Open Source Rust Security Software
Sort By:
Rust Security Software
View 5766 business solutionsBrowse free open source Rust Security Software and projects below. Use the toggles on the left to filter open source Rust Security Software by OS, license, language, programming language, and project status.
-
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
Easily Host LLMs and Web Apps on Cloud RunRun frontend and backend services, batch jobs, host LLMs, and queue processing workloads without the need to manage infrastructure. Cloud Run gives you on-demand GPU access for hosting LLMs and running real-time AI—with 5-second cold starts and automatic scale-to-zero so you only pay for actual usage. New customers get $300 in free credit to start.
-
1
RustScan
The Modern Port Scanner
The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported). Scans all 65k ports in 3 seconds. Full scripting engine support. Automatically pipe results into Nmap, or use our scripts (or write your own) to do whatever you want. Adaptive learning. RustScan improves the more you use it. No bloated machine learning here, just basic maths. The usuals you would expect. IPv6, CIDR, file input and more. Automatically pipes ports into Nmap. RustScan is a modern take on the port scanner. Sleek & fast. All while providing extensive extendability to you. Not to mention RustScan uses Adaptive Learning to improve itself over time, making it the best port scanner for you. Speed is guaranteed via RustScan. However, if you want to run a slow scan due to stealth that is possible too. We have tests that check to see if RustScan is significantly slower than the previous version. -
2
spotify-adblock
Adblocker for Spotify
Spotify adblocker for Linux (macOS untested) works by wrapping getaddrinfo and cef_urlrequest_create. It blocks requests to domains that are not on the allowlist, as well as URLs that are on the denylist. -
3
PDFRip
A multi-threaded PDF password cracking utility
A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks. pdfrip is a fast multithreaded PDF password cracking utility written in Rust with support for wordlist-based dictionary attacks, date and number range bruteforcing, and a custom query builder for password formats. You can write your own queries like STRING{69-420} with the -q option which would generate a wordlist with the full number range. You can pass in an year as the input with the -d option which would bruteforce all 365 days of the year in DDMMYYYY format which is a pretty commonly used password format for PDFs. Just give a number range like 5000-100000 with the -n option and it would bruteforce with the whole range. -
4
BerserkArch
A bleeding-edge, security-centric Arch-based Linux distribution.
BerserkArch is a security-focused, performance-tuned Linux operating system (OS) based on Arch Linux, designed for developers, hackers, and technical users. A bleeding-edge, security-centric Arch-based Linux distribution crafted for hackers, developers, and nerds alike. Following the Arch Linux philosophy, it is designed to be highly customizable, allowing users to build their environment with only the components they need, rather than having a lot of pre-installed software like some other security distributions (e.g., Kali Linux). As an Arch-based distribution, it benefits from the rolling release model, providing users with the latest software versions and kernel updates. BerserkArch is a dist "designed to make you powerful" for specific use cases like reverse-engineering binaries and automating exploits, rather than being an easy-to-use distribution for general beginners. -
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
5
tirith
Your browser catches homograph attacks
Tirith is a terminal security guardrail that inspects what you paste or run in your shell and blocks or warns on suspicious patterns before execution, addressing an area where terminals traditionally provide almost no protection. It targets real-world attack classes like Unicode homograph URLs (lookalike domains), terminal injection tricks (ANSI escape sequences and bidi overrides), and “pipe-to-shell” installation patterns such as curl | bash that attackers frequently abuse. The project emphasizes local-only analysis with no telemetry and no background daemons, so it can run offline and keep sensitive command context on-device. It integrates into popular shells via hooks (zsh, bash, fish, and PowerShell), including paste-aware protections so hidden characters or malicious rewrites get caught at the moment they enter the terminal. -
6
BoringSSL
Mirror of BoringSSL
BoringSSL is a Google-maintained fork of OpenSSL, designed specifically to meet the security, performance, and maintainability needs of Google’s infrastructure and products. While fully open source, BoringSSL is not intended for general public use — it serves as a streamlined, heavily modified SSL/TLS and cryptography library optimized for Google’s internal ecosystem, including Chrome/Chromium, Android, and other Google services. The project prioritizes security, simplicity, and maintainability over backward compatibility. Unlike OpenSSL, BoringSSL provides no guarantee of stable APIs or ABIs, meaning third-party projects depending on it may frequently break. Google products that use BoringSSL ship their own copies and update them as needed, enabling faster iteration without legacy constraints. BoringSSL includes comprehensive API documentation, build instructions, and guidance for porting code from OpenSSL. -
7
Kanidm
Kanidm: A simple, secure, and fast identity management platform
Kanidm is a simple and secure identity management platform, allowing other applications and services to offload the challenge of authenticating and storing identities to Kanidm. The goal of this project is to be a complete identity provider, covering the broadest possible set of requirements and integrations. You should not need any other components (like Keycloak) when you use Kanidm - we already have everything you need. To achieve this we rely heavily on strict defaults, simple configuration, and self-healing components. This allows Kanidm to support small home labs, families, small businesses, and all the way to the largest enterprise needs. If you want to host your own authentication service, then Kanidm is for you. -
8
Bitwarden Secrets Manager SDK
Bitwarden Secrets Manager SDK
This repository houses the Bitwarden Secret Manager SDK. The SDK is written in Rust and provides a Rust API, CLI, and various language bindings. -
9
Chromepass
Hacking Chrome Saved Passwords
Chromepass is a python-based console application that generates a windows executable with the following features. Decrypt Google Chrome, Chromium, Edge, Brave, Opera and Vivaldi saved paswords and cookies. Send a file with the login/password combinations and cookies remotely (http server or email) Undetectable by AV if done correctly. Custom icon, custom error message, customize port. The new client build methodology practically ensures a 0% detection rate, even without AV-evasion tactics. If this becomes false in the future, some methods will be implemented to improve AV evasion. The dependencies are checked and installed automatically, so you can just skip to Usage. It's recommended that you use a clean VM, just to make sure there are no conflicts. If you don't have the dependencies and your internet isn't fast, this will take a while. -
Powerful App Monitoring Without Surprise BillsTired of monitoring tools that punish you for scaling? AppSignal offers transparent, predictable pricing with every feature unlocked on every plan. Track errors, monitor performance, detect anomalies, and manage logs across Ruby, Python, Node.js, and more. Trusted by developers since 2012 with free dev-to-dev support. No credit card required to start your 30-day trial.
-
10
authoscope
Scriptable network authentication cracker (formerly `badtouch`)
authoscope is a scriptable network authentication cracker. While the space for common service bruteforce is already very well saturated, you may still end up writing your own python scripts when testing credentials for web applications. The scope of authoscope is specifically cracking custom services. This is done by writing scripts that are loaded into a lua runtime. Those scripts represent a single service and provide a verify(user, password) function that returns either true or false. Concurrency, progress indication, and reporting is magically provided by the authoscope runtime. -
11
HydraDragonAntivirus
Dynamic and static analysis with Sandboxie for Windows, including EDR
Dynamic and static analysis with Sandboxie for Windows, including EDR, ClamAV, YARA-X, custom machine learning AI, behavioral analysis, NLP-based detection, website signatures, Ghidra, Suricata, Sigma, and much more than you can imagine -
12
NTK Ultra-Compression
Logiciel de compression de fichiers maximal indépendant du temps.
Le logiciel NTK Ultra-Compression répond à une problématique essentielle de l’ère numérique : comment réduire la taille des données à leur minimum absolu sans compromis sur leur intégrité, tout en s’affranchissant des contraintes temporelles ? Dans un monde où les volumes de données explosent et où les solutions actuelles de compression restent limitées par des compromis entre rapidité, efficacité et complexité, nous proposons une approche disruptive. Les solutions actuelles, telles que le format ZIP ou 7z, bien qu’efficaces, atteignent leurs limites en termes de taux de compression et d’efficacité pour les fichiers volumineux ou complexes. Ces outils sont souvent contraints par des compromis entre rapidité d’exécution et efficacité de stockage. Cette approche disruptive s’adresse notamment aux utilisateurs ayant besoin de manipuler des fichiers volumineux, comme les logiciels, les jeux vidéo ou les bases de données, où chaque octet économisé compte. -
13
Cherrybomb
Cherrybomb is a CLI tool that helps you avoid undefined user behaviour
Cherrybomb is an CLI tool written in Rust that helps prevent incorrect code implementation early in development. It works by validating and testing your API using an OpenAPI file. Its main goal is to reduce security errors and ensure your API functions as intended. Cherrybomb makes sure your API is working correctly. It checks your API's spec file (OpenAPI Specification) for good practices and makes sure it follows the OAS rules. Then, it tests your API for common issues and vulnerabilities. If any problems are found, Cherrybomb gives you a detailed report with the exact location of the problem so you can fix it easily. With a configuration file, you can easily edit, view, Cherrybomb's options. The config file allows you to set the running profile, location of the oas file, the verbosity and ignore the TLS error. Config also allows you to override the server's URL with an array of servers, and add security to the request. -
14
Codegroup
A Java application for transferring computer files in 5 letter groups
Codegroup is a Java application that will allow one to convert binary (or text) computer files in to 5 letter codegroups for transmission over email, landline telephones, radioteletype or Morse Code. Codegroup has internal error correction & limited cryptography capabilities. Codegroup : ZZZZZ YBPIL AIAIG FMOPP CPAAA DGNGP GPGPA ADNJN ELJKO ELIMO GEOHF KIFGP IFBCB PKCPI YJMHE PHBHP PPOBH NCOHD AKLLL AGHFP DEGEF LKELC EAIJI ABAGP AHPPO IHHPH OHPDF YNFPB ALEPO KMPKP Once this program has a graphical user interface, an Enigma like subsystem must be devised for data whitening. For content encryption, the use of Java's facilities is being considered as a long term option. This project's initial sourcecode is related to : http://www.fourmilab.ch/codegroup/ http://winmorse.com/ https://bitbucket.org/bgneal/cpp-enigma http://www.whence.com/minimodem/ For the User Interface http://www.oracle.com/technetwork/java/javafx/tools/ -
15
Constantine
Modular, high-performance, zero-dependency cryptography stack
High-performance cryptography for proof systems and blockchain protocols. This library provides a constant-time implementation of cryptographic primitives with a particular focus on cryptography used in blockchains and zero-knowledge-proof systems. The library aims to be a fast, compact and hardened library for elliptic curve cryptography needs, in particular for blockchain protocols and zero-knowledge proofs system. -
16
FHEVM
Integrate FHE with blockchain applications
FHEVM is a framework built by Zama to enable confidential smart contracts on EVM-compatible blockchains using Fully Homomorphic Encryption (FHE). It lets developers write Solidity contracts that handle encrypted inputs, encrypted state, arithmetic and logical operations on encrypted types, while maintaining privacy (data always encrypted), composability (encrypted state works alongside public state), and security (via threshold decryption, KMS, etc). The framework includes on-chain and off-chain components (contracts, coprocessors, gateway, utilities) to orchestrate the whole encrypted data pipeline. -
17
Good Man in the Middle
Rule-based MITM engine. Rewriting, redirecting and rejecting on HTTP
Rule-based MITM engine. Rewriting, redirecting and rejecting on HTTP(S) requests and responses, supports JavaScript. -
18
Ockam
Orchestrate end-to-end encryption, mutual authentication
Ockam is a suite of open source tools, programming libraries, and managed cloud services to orchestrate end-to-end encryption, mutual authentication, key management, credential management, and authorization policy enforcement – at massive scale. Modern applications are distributed and have an unwieldy number of interconnections that must trustfully exchange data. To build trust for data-in-motion, applications need end-to-end guarantees of data authenticity, integrity, and confidentiality. To be private and secure by-design, applications must have granular control over every trust and access decision. Ockam allows you to add these controls and guarantees to any application. We are passionate about making powerful cryptographic and messaging protocols simple and safe to use for millions of builders. Create a mutually authenticated and end-to-end encrypted secure channel between two Ockam nodes. -
19
OpenSK
OpenSK is an open-source implementation for security keys
OpenSK is an open-source implementation of FIDO2 (WebAuthn + CTAP) security keys, written in Rust and designed to run on affordable microcontroller boards. It provides the full authenticator stack—USB/NFC transport, CTAP protocol handling, credential management, and cryptographic operations—so you can build and audit your own hardware token. The project emphasizes defense-in-depth: memory-safe Rust, hardened crypto, isolation via an embedded OS, and explicit user presence/verification flows. Developers can flash reference hardware, customize UX (LEDs, buttons, PIN), and experiment with extensions while staying interoperable with major browsers and platforms. A test and conformance suite validates protocol behavior against the WebAuthn/CTAP specs to ensure compatibility. -
20
PassForge
An Opensource Password Generator
-
21
Privaxy
Privaxy is the next generation tracker and advertisement blocker
Next generation tracker and advertisement blocker. Privaxy is a MITM HTTP(s) proxy that sits in between HTTP(s) talking applications, such as a web browser and HTTP servers, such as those serving websites. By establishing a two-way tunnel between both ends, Privaxy is able to block network requests based on URL patterns and to inject scripts as well as styles into HTML documents. Operating at a lower level, Privaxy is both more efficient as well as more streamlined than browser add-on-based blockers. A single instance of Privaxy on a small virtual machine, server or even, on the same computer as the traffic is originating from, can filter thousands of requests per second while requiring a very small amount of memory. -
22
SafeUtils
110+ developer tools as native MacOS, Linux & Windows desktop apps.
Tools: https://safeutils.com/barcode-generator https://safeutils.com/color-picker https://safeutils.com/qr-code-generator https://safeutils.com/qr-code-scanner https://safeutils.com/word-counter https://safeutils.com/base-64-decoder https://safeutils.com/diff-checker https://safeutils.com/hex-to-ascii https://safeutils.com/json-formatter https://safeutils.com/lorem-ipsum-generator https://safeutils.com/random-generator https://safeutils.com/time-converter https://safeutils.com/xml-formatter https://safeutils.com/ascii-to-binary https://safeutils.com/ascii-to-hex https://safeutils.com/base-64-encoder https://safeutils.com/binary-to-ascii https://safeutils.com/case-converter https://safeutils.com/csv-to-json https://safeutils.com/decimal-to-ascii https://safeutils.com/html-formatter https://safeutils.com/html-preview https://safeutils.com/html-to-markdown https://safeutils.com/id-generator https://safeutils.com/json-to-csv https://safeutils.com/json-to-xml -
23
Secluso
Privacy-preserving home security camera using end-to-end encryption
Secluso is an open-source, privacy-focused home security camera system that uses advanced end-to-end encryption to protect video data from unauthorized access. Unlike many commercial smart cameras that send footage to cloud servers where providers can potentially access it, Secluso encrypts video streams directly on the camera before they are relayed, ensuring that only the user’s mobile app can view recorded or live content. The design splits responsibilities across distinct components: a camera hub that captures and encrypts footage, a mobile app for monitoring and receiving encrypted event notifications, and a relay server that passes encrypted data without being able to decrypt it. Secluso supports multiple camera types, including Raspberry Pi-based standalone setups and existing IP cameras, as long as they can interface with the system’s recording and encryption pipelines. -
24
cargo-crev
A cryptographically verifiable code review system for the cargo
A cryptographically verifiable code review system for the cargo (Rust) package manager. cargo-crev is an implementation of Crev as a command-line tool integrated with cargo. This tool helps Rust users evaluate the quality and trustworthiness of their package dependencies. Crev is a language and ecosystem agnostic, distributed code review system. Use reviews produced by other users. Increase the trustworthiness of your own code. Build a web of trust of other reputable users to help verify the code you use. Static binaries are available from the releases page. Crev is a system for verifying the security and reliability of dependencies based on collaborative code reviews. Crev users review the source code of packages/libraries/crates and share their findings with others. Crev then uses Web of Trust to select trusted reviews and judge the reputation of projects' dependencies. -
25
encrypted_fs
An encrypted file system that mounts with FUSE on Linux
An encrypted file system that mounts with FUSE on Linux. It can be used to create encrypted directories. It can then safely backup the encrypted folder on an untrusted server without worrying about the data being exposed. You can also store it in any clound storage like Google Drive, Dropbox, etc. and have it synced across multiple devices. Crate encrypted_fs on crates.io https://crates.io/crates/encrypted_fs
