Open Source Rust Security Software
Sort By:
Rust Security Software
View 5818 business solutionsBrowse free open source Rust Security Software and projects below. Use the toggles on the left to filter open source Rust Security Software by OS, license, language, programming language, and project status.
-
Stop Storing Third-Party Tokens in Your DatabaseRolling your own OAuth token storage can be a security liability. Token Vault securely stores access and refresh tokens from federated providers and handles exchange and renewal automatically. Connected accounts, refresh exchange, and privileged worker flows included.
-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
1
RustScan
The Modern Port Scanner
The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported). Scans all 65k ports in 3 seconds. Full scripting engine support. Automatically pipe results into Nmap, or use our scripts (or write your own) to do whatever you want. Adaptive learning. RustScan improves the more you use it. No bloated machine learning here, just basic maths. The usuals you would expect. IPv6, CIDR, file input and more. Automatically pipes ports into Nmap. RustScan is a modern take on the port scanner. Sleek & fast. All while providing extensive extendability to you. Not to mention RustScan uses Adaptive Learning to improve itself over time, making it the best port scanner for you. Speed is guaranteed via RustScan. However, if you want to run a slow scan due to stealth that is possible too. We have tests that check to see if RustScan is significantly slower than the previous version. -
2
spotify-adblock
Adblocker for Spotify
Spotify adblocker for Linux (macOS untested) works by wrapping getaddrinfo and cef_urlrequest_create. It blocks requests to domains that are not on the allowlist, as well as URLs that are on the denylist. -
3
PDFRip
A multi-threaded PDF password cracking utility
A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks. pdfrip is a fast multithreaded PDF password cracking utility written in Rust with support for wordlist-based dictionary attacks, date and number range bruteforcing, and a custom query builder for password formats. You can write your own queries like STRING{69-420} with the -q option which would generate a wordlist with the full number range. You can pass in an year as the input with the -d option which would bruteforce all 365 days of the year in DDMMYYYY format which is a pretty commonly used password format for PDFs. Just give a number range like 5000-100000 with the -n option and it would bruteforce with the whole range. -
4
BoringSSL
Mirror of BoringSSL
BoringSSL is a Google-maintained fork of OpenSSL, designed specifically to meet the security, performance, and maintainability needs of Google’s infrastructure and products. While fully open source, BoringSSL is not intended for general public use — it serves as a streamlined, heavily modified SSL/TLS and cryptography library optimized for Google’s internal ecosystem, including Chrome/Chromium, Android, and other Google services. The project prioritizes security, simplicity, and maintainability over backward compatibility. Unlike OpenSSL, BoringSSL provides no guarantee of stable APIs or ABIs, meaning third-party projects depending on it may frequently break. Google products that use BoringSSL ship their own copies and update them as needed, enabling faster iteration without legacy constraints. BoringSSL includes comprehensive API documentation, build instructions, and guidance for porting code from OpenSSL. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
tirith
Your browser catches homograph attacks
Tirith is a terminal security guardrail that inspects what you paste or run in your shell and blocks or warns on suspicious patterns before execution, addressing an area where terminals traditionally provide almost no protection. It targets real-world attack classes like Unicode homograph URLs (lookalike domains), terminal injection tricks (ANSI escape sequences and bidi overrides), and “pipe-to-shell” installation patterns such as curl | bash that attackers frequently abuse. The project emphasizes local-only analysis with no telemetry and no background daemons, so it can run offline and keep sensitive command context on-device. It integrates into popular shells via hooks (zsh, bash, fish, and PowerShell), including paste-aware protections so hidden characters or malicious rewrites get caught at the moment they enter the terminal. -
6
BerserkArch
A bleeding-edge, security-centric Arch-based Linux distribution.
BerserkArch is a security-focused, performance-tuned Linux operating system (OS) based on Arch Linux, designed for developers, hackers, and technical users. A bleeding-edge, security-centric Arch-based Linux distribution crafted for hackers, developers, and nerds alike. Following the Arch Linux philosophy, it is designed to be highly customizable, allowing users to build their environment with only the components they need, rather than having a lot of pre-installed software like some other security distributions (e.g., Kali Linux). As an Arch-based distribution, it benefits from the rolling release model, providing users with the latest software versions and kernel updates. BerserkArch is a dist "designed to make you powerful" for specific use cases like reverse-engineering binaries and automating exploits, rather than being an easy-to-use distribution for general beginners. -
7
Findomain
Fast open source tool for discovering and monitoring domain subdomains
Findomain is an open source reconnaissance tool designed to discover and enumerate subdomains associated with a target domain. It focuses on speed and reliability by using Certificate Transparency logs and multiple well tested public APIs instead of relying solely on brute force scanning techniques. By querying multiple passive data sources in parallel, the tool can identify a large number of subdomains within a short time, making it useful for security researchers, penetration testers, and bug bounty hunters. Findomain aggregates information from various online services to provide a comprehensive list of discovered subdomains without directly attacking the target infrastructure. The tool also supports monitoring capabilities that allow users to track newly discovered subdomains and send alerts through integrations such as messaging platforms. Written in Rust, Findomain benefits from strong performance, safe concurrency, and cross platform compatibility. -
8
Chromepass
Hacking Chrome Saved Passwords
Chromepass is a python-based console application that generates a windows executable with the following features. Decrypt Google Chrome, Chromium, Edge, Brave, Opera and Vivaldi saved paswords and cookies. Send a file with the login/password combinations and cookies remotely (http server or email) Undetectable by AV if done correctly. Custom icon, custom error message, customize port. The new client build methodology practically ensures a 0% detection rate, even without AV-evasion tactics. If this becomes false in the future, some methods will be implemented to improve AV evasion. The dependencies are checked and installed automatically, so you can just skip to Usage. It's recommended that you use a clean VM, just to make sure there are no conflicts. If you don't have the dependencies and your internet isn't fast, this will take a while. -
9
Kanidm
Kanidm: A simple, secure, and fast identity management platform
Kanidm is a simple and secure identity management platform, allowing other applications and services to offload the challenge of authenticating and storing identities to Kanidm. The goal of this project is to be a complete identity provider, covering the broadest possible set of requirements and integrations. You should not need any other components (like Keycloak) when you use Kanidm - we already have everything you need. To achieve this we rely heavily on strict defaults, simple configuration, and self-healing components. This allows Kanidm to support small home labs, families, small businesses, and all the way to the largest enterprise needs. If you want to host your own authentication service, then Kanidm is for you. -
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
10
Privaxy
Privaxy is the next generation tracker and advertisement blocker
Next generation tracker and advertisement blocker. Privaxy is a MITM HTTP(s) proxy that sits in between HTTP(s) talking applications, such as a web browser and HTTP servers, such as those serving websites. By establishing a two-way tunnel between both ends, Privaxy is able to block network requests based on URL patterns and to inject scripts as well as styles into HTML documents. Operating at a lower level, Privaxy is both more efficient as well as more streamlined than browser add-on-based blockers. A single instance of Privaxy on a small virtual machine, server or even, on the same computer as the traffic is originating from, can filter thousands of requests per second while requiring a very small amount of memory. -
11
HydraDragonAntivirus
Open Source Antivirus/XDR for Windows operating system
Dynamic and static analysis with Real Time Malware Analysis with Antivirus for Windows, including open-source XDR (3 EDR projects), ClamAV, YARA-X, machine learning AI, behavioral analysis, Unpacker, Deobfuscator, Decompiler, website signatures, Ghidra, Suricata, Sigma, Kernel, Hypervisior based protection and much more than you can imagine. -
12
Stegcore
A cross-platform crypto-steganography toolkit
Stegcore combines cryptography and steganography to hide encrypted data inside ordinary files. It encrypts your payload before embedding it, so the hidden content is unreadable even if someone extracts it, and invisible to anyone who doesn't know it's there. Unlike basic steganography tools that hide data without encrypting it, Stegcore ensures the payload is cryptographically protected at rest. Unlike pure encryption tools, the payload isn't even visible. Designed for journalists, security researchers, red teamers, digital forensics professionals, and CTF participants. -
13
Anya
A malware analysis platform built in Rust
Anya is a privacy-first static malware analysis tool for Windows, Linux, and macOS. It combines PE, ELF, and Mach-O binary analysis with MITRE ATT&CK mapping, confidence-based risk scoring, and plain-English explanations. All offline, with zero network calls. Built for analysts and students alike, it ships as both a CLI and a desktop GUI. -
14
Bitwarden Secrets Manager SDK
Bitwarden Secrets Manager SDK
This repository houses the Bitwarden Secret Manager SDK. The SDK is written in Rust and provides a Rust API, CLI, and various language bindings. -
15
Cherrybomb
Cherrybomb is a CLI tool that helps you avoid undefined user behaviour
Cherrybomb is an CLI tool written in Rust that helps prevent incorrect code implementation early in development. It works by validating and testing your API using an OpenAPI file. Its main goal is to reduce security errors and ensure your API functions as intended. Cherrybomb makes sure your API is working correctly. It checks your API's spec file (OpenAPI Specification) for good practices and makes sure it follows the OAS rules. Then, it tests your API for common issues and vulnerabilities. If any problems are found, Cherrybomb gives you a detailed report with the exact location of the problem so you can fix it easily. With a configuration file, you can easily edit, view, Cherrybomb's options. The config file allows you to set the running profile, location of the oas file, the verbosity and ignore the TLS error. Config also allows you to override the server's URL with an array of servers, and add security to the request. -
16
Codegroup
A Java application for transferring computer files in 5 letter groups
Codegroup is a Java application that will allow one to convert binary (or text) computer files in to 5 letter codegroups for transmission over email, landline telephones, radioteletype or Morse Code. Codegroup has internal error correction & limited cryptography capabilities. Codegroup : ZZZZZ YBPIL AIAIG FMOPP CPAAA DGNGP GPGPA ADNJN ELJKO ELIMO GEOHF KIFGP IFBCB PKCPI YJMHE PHBHP PPOBH NCOHD AKLLL AGHFP DEGEF LKELC EAIJI ABAGP AHPPO IHHPH OHPDF YNFPB ALEPO KMPKP Once this program has a graphical user interface, an Enigma like subsystem must be devised for data whitening. For content encryption, the use of Java's facilities is being considered as a long term option. This project's initial sourcecode is related to : http://www.fourmilab.ch/codegroup/ http://winmorse.com/ https://bitbucket.org/bgneal/cpp-enigma http://www.whence.com/minimodem/ For the User Interface http://www.oracle.com/technetwork/java/javafx/tools/ -
17
Constantine
Modular, high-performance, zero-dependency cryptography stack
High-performance cryptography for proof systems and blockchain protocols. This library provides a constant-time implementation of cryptographic primitives with a particular focus on cryptography used in blockchains and zero-knowledge-proof systems. The library aims to be a fast, compact and hardened library for elliptic curve cryptography needs, in particular for blockchain protocols and zero-knowledge proofs system. -
18
FHEVM
Integrate FHE with blockchain applications
FHEVM is a framework built by Zama to enable confidential smart contracts on EVM-compatible blockchains using Fully Homomorphic Encryption (FHE). It lets developers write Solidity contracts that handle encrypted inputs, encrypted state, arithmetic and logical operations on encrypted types, while maintaining privacy (data always encrypted), composability (encrypted state works alongside public state), and security (via threshold decryption, KMS, etc). The framework includes on-chain and off-chain components (contracts, coprocessors, gateway, utilities) to orchestrate the whole encrypted data pipeline. -
19
Good Man in the Middle
Rule-based MITM engine. Rewriting, redirecting and rejecting on HTTP
Rule-based MITM engine. Rewriting, redirecting and rejecting on HTTP(S) requests and responses, supports JavaScript. -
20
NTK Ultra-Compression
Logiciel de compression de fichiers maximal indépendant du temps.
Le logiciel NTK Ultra-Compression répond à une problématique essentielle de l’ère numérique : comment réduire la taille des données à leur minimum absolu sans compromis sur leur intégrité, tout en s’affranchissant des contraintes temporelles ? Dans un monde où les volumes de données explosent et où les solutions actuelles de compression restent limitées par des compromis entre rapidité, efficacité et complexité, nous proposons une approche disruptive. Les solutions actuelles, telles que le format ZIP ou 7z, bien qu’efficaces, atteignent leurs limites en termes de taux de compression et d’efficacité pour les fichiers volumineux ou complexes. Ces outils sont souvent contraints par des compromis entre rapidité d’exécution et efficacité de stockage. Cette approche disruptive s’adresse notamment aux utilisateurs ayant besoin de manipuler des fichiers volumineux, comme les logiciels, les jeux vidéo ou les bases de données, où chaque octet économisé compte. -
21
Ockam
Orchestrate end-to-end encryption, mutual authentication
Ockam is a suite of open source tools, programming libraries, and managed cloud services to orchestrate end-to-end encryption, mutual authentication, key management, credential management, and authorization policy enforcement – at massive scale. Modern applications are distributed and have an unwieldy number of interconnections that must trustfully exchange data. To build trust for data-in-motion, applications need end-to-end guarantees of data authenticity, integrity, and confidentiality. To be private and secure by-design, applications must have granular control over every trust and access decision. Ockam allows you to add these controls and guarantees to any application. We are passionate about making powerful cryptographic and messaging protocols simple and safe to use for millions of builders. Create a mutually authenticated and end-to-end encrypted secure channel between two Ockam nodes. -
22
OpenSK
OpenSK is an open-source implementation for security keys
OpenSK is an open-source implementation of FIDO2 (WebAuthn + CTAP) security keys, written in Rust and designed to run on affordable microcontroller boards. It provides the full authenticator stack—USB/NFC transport, CTAP protocol handling, credential management, and cryptographic operations—so you can build and audit your own hardware token. The project emphasizes defense-in-depth: memory-safe Rust, hardened crypto, isolation via an embedded OS, and explicit user presence/verification flows. Developers can flash reference hardware, customize UX (LEDs, buttons, PIN), and experiment with extensions while staying interoperable with major browsers and platforms. A test and conformance suite validates protocol behavior against the WebAuthn/CTAP specs to ensure compatibility. -
23
PassForge
An Opensource Password Generator
-
24
SafeUtils
110+ developer tools as native MacOS, Linux & Windows desktop apps.
Tools: https://safeutils.com/barcode-generator https://safeutils.com/color-picker https://safeutils.com/qr-code-generator https://safeutils.com/qr-code-scanner https://safeutils.com/word-counter https://safeutils.com/base-64-decoder https://safeutils.com/diff-checker https://safeutils.com/hex-to-ascii https://safeutils.com/json-formatter https://safeutils.com/lorem-ipsum-generator https://safeutils.com/random-generator https://safeutils.com/time-converter https://safeutils.com/xml-formatter https://safeutils.com/ascii-to-binary https://safeutils.com/ascii-to-hex https://safeutils.com/base-64-encoder https://safeutils.com/binary-to-ascii https://safeutils.com/case-converter https://safeutils.com/csv-to-json https://safeutils.com/decimal-to-ascii https://safeutils.com/html-formatter https://safeutils.com/html-preview https://safeutils.com/html-to-markdown https://safeutils.com/id-generator https://safeutils.com/json-to-csv https://safeutils.com/json-to-xml -
25
Secluso
Privacy-preserving home security camera using end-to-end encryption
Secluso is an open-source, privacy-focused home security camera system that uses advanced end-to-end encryption to protect video data from unauthorized access. Unlike many commercial smart cameras that send footage to cloud servers where providers can potentially access it, Secluso encrypts video streams directly on the camera before they are relayed, ensuring that only the user’s mobile app can view recorded or live content. The design splits responsibilities across distinct components: a camera hub that captures and encrypts footage, a mobile app for monitoring and receiving encrypted event notifications, and a relay server that passes encrypted data without being able to decrypt it. Secluso supports multiple camera types, including Raspberry Pi-based standalone setups and existing IP cameras, as long as they can interface with the system’s recording and encryption pipelines.
