SaaSHub helps you find the best software and product alternatives Learn more β
Top 23 Rust Security Projects
-
-
CodeRabbit
CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
-
Project mention: π εΏ«ιγζΊθ½γι«ζηη°δ»£η«―ε£ζ«ζε¨ β RustScan | dev.to | 2024-11-20
-
Project mention: Proton announces release of a new VPN protocol, "Stealth" | news.ycombinator.com | 2024-08-06
-
kata-containers
Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/
Project mention: Comparing 3 Docker container runtimes - Runc, gVisor and Kata Containers | dev.to | 2024-10-29I bet the first thing you think that it is a bug. There is an issue on GitHub where someone thought the same. The fact is that Kata containers are different and there are Limitations. The first I noticed too, that there is no way to share process or network namespaces between Docker containers. The fact that you cannot use the process namespace or network namespace of the host is easily understandable because we have a VM and not just a host kernel isolating our processes.
-
-
Project mention: Mobile Ad Blocker Will No Longer Stop YouTube's Ads | news.ycombinator.com | 2024-04-16
Don't use Youtube without going through a proxy like Invidious [1] or Newpipe
Don't use {site} Search without going through a proxy like SearxNG [2]
Don't use TwiXXer without going through a proxy like Nitter - this has gotten more difficult lately but it still works as long as you feed the daemon some registered accounts. Video does not work at the moment but that seems to be fixable.
Don't use Reddit without going through a proxy like libreddit [4]
Start noticing the pattern? Maybe it is time to start producing promotional posters:
The only thing to come between you and ADS could be a proxy / ADS. I'ts just not worth the risk
ADS / New rules for a sane net / Sane net protects you, your partner and your community
A proxy here and a filter there, ADS nowhere
The more you tighten your grip, ${site}, the more viewers will slip through your fingers
[1] https://github.com/iv-org/invidious
[2] https://github.com/searxng/searxng
[3] https://github.com/zedeus/nitter
[4] https://github.com/libreddit/libreddit
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
Ockam
Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications β at massive scale.
Project mention: Autossh β automatically restart SSH sessions and tunnels | news.ycombinator.com | 2024-09-28May I suggest a tool built for application level portals instead?
https://github.com/build-trust/ockam
One binary, easy to use, no ssh getting stuck! (yep, I work at Ockam :)
-
-
aya
Aya is an eBPF library for the Rust programming language, built with a focus on developer experience and operability.
-
sozu
SΕzu HTTP reverse proxy, configurable at runtime, fast and safe, built in Rust. It is awesome!
-
Project mention: Kanidm: A simple, secure and fast identity management platform | news.ycombinator.com | 2024-06-10
-
OpenSK
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.
-
Project mention: Angle-grinder: Slice and dice logs on the command line | news.ycombinator.com | 2024-04-29
Thereβs already a DFIR log tool named chainsaw: https://github.com/WithSecureLabs/chainsaw
-
hayabusa
Hayabusa (ιΌ) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Project mention: Hayabusa: Sigma-based forensics timeline generator for Windows event logs | news.ycombinator.com | 2024-04-24 -
Project mention: Cargo-crev β cryptographically verifiable code review system for Rust | news.ycombinator.com | 2025-02-09
-
-
This.
I heavily invested in a local runner based CI/CD workflow. First I was using gogs and drone, now the forgejo and woodpecker CI forks.
It runs with multiple redundancies because it's a pretty easy setup to replicate on decentralized hardware. The only thing that's a little painful is authentication and cross-system pull requests, so we still need our single point of failure to merge feature branches and do code reviews.
To me, personally, the Github Actions CVE from August 2024 was the final nail in the coffin. I blogged about it in more technical detail [1] and guess what was the reason that the TJ actions have been compromised last week? Yep, you guessed right, the same attack surface that Github refuses to fix, a year later.
The only tool, as far as I know, that somehow validates against these kind of vulnerabilities, is zizmor [2]. All other topls validate schemas, not vulnerabilities and weaknesses.
[1] https://cookie.engineer/weblog/articles/malware-insights-git...
[2] https://github.com/woodruffw/zizmor
-
-
noseyparker
Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.
-
-
matano
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
-
moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. (by mufeedvh)
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
Rust Security discussion
Rust Security related posts
-
Austral: A Systems Language with Linear Types and Capabilities
-
OpenMLS β An open-source implementation of Messaging Layer Security protocol
-
Show HN: Domain Typosquatting Monitoring Tool (Open Beta)
-
Zizmor β static analysis for GitHub Actions
-
Black Hat Rust
-
Zizmor: Static Analysis for GitHub Actions
-
π εΏ«ιγζΊθ½γι«ζηη°δ»£η«―ε£ζ«ζε¨ β RustScan
-
A note from our sponsor - SaaSHub
www.saashub.com | 23 Mar 2025
Index
What are some of the best open-source Security projects in Rust? This list will help you:
| # | Project | Stars |
|---|---|---|
| 1 | sniffnet | 22,928 |
| 2 | RustScan | 15,972 |
| 3 | shadowsocks-rust | 9,182 |
| 4 | kata-containers | 5,947 |
| 5 | innernet | 5,110 |
| 6 | libreddit | 5,085 |
| 7 | lldap | 4,847 |
| 8 | Ockam | 4,516 |
| 9 | black-hat-rust | 4,001 |
| 10 | aya | 3,477 |
| 11 | sozu | 3,283 |
| 12 | kanidm | 3,245 |
| 13 | OpenSK | 3,100 |
| 14 | chainsaw | 3,074 |
| 15 | hayabusa | 2,502 |
| 16 | cargo-crev | 2,171 |
| 17 | sn0int | 2,165 |
| 18 | zizmor | 2,154 |
| 19 | x8 | 1,798 |
| 20 | noseyparker | 1,802 |
| 21 | rustsec | 1,636 |
| 22 | matano | 1,521 |
| 23 | moonwalk | 1,370 |
Sponsored
CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai