Rust security-tools

Open-source Rust projects categorized as security-tools

Top 20 Rust security-tool Projects

  • RustScan

    🤖 The Modern Port Scanner 🤖

    Project mention: I just can't get RustScan to work. constantly the same error messages with 2 different versions | | 2023-01-12

    Did you read, find the link to and came across "Docker is the recommended way of installing RustScan"?

  • Ockam

    Build secure-by-design applications that can Trust Data-in-Motion. Orchestrate end-to-end encryption, mutual authentication, key management, credential management & authorization policy enforcement — at scale.

    Project mention: How to grow an OSS community | | 2023-02-16

    If you're not already an active contributor to an open source project or two it can seem very daunting. You don't want to do the wrong thing and embarrass yourself. Remove that anxiety for people by giving them an easy way to do something low risk. Matt did that a couple of years ago by creating a long-lived issue for people to simply say hello. That's it. Say hi, introduce yourself. It's a safe place to make a first step.

  • InfluxDB

    Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.

  • black-hat-rust

    Applied offensive security with Rust -

    Project mention: [Question] Does Rusts safety features make it less useful for pentesting? | | 2023-03-05

    Black Hat Rust

  • moonwalk

    Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. (by mufeedvh)

  • noseyparker

    Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.

    Project mention: Managing secrets like API keys in Python - Why are so many devs still hardcoding secrets? | | 2023-03-15
  • cherrybomb

    Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

    Project mention: How to Handle Errors in Rust: A Comprehensive Guide | | 2022-12-02

    Standard library does not provide all solutions for Error Handling.. In fact, different errors may be returned by the same function, making it increasingly difficult to handle them precisely. Personal anecdote, in our company we developed Cherrybomb an API security tool written in Rust, and we need to re-write a good part of it to have a better errors handling.

  • ppfuzz

    A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

  • DataSurgeon

    Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Secuirty Numbers and More From Text

    Project mention: FLiP Stack Weekly for 13 March 2023 | | 2023-03-13
  • cargo-auditable

    Make production Rust binaries auditable

    Project mention: The Rust Implementation Of GNU Coreutils Is Becoming Remarkably Robust | | 2023-02-12

    The Rust community seems to have settled on a perfectly reasonable way to address bit-rot in statically linked binaries.

  • rebuilderd

    Independent verification of binary packages - reproducible builds

    Project mention: Towards a Reproducible F-Droid | | 2023-01-20

    Arch Linux is heavily invested into it:

    - - Attempts to reproduce the distributed binary packages from source using reproducible builds tooling. This already works for a big chunk of packages.

    - - This is a wrapper for Arch Linux build tooling that creates a build environment in a container that has the same packages installed as the original build environment back then. Software is expected to build reproducible in this environment and many ecosystems already do by default (Rust for example, to name one).

    - - This monitors the packages in Arch Linux, runs archlinux-repro on all of them and hosts the results. There are other projects supported but Arch Linux works best at the moment, and archlinux-repro offers the best integration I'm currently aware of.

    There are surprisingly few people interested in running this stack on their own for verification purpose though.

  • pdfrip

    A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks.

    Project mention: When you're a programmer, friends and family be like | | 2022-08-13
  • shellclear

    Secure shell history commands by finding sensitive data

    Project mention: Secrets at the Command Line [cheat sheet included] | | 2022-10-18

    Shellclear is a cross-platform shell plugin that promises “a simple and fast way to secure your shell commands history”. It works by:

  • kepler

    NIST-based CVE lookup store and API powered by Rust.

    Project mention: Exein - DevOps Engineer in the Cybersecurity startup space | | 2022-06-12

    At Exein we are looking to recruit a DevOps Engineer to form part of our foundational engineering team!

  • Pgen

    Command-line passphrase generator

    Project mention: pgen(1) – Passphrase Generator, version 1.1.4 released | | 2023-02-17
  • twistrs

    A domain name permutation and enumeration library powered by Rust.

    Project mention: Have I Been Squatted — free DNS typosquatting platform | | 2022-09-29

    Regarding your question, we pack a large number of different whois servers in the twistrs library that we then use to perform lookups. I suspect we'll eventually hit the same throttling issue and to be brutally honest, it's unclear what a feasible solution to this would look like at this point in (perhaps throttling whois feature entirely). In your context, where you sending all requests to a single API?

  • fim

    FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time alerting and provides Audit daemon data.

    Project mention: We just published FIM v0.4.5! | | 2023-03-08 Any feedback or questions will be appreciated. If you like the project or Rust give us a star :D

  • pmanager

    Store and retrieve your passwords from a secure offline database. Check if your passwords has leaked previously to prevent targeted password reuse attacks.

    Project mention: pmanager - Secure,offline password manager with leaked database checking using XposedOrNot API | | 2022-09-27
  • recon

    🕵️‍♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️ (by rusty-ferris-club)

    Project mention: Show HN: Recon – find local files with SQL built in Rust | | 2022-11-02
  • jwt-explorer

    Decode, explore, and sign JWTs

  • autovet

    Automated security testing for open source libraries and applications.

    Project mention: Automated security testing for open source libraries and applications. What do you think? | | 2022-08-18
  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-03-15.

Rust security-tools related posts


What are some of the best open-source security-tool projects in Rust? This list will help you:

Project Stars
1 RustScan 9,573
2 Ockam 2,975
3 black-hat-rust 2,356
4 moonwalk 1,118
5 noseyparker 844
6 cherrybomb 765
7 ppfuzz 460
8 DataSurgeon 383
9 cargo-auditable 374
10 rebuilderd 318
11 pdfrip 239
12 shellclear 178
13 kepler 102
14 Pgen 98
15 twistrs 72
16 fim 65
17 pmanager 34
18 recon 16
19 jwt-explorer 9
20 autovet 6
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives