SaaSHub helps you find the best software and product alternatives Learn more →
Top 20 Rust security-tool Projects
-
Project mention: I just can't get RustScan to work. constantly the same error messages with 2 different versions | reddit.com/r/Kalilinux | 2023-01-12
Did you read https://github.com/RustScan/RustScan, find the link to https://github.com/RustScan/RustScan/wiki/Installation-Guide and came across "Docker is the recommended way of installing RustScan"?
-
Ockam
Build secure-by-design applications that can Trust Data-in-Motion. Orchestrate end-to-end encryption, mutual authentication, key management, credential management & authorization policy enforcement — at scale.
If you're not already an active contributor to an open source project or two it can seem very daunting. You don't want to do the wrong thing and embarrass yourself. Remove that anxiety for people by giving them an easy way to do something low risk. Matt did that a couple of years ago by creating a long-lived issue for people to simply say hello. That's it. Say hi, introduce yourself. It's a safe place to make a first step.
-
InfluxDB
Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
-
Project mention: [Question] Does Rusts safety features make it less useful for pentesting? | reddit.com/r/rust | 2023-03-05
Black Hat Rust
-
moonwalk
Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. (by mufeedvh)
-
noseyparker
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
Project mention: Managing secrets like API keys in Python - Why are so many devs still hardcoding secrets? | reddit.com/r/Python | 2023-03-15 -
cherrybomb
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
Standard library does not provide all solutions for Error Handling.. In fact, different errors may be returned by the same function, making it increasingly difficult to handle them precisely. Personal anecdote, in our company we developed Cherrybomb an API security tool written in Rust, and we need to re-write a good part of it to have a better errors handling.
-
-
SonarQube
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
-
DataSurgeon
Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Secuirty Numbers and More From Text
-
Project mention: The Rust Implementation Of GNU Coreutils Is Becoming Remarkably Robust | reddit.com/r/rust | 2023-02-12
The Rust community seems to have settled on a perfectly reasonable way to address bit-rot in statically linked binaries. https://github.com/rust-secure-code/cargo-auditable
-
Arch Linux is heavily invested into it:
- https://reproducible.archlinux.org/ - Attempts to reproduce the distributed binary packages from source using reproducible builds tooling. This already works for a big chunk of packages.
- https://github.com/archlinux/archlinux-repro - This is a wrapper for Arch Linux build tooling that creates a build environment in a container that has the same packages installed as the original build environment back then. Software is expected to build reproducible in this environment and many ecosystems already do by default (Rust for example, to name one).
- https://github.com/kpcyrd/rebuilderd - This monitors the packages in Arch Linux, runs archlinux-repro on all of them and hosts the results. There are other projects supported but Arch Linux works best at the moment, and archlinux-repro offers the best integration I'm currently aware of.
There are surprisingly few people interested in running this stack on their own for verification purpose though.
-
pdfrip
A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks.
Project mention: When you're a programmer, friends and family be like | reddit.com/r/ProgrammerHumor | 2022-08-13 -
Shellclear is a cross-platform shell plugin that promises “a simple and fast way to secure your shell commands history”. It works by:
-
Project mention: Exein - DevOps Engineer in the Cybersecurity startup space | reddit.com/r/devopsjobs | 2022-06-12
At Exein we are looking to recruit a DevOps Engineer to form part of our foundational engineering team!
-
Project mention: pgen(1) – Passphrase Generator, version 1.1.4 released | reddit.com/r/coolgithubprojects | 2023-02-17
-
Project mention: Have I Been Squatted — free DNS typosquatting platform | reddit.com/r/cybersecurity | 2022-09-29
Regarding your question, we pack a large number of different whois servers in the twistrs library that we then use to perform lookups. I suspect we'll eventually hit the same throttling issue and to be brutally honest, it's unclear what a feasible solution to this would look like at this point in (perhaps throttling whois feature entirely). In your context, where you sending all requests to a single API?
-
fim
FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time alerting and provides Audit daemon data.
https://github.com/Achiefs/fim Any feedback or questions will be appreciated. If you like the project or Rust give us a star :D
-
pmanager
Store and retrieve your passwords from a secure offline database. Check if your passwords has leaked previously to prevent targeted password reuse attacks.
Project mention: pmanager - Secure,offline password manager with leaked database checking using XposedOrNot API | reddit.com/r/SideProject | 2022-09-27 -
recon
🕵️♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️ (by rusty-ferris-club)
Project mention: Show HN: Recon – find local files with SQL built in Rust | news.ycombinator.com | 2022-11-02 -
-
Project mention: Automated security testing for open source libraries and applications. What do you think? | reddit.com/r/opensource | 2022-08-18
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2023-03-15.
Rust security-tools related posts
- Swift Achieved Dynamic Linking Where Rust Couldn't
- Have I Been Squatted — free DNS typosquatting platform
- pmanager - Secure,offline password manager with leaked database checking using XposedOrNot API
- Have I Been Squatted — free DNS typosquatting platform
- Secure shell history commands
- Secure shell history commands
- Find Sensitive Information
-
A note from our sponsor - #<SponsorshipServiceOld:0x00007f160ca3bb40>
www.saashub.com | 29 Mar 2023
Index
What are some of the best open-source security-tool projects in Rust? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | RustScan | 9,573 |
| 2 | Ockam | 2,975 |
| 3 | black-hat-rust | 2,356 |
| 4 | moonwalk | 1,118 |
| 5 | noseyparker | 844 |
| 6 | cherrybomb | 765 |
| 7 | ppfuzz | 460 |
| 8 | DataSurgeon | 383 |
| 9 | cargo-auditable | 374 |
| 10 | rebuilderd | 318 |
| 11 | pdfrip | 239 |
| 12 | shellclear | 178 |
| 13 | kepler | 102 |
| 14 | Pgen | 98 |
| 15 | twistrs | 72 |
| 16 | fim | 65 |
| 17 | pmanager | 34 |
| 18 | recon | 16 |
| 19 | jwt-explorer | 9 |
| 20 | autovet | 6 |
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com