archer
black-hat-rust
archer | black-hat-rust | |
---|---|---|
2 | 48 | |
39 | 3,047 | |
- | 0.9% | |
2.2 | 4.3 | |
about 2 months ago | 7 months ago | |
Go | Rust | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
archer
-
The Elasticsearch Rant
For the query string, you don’t have to implement your own DSL. Elasticsearch supports it out of the box. You could POST a JSON object to “/_search” but you can also do a GET with the “q” query parameter.
Documentation: https://www.elastic.co/guide/en/elasticsearch/reference/curr...
In the Golang library you can use the “Search.WithQuery” option. This means you don’t have to construct a JSON request body.
Here’s an example: https://github.com/taythebot/archer/blob/main/pkg/elasticsea...
The Elasticsearch Golang library is a real pain to use. It was meant as a low level library so they didn’t add any types. However they are currently working on a typed client! The documentation is a bit lacking but going through go.dev you can find all the methods you need. This still means you need to JSON decode the response, but it helps you build queries, which is a step up.
Typed Client: https://www.elastic.co/guide/en/elasticsearch/client/go-api/...
- Show HN: Archer – open-source distributed network and vulnerability scanner
black-hat-rust
-
Cloudflare for Speed and Security
Bonuses: If you purchase Cloudflare for Speed and Security before November 4, 2023, you'll get my bestseller, Black Hat Rust, for free! Yes, you read it right, two books for less than the price of one!
-
Show HN: I'm writing a book – Cloudflare for Speed and Security
Hey HN,
I'm so excited to finally share with you what I've been working on recently.
One month ago I asked my audience what they wanted to learn about Websites, APIs and Servers security [0].
From the feedback, I've identified a few recurring pain points that I've started to address (and many more) in this new book.
From theory to practice, you will learn how low-level network and security protocols work. How to configure Cloudflare to secure and scale your web applications. How to create serverless applications and which database to chose with serverless functions. How to optimize your caching policies. How to distribute videos globally. And a lot of other things, all of that while significantly reducing your cloud bill.
Today, the book is far from ready, but I still wanted to release it as "Early Access". First, to enable you to start learning today and, secondly, to garner feedback and refine the book's content.
Between writing, editing, and technical reviewing, it can take some time to complete a book. That's why I release my books before they are fully completed - so you can commence learning before the book is 100% ready, provide feedback, and help shape the content. Rest assured, all future updates are free of charge.
The final publication date is set for mid-January 2024.
Bonuses: If you purchase Cloudflare for Speed and Security before November 4, 2023, you'll get my bestseller, Black Hat Rust [1], for free! Yes, you read it right, two books for less than the price of one!
Furthermore, all early-access supporters will receive the checklist I use to quickly set up a new domain on Cloudflare, ensuring the right balance between security, performance, and user experience.
Lastly, the price is likely to increase once the book transitions out of Early Access, so don't postpone getting your copy.
Sylvain
[0] https://kerkour.com/what-do-you-want-to-learn-about-web-and-...
[1] https://kerkour.com/black-hat-rust
- Black Hat Rust
-
The EU Suppressed a 300-Page Study That Found Piracy Doesn’t Harm Sales
The best way I have found to prevent the piracy of my book (https://kerkour.com/black-hat-rust) is to inundate pirate platforms with only the first chapter and with a discount inside for those who can't afford the original price.
So far it worked really well.
-
[Question] Does Rusts safety features make it less useful for pentesting?
Black Hat Rust
-
Offensive Rust
You mean like this? https://kerkour.com/black-hat-rust
-
Position Independent Shellcodes in Rust (PIC)
As usual, you can find the code on GitHub: github.com/skerkour/black-hat-rust (please don't forget to star the repo 🙏).
-
How to Write and Compile a Shellcode in Rust
This post is an excerpt from my book Black Hat Rust
-
Learn Rust, Offensive Security and Applied Cryptography
This is why I dedicated the past months to write a book about the topic: Black Hat Rust - Applied offensive security with the Rust programming language.
-
Backdooring Rust crates for fun and profit
Want to learn more Rust, Offensive Security and Applied Cryptography? Take a look at my book Black Hat Rust Get 42% off until Friday, November 12 with the coupon 1311B892
What are some alternatives?
np - A tool to parse, deduplicate, and query multiple port scans.
sn0int - Semi-automatic OSINT framework and package manager
favirecon - Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
zero-to-production - Code for "Zero To Production In Rust", a book on API development using Rust.
rengine - reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
yakuza-freecam - Yakuza Freecam Tool made in Rust
jaeles - The Swiss Army knife for automated Web Application Testing
dirble - Fast directory scanning and scraping tool
osmedeus - A Workflow Engine for Offensive Security
rust-windows-shellcode - Windows shellcode development in Rust
reconftw - reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera - 🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337