Skip to content

Curated list of projects, articles and more related to Offensive Security and Red Teaming. Completely written in Rust.

Notifications You must be signed in to change notification settings

killvxk/awesome-offensive-rust

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
 
 
 
 
 
 

Repository files navigation

Awesome Offensive Rust Awesome

Curated list of resources about Rust language used for offensive security & red teaming.

List inspired by the awesome list thing.

Contents

Communities

Articles

Books

Boilerplates

Boilerplates for Rust language used for offensive security & red teaming.

... Coming soon

Projects

  • ADPT - DLL proxying for lazy people.
  • Arsenal-rs - Rusty Arsenal - A collection of experimental Process Injection and Post-Exploitation Techniques in Rust.
  • Bin Finder - Detect EDR's exceptions by inspecting processes' loaded modules.
  • Bore - bore is a simple CLI tool for making tunnels to localhost.
  • Cerbero - Kerberos protocol attacker.
  • Crabby - WebShell for Red Teams, just easily.
  • CustomEntryPoint - Select any exported function in a dll as the new dll's entry point.
  • DInvoke_rs - Dynamically invoke arbitrary unmanaged code.
  • Dog - A command-line DNS client written in rust. Dig alternative.
  • Dumpy - Reuse open handles to dynamically dump LSASS.
  • Eagle-rs - Rusty Rootkit - Windows Kernel Rookit in Rust (Codename: Eagle).
  • Eclipse - Activation Context Hijack to load and run an arbitrary DLL in any desired process.
  • EPI - Threadless Process Injection through entry point hijacking.
  • Feroxbuster - A fast, simple, recursive content discovery tool written in Rust.
  • Fiber - Using fibers to run in-memory code.
  • Findomain - The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
  • Freeze.rs - Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST.
  • GhostDriver - GhostDriver is a Rust-built AV killer tool using BYOVD.
  • Goblin - An impish, cross-platform binary parsing crate, written in Rust.
  • Haylxon - Blazing-fast tool to grab screenshots of your domain list right from terminal.
  • Hrekt - A really fast http prober.
  • Illusion-rs - Rusty Hypervisor - Windows UEFI Blue Pill Type-1 Hypervisor in Rust (Codename: Illusion).
  • IronRDP - Rust implementation of the Microsoft Remote Desktop Protocol (RDP).
  • JoJoLoader - Help Redteam members generate Evasive Anti-virus software Trojan.
  • Legba - A multiprotocol credentials bruteforcer / password sprayer and enumerator.
  • Lorsrf - Fast CLI tool to find the parameters that can be used to find SSRF or Out-of-band resource load.
  • Matrix-rs - Rusty Hypervisor - Windows Blue Pill Type-2 Hypervisor in Rust (Codename: Matrix)
  • Moonwalk Back - Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.
  • Noseyparker - Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
  • NovaLdr - Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre).
  • Offensive Rust - A collection of offensive security tools written in Rust.
  • OffensiveRust - Rust Weaponization for Red Team Engagements.
  • Osintui - OSINT from your favorite services in a friendly terminal user interface - integrations for Virustotal, Shodan, and Censys.
  • Ppfuzz - A fast tool to scan client-side prototype pollution vulnerability written in Rust.
  • Pyscan - Python dependency vulnerability scanner, written in Rust.
  • Qscan - Quick network scanner library.
  • Redlotus-rs - Rusty Bootkit - Windows UEFI Bootkit in Rust (Codename: RedLotus).
  • Ripgen - Rust-based high performance domain permutation generator.
  • Ripgrep - Ripgrep recursively searches directories for a regex pattern while respecting your gitignore.
  • Rust for Malware Development - Rust for malware development and for low level stuffs.
  • Rust Syscall - Single stub direct and indirect syscalling with runtime SSN resolving for windows.
  • RustChain - Hide memory artifacts using ROP and hardware breakpoints.
  • RustHollow - Inject a shellcode in a remote process using Process Hollowing.
  • RustHound - Active Directory data collector for BloodHound written in Rust.
  • Rustic64 - 64-bit, position-independent shellcode template for Windows in Rust.
  • Rustic64Shell - 64-bit, position-independent reverse tcp shell, built in Rust for Windows.
  • RustiveDump - LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.
  • RustPacker - Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.
  • RustRedOps - RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language.
  • RustScan - The Modern Port Scanner.
  • Rusty Hog - A suite of secret scanners built in Rust for performance. Based on TruffleHog.
  • RustVEHSyscalls - Rust port of LayeredSyscall, designed to perform indirect syscalls while generating legitimate API call stack frames by abusing Vectored Exception Handling (VEH) to bypass user-land EDR hooks in Windows.
  • Scrying - A tool for collecting RDP, web and VNC screenshots all in one place.
  • Shadow-rs - Windows Kernel Rootkit in Rust.
  • Shelter - ROP-based sleep obfuscation to evade memory scanners.
  • Skanuvaty - Dangerously fast DNS/network/port scanner
  • Sniffglue - Secure multithreaded packet sniffer.
  • Split - Apply a divide and conquer approach to bypass EDRs.
  • Unwinder - Call stack spoofing for Rust.
  • Venom-rs - Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom).
  • WStunnel - Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available.
  • X8 - Hidden parameters discovery suite

Useful Libraries

  • LibAFL - Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
  • Litcrypt - A Rust compiler plugin to encrypt string literal at compile time.
  • Rustls - A modern TLS library in Rust.

Contributing

Found an awesome package, article, blog, video etc.? Send me a pull request! Just follow the guidelines. Thank you!

License

CC0

About

Curated list of projects, articles and more related to Offensive Security and Red Teaming. Completely written in Rust.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published