdown 1 Lean 1 C# 1

Ecosyste.ms: Awesome

awesome-rust-security

Web and Cloud Security

Pentesting

Authorization & Authentication Frameworks

Cloud and Infrastructure

Software Supply Chain

Secure Frameworks

Vulnerability Assessment

Static Code Auditing

Fuzzing

Binary Analysis & Reversing

Property-Based Testing

Symbolic Execution

Formal Verification

Offensive Security and Red Teaming

Command-and-Control Frameworks

Defense Evasion

Packing, Obfuscation, Encryption, Anti-analysis

Threat Detection and Forensics

Packing, Obfuscation, Encryption, Anti-analysis

Cryptography

Frameworks

Applications

Frameworks

Books

Frameworks

Articles

Frameworks

Talks

Frameworks