Rust security-tools

Open-source Rust projects categorized as security-tools

Top 23 Rust security-tool Projects

  • RustScan

    🤖 The Modern Port Scanner 🤖

  • Project mention: RustScan – The Modern Port Scanner | | 2023-08-25
  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
  • black-hat-rust

    Applied offensive security with Rust -

  • Project mention: Cloudflare for Speed and Security | /r/CloudFlare | 2023-10-20

    Bonuses: If you purchase Cloudflare for Speed and Security before November 4, 2023, you'll get my bestseller, Black Hat Rust, for free! Yes, you read it right, two books for less than the price of one!

  • noseyparker

    Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.

  • Project mention: Magika: AI powered fast and efficient file type identification | | 2024-02-15


    Sometimes a file has no extension. Other times the extension is a lie. Still other times, you may be dealing with an unnamed bytestring and wish to know what kind of content it is.

    This last case happens quite a lot in Nosey Parker [1], a detector of secrets in textual data. There, it is possible to come across unnamed files in Git history, and it would be useful to the user to still indicate what type of file it seems to be.

    I added file type detection based on libmagic to Nosey Parker a while back, but it's not compiled in by default because libmagic is slow and complicates the build process. Also, libmagic is implemented as a large C library whose primary job is parsing, which makes the security side of me jittery.

    I will likely add enabled-by-default filetype detection to Nosey Parker using Magika's ONNX model.


  • matano

    Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

  • Project mention: Cisco Acquires Splunk | | 2023-09-21

    sorry thats

  • moonwalk

    Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. (by mufeedvh)

  • cherrybomb

    Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

  • Project mention: Cherrybomb: Audit, validate and test API specifications | | 2023-11-22
  • DataSurgeon

    Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  • cargo-auditable

    Make production Rust binaries auditable

  • ppfuzz

    A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

  • pdfrip

    A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks.

  • rebuilderd

    Independent verification of binary packages - reproducible builds

  • shellclear

    Secure shell history commands by finding sensitive data

  • pyscan

    python dependency vulnerability scanner, written in Rust.

  • Project mention: Pyscan v0.1.4: Fastest way to find dependency vulnerabilities in python projects, written in Rust. | /r/rust | 2023-06-29
  • birdcage

    Cross-platform embeddable sandboxing

  • Project mention: Ledger's NPM account has been hacked | | 2023-12-14

    Co-funder @ Phylum here ( We have been actively scanning dependencies across npm (and PyPI, RubyGems,, etc.) for nearly three years now; quite successfully, I might add ( We _automatically_ hit on this package when it was published, and our research team has been all over it.

    A collective of us are active in Discord (, continuing to hunt attacks like these. If that's something that interests you, we'd love to have you!

    In addition to this, we've released several open source tools to help protect against supply chain attacks:

    1. - Birdcage is a cross-platform embeddable sandbox that's been baked into our CLI (which wraps npm, pypi, etc.) to sandbox package installations

    2. - Our CLI provides an extension capability so you can lock down random executables you might use during your software development (define _what_ it's allowed to do, e.g. network access, and then lock it down with Birdcage)

    We also have a variety of integrations, including Github, Gitlab, BitBucket, CircleCI, Tines, Sophos, etc.

    It's unfortunate that software dependency attacks continue to plague open source registries. It seems unlikely this will let up in the near future. We are continuing to work closely with the open source ecosystems to try and get these sorts of packages removed when they pop up.

  • kepler

    NIST-based CVE lookup store and API powered by Rust.

  • fim

    FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time alerting and provides Audit daemon data.

  • Project mention: FIM v0.4.10 - Realtime File monitoring tool | /r/rust | 2023-11-17
  • twistrs

    A domain name permutation and enumeration library powered by Rust.

  • Project mention: Have I Been Squatted? | | 2023-11-27
  • lotus

    :zap: Fast Web Security Scanner written in Rust based on Lua Scripts :waning_gibbous_moon: :crab: (by BugBlocker)

  • secutils is an open-source, versatile, yet simple security toolbox for engineers and researchers (by secutils-dev)

  • Project mention: A primer on open-source intelligence for bug bounty hunting in Grafana | | 2024-06-11

    ℹ️ ASK: If you found this post helpful or interesting, please consider showing your support by starring secutils-dev/secutils GitHub repository.

  • kurl

    HTTP Requests for security researchers (by gbrls)

  • pmanager

    Store and retrieve your passwords from a secure offline database. Check if your passwords has leaked previously to prevent targeted password reuse attacks.

  • pam-authramp

    pam-authramp | The AuthRamp PAM module provides an account lockout mechanism based on the number of authentication failures.

  • Project mention: Show HN: Pam-Authramp – Advanced Brute Force Protection for Linux Users | | 2024-01-03
  • recon

    🕵️‍♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️ (by rusty-ferris-club)

  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Rust security-tools discussion

Log in or Post with

Rust security-tools related posts

  • Explore web applications through their content security policy (CSP)

    1 project | | 28 Nov 2023
  • Q4 2023 iteration: tracking arbitrary web content, user-specific webhook subdomains, inherited CSP, and more

    1 project | | 31 Oct 2023
  • Announcing 1.0.0-alpha.3 release: more powerful resource tracking, notifications and content sharing

    2 projects | | 24 Oct 2023
  • Have I Been Squatted? – Check if your domain has been typosquatted

    1 project | /r/cybersecurity | 12 Oct 2023
  • Building a scheduler for a Rust application

    1 project | | 26 Sep 2023
  • LastPass: ‘Horse Gone Barn Bolted’ Is Strong Password

    1 project | | 22 Sep 2023
  • A plan for Q3 2023 iteration

    2 projects | | 21 Sep 2023
  • A note from our sponsor - SaaSHub | 13 Jun 2024
    SaaSHub helps you find the best software and product alternatives Learn more →


What are some of the best open-source security-tool projects in Rust? This list will help you:

Project Stars
1 RustScan 12,950
2 black-hat-rust 3,067
3 noseyparker 1,535
4 matano 1,373
5 moonwalk 1,290
6 cherrybomb 1,066
7 DataSurgeon 710
8 cargo-auditable 587
9 ppfuzz 542
10 pdfrip 539
11 rebuilderd 346
12 shellclear 213
13 pyscan 176
14 birdcage 174
15 kepler 124
16 fim 118
17 twistrs 89
18 lotus 70
19 secutils 69
20 kurl 62
21 pmanager 34
22 pam-authramp 34
23 recon 23

Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.