Cargo
RustScan
Our great sponsors
Cargo | RustScan | |
---|---|---|
262 | 26 | |
11,828 | 11,933 | |
2.5% | 3.1% | |
10.0 | 4.2 | |
5 days ago | 10 days ago | |
Rust | Rust | |
Apache License 2.0 | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Cargo
-
Scriptisto: "Shebang interpreter" that enables writing scripts in compiled langs
Nice hack! Would it have been possible back then to use cargo to pull in some dependencies?
The clean solution of cargo script is here: https://github.com/rust-lang/cargo/issues/12207
-
Making Rust binaries smaller by default
Yes, I am sure this is going to be a part of Rust 1.77.0 and it will release on 21st March. I say that because of the tag in the PR (https://github.com/rust-lang/cargo/pull/13257#event-11505613...).
I'm no expert on Rust compiler development, but my understanding is that all code that is merged into master is available on nightly. If they're not behind a feature flag (this one isn't), they'll be available in a full release within 12 weeks of being merged. Larger features that need a lot more testing remain behind feature flags. Once they are merged into master, they remain on nightly until they're sufficiently tested. The multi-threaded frontend (https://blog.rust-lang.org/2023/11/09/parallel-rustc.html) is an example of such a feature. It'll remain nightly only for several months.
Again, I'm not an expert. This is based on what I've observed of Rust development.
-
You can't do that because I hate you
"Beg", and "passive aggressive" from TFA, is an unnecessarily emotional interpretation of that sentence. It's perfectly neutral. When they imported `cargo-vendor` into cargo removed a feature that was not trivial to reimplement, so they asked for an issue to be opened so that they can see if people want it and so that someone can decide to implement it.
That message *could* be updated to point to https://github.com/rust-lang/cargo/issues/10310 instead of asking for new issues to be created or suggesting the old `cargo-vendor`. (The author of TFA already knows about that issue, since they commented on it before they published their article.)
(You might say it would've been better to let cargo-vendor remain instead of importing it into cargo, but the reason that was done was to ensure it would continue to work with changes to cargo. Indeed that is why cargo-vendor does *not* work properly any more.)
The author provides very surface-level criticism of two Rust tools, but they don't look into why those choices were made.
With about five minutes of my time, I found out:
wrap_comments was introduced in 2019 [0]. There are bugs in the implementation (it breaks Markdown tables), so the option hasn't been marked as stable. Progress on the issue has been spotty.
--no-merge-sources is not trivial to re-implement [1]. The author has already explained why the flag no longer works -- Cargo integrated the command, but not all of the flags. This commit [2] explains why this functionality was removed in the first place.
Rust is open source, so the author of this blog post could improve the state of the software they care about by championing these issues. The --no-merge-sources error message even encourages you to open an issue, presumably so that the authors of Cargo can gauge the importance of certain flags/features.
You could even do something much simpler, like adding a comment to the related issues mentioning that you ran into these rough edges and that it made your life a little worse, or with a workaround that you found.
Alternatively, you can continue to write about how much free software sucks.
[0]: https://github.com/rust-lang/rustfmt/issues/3347
[1]: https://github.com/rust-lang/cargo/pull/10344
[2]: https://github.com/rust-lang/cargo/commit/3842d8e6f20067f716...
-
Cargo has never frustrated me like npm or pip has. Does Cargo ever get frustrating? Does anyone ever find themselves in dependency hell?
And there are IMHO some rough edges around workspaced crates. E.g. https://github.com/rust-lang/cargo/issues/3946
Be careful about doing this globally on in a way that shares the target dir, you'll end up hitting a cargo bug that causes it to combine unexpected code in some cases, which can cause unsound behavior. https://github.com/rust-lang/cargo/issues/12516
For filesystem caches, see https://github.com/rust-lang/cargo/issues/12633
I wonder, is cargo gc solve the problem https://github.com/rust-lang/cargo/pull/12634 ?
Something else that will help is per user caching which several people are looking into. For dependencies you share between projects, they'll share the folder, saving on disk space.
RustScan
-
[self-made] havn - fast lightweight port scanner
I’m not sure why I decided to create it, I think I tried to use RustScan for a simple task last week, but it was too convoluted for my needs, as well as the fact that it requires nmap to be installed. Thus havn was born, nothing else needed, and only directly using two dependencies, Tokio and Clap, although I think If I really wanted to, I could remove the Clap dependency, but it’s just so handy and easy to use.
- Recommended high speed port scanner?
-
What are your favorite Rust-powered Linux programs?
My favourites are ripgrep, exa and rustscan
-
HTB - Paper (Writeup)
First, we will be checking for open ports. I will be using rustscan here (because it's fast, and it's basically the Rust implementation of nmap), but you are free to choose whatever port scanner you like.
- Tips for Making a Popular Open-Source Project in 2021 [Ultimate Guide]
-
Owl - Rust Port Analyzer and Network Mapper
There's also rustscan
-
Awesome Penetration Testing
RustScan - Lightweight and quick open-source port scanner designed to automatically pipe open ports into Nmap.
-
The most important step in hacking - Enumeration
We can see there are 5 ports open. We may be able to exploit the HTTP service on port 80 or gain access to SSH on port 20. Port scanning can be slow, tools such as PyRCON and Rust Scanner may help us speed up this process. Typically this isn't necessary but in a KOTH or battlegrounds game, we can't spare the time.
-
sx - modern network scanner that is 30 times faster than nmap
I will do a more detailed analysis of this product, but based on these three source files: input.rs, mod.rs and Dockerfile, they made a wrapper over nmap, whereas sx is independent of third party utilities and generates and sends raw packets directly through the NIC using AF_PACKET socket
Would love to hear how it compares to RustScan: https://github.com/RustScan/RustScan
What are some alternatives?
masscan - TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
scapy - Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
nuclei - Fast and customizable vulnerability scanner based on simple YAML based DSL.
RustCMake - An example project showing usage of CMake with Rust
SQLMap - Automatic SQL injection and database takeover tool
Clippy - A bunch of lints to catch common mistakes and improve your Rust code. Book: https://doc.rust-lang.org/clippy/
netdiscover - Netdiscover, ARP Scanner (official repository)
evillimiter-windows - Tool that limits bandwidth of devices on the same network without access.
opencv-rust - Rust bindings for OpenCV 3 & 4
wpscan - WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]
BloodHound - Six Degrees of Domain Admin
overflower - A Rust compiler plugin and support library to annotate overflow behavior