/awesome-rust-security

Curated list of awesome projects and resources related to Rust and computer security

Primary LanguageRustMIT LicenseMIT

Awesome Rust Security

Curated list of awesome projects and resources related to Rust and computer security


Table of Contents



Tools

Web and Cloud Security

Pentesting

  • sn0int - OSINT framework and package manager
  • sniffglue - secure multithreaded packet sniffer
  • badtouch - scriptable network authentication cracker
  • rshijack - TCP connection hijacker
  • feroxbuster - fast, simple and recursive content discovery tool
  • rustbuster - web fuzzer and content discovery tool
  • rustscan - The Modern Port Scanner
  • kepler - NIST-based CVE lookup store and API powered by Rust.
  • phaser - Automated attack surface mapper and vulnerability scanner
  • pdfrip - Fast PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks.
  • chromepass - Chromepass - Hacking Chrome Saved Passwords

Authorization & Authentication Frameworks

  • biscuit - delegated, decentralized, capabilities based authorization token
  • paseto.rs - PASETO Rust implementation
  • webauthn.rs - WebAuthn implementation in Rust
  • aliri - JWT authenticaiton and OAuth2 scope authorization implementations for many web frameworks
  • OpenSK - open-source implementation for security keys written in Rust
  • dacquiri - Attributed based access control (ABAC) framework with compile-time enforcement

Cloud and Infrastructure

  • firecracker - secure and fast microVMs for serverless computing
  • boringtun - CloudFlare's Rust implementation of WireGuard
  • innernet - private network based on WireGuard
  • vaultwarden - unofficial BitWarden implementation in Rust

Software Supply Chain

Secure Frameworks


Vulnerability Assessment

Static Code Auditing

  • RustSec - organization supporting vulnerability disclosure for Rust packages, audit Cargo.lock files for dependencies
  • cargo-geiger - detect usage of unsafe Rust
  • siderophile - find ideal fuzz targets in a Rust codebase
  • cargo-crev - cryptographically verifiable code review for cargo
  • arch-audit - audit installed Arch packages for vulnerabilities
  • ripgrep - recursively search directories with regexes
  • weggli - fast and robust semantic search tool for C and C++ codebases
  • noseyparker - command-line program that finds secrets and sensitive information in textual data and Git history.
  • L3X - AI-driven Static Analyzer

Fuzzing

  • rust-fuzz - organization implementing cargo plugins for AFL, libFuzzer, and honggfuzz
  • LibAFL - slot fuzzers together in Rust
  • fuzzcheck.rs - structure-aware, in-process, coverage-guided, evolutionary fuzzing engine for Rust functions.
  • onefuzz - self-hosted Fuzzing-As-A-Service platform
  • lain - fuzzer framework implemented in Rust
  • fzero - fast grammar-based fuzz generator implementation
  • nautilus - grammar-based feedback fuzzer from RUB's Systems Security Lab
  • sidefuzz - fuzzer for side-channel vulnerabilities
  • arbitrary - trait for generating structured input from raw bytes, helpful for structure-aware fuzzing
  • rust-san - sanitizers for Rust code
  • lidiffuzz - memory allocator drop-in to test for uninitialized memory reads
  • rewind - Snapshot-based coverage-guided Windows kernel fuzzer
  • hyperpom - AArch64 fuzzer based on the Apple Silicon hypervisor
  • icicle-emu - Fuzzing-specific multi-architecture emulation framework

Binary Analysis & Reversing

  • goblin - binary parsing crate for Rust
  • unicorn.rs - Rust bindings to the Unicorn framework
  • cargo-call-stack - whole program stack analysis
  • xori - disassembly library for PE32, 32+ and shellcode
  • rd - record/replay debugger implemented in Rust
  • binsec - Swiss Army Knife for Binary (In)Security
  • radeco - Radare2-based decompiler and symbol executor
  • falcon - Binary Analysis Framework in Rust
  • mesos - binary coverage tool without modification for Windows
  • guerilla - monkey patching Rust functions
  • ropr - blazing fast™ multithreaded ROP Gadget finder
  • pwninit - automate starting binary exploit challenges
  • binaryninja-rs - Binary Ninja API support for Rust

Property-Based Testing

  • quickcheck - property-based testing for Rust
  • proptest - Hypothesis-like property testing for Rust
  • bughunt-rust - example of using fuzzing QuickCheck models for bughunting
  • mutagen - mutation testing framework for Rust

Symbolic Execution

  • seer - symbolic execution engine for Rust
  • haybale - LLVM IR-based symbolic execution engine from the USCD System Security Lab

Formal Verification

  • MIRAI - abstract interpreter for Rust's MIR from Facebook
  • electrolysis - formal verification of Rust programs with the Lean theorem prover

Offensive Security and Red Teaming

Command-and-Control Frameworks

  • tetanus - Mythic agent written in Rust

Defense Evasion

Packing, Obfuscation, Encryption, Anti-analysis

  • debugoff - Linux anti-debugging and anti-analysis rust library
  • goldberg - procedural macro library for obfuscating Rust code.
  • obfstr - string obfuscation for Rust
  • oxide - PoC packer written in Rust.
  • Linux.Fe2O3 - Simple ELF prepender virus / in-memory loader written in Rust

Threat Detection and Forensics

  • yara-rust - Rust bindings to YARA
  • BONOMEN - hunt for malware critical process impersonation
  • confine - sandbox for threat detection
  • redbpf - crate for writing BPF/eBPF modules
  • cernan - telemetry aggregation and shipping
  • chainsaw - Windows Event Log Hunting
  • foniod - Data first monitoring agent using (e)BPF, built on RedBPF
  • zerotect - attack/exploit Detector that utilizes Polymorphism and Diversity
  • hayabusa - Sigma-based threat hunting and fast forensics timeline generator for Windows event logs written in Rust.
  • medusa - fast and secure multi protocol honeypot.
  • elegant-bouncer - experimental tool for detection of the FORCEDENTRY (CVE-2021-30860)
  • cargo-sandbox - sandboxed cargo

Cryptography

Frameworks

  • secrets - secure storage for cryptographic secrets in Rust
  • mundane - BoringSSL-backed cryptography library
  • rust-threshold-secret-sharing - Rust implementation of threshold-based secret sharing
  • molasses - Rust implementation of the MLS group messaging protocol
  • rust-security-framework - Rust bindings to the macOS Security.framework
  • microkv - minimal and secure key-value storage for Rust
  • swanky - suite of rust libraries for secure multi-party computation
  • tandem - maliciously secure two-party computation engine which is embeddable and accessible

Applications

  • sniffnet - Application to comfortably monitor your Internet traffic 🕵️‍♂️
  • ripasso - password manager written in Rust
  • sekey - TouchID / Secure Enclave for SSH authentication
  • Mullvad VPN Client - Mullvad VPN app written in Rust
  • fakio - lightweight secure tunnel proxy.
  • firecracker - Secure and fast microVMs for serverless computing.

Educational

Books

Articles

Talks


Similar Lists


Contributing

Make a pull request if you are interested in adding more to this list! All contributions are appreciated.