Top 23 Rust security-tool Projects

security-tools

• Add a project

1. RustScan

   1 27 18,715 8.4 Rust

   🤖 The Modern Port Scanner 🤖

   

2. Stream

   getstream.io featured

   Stream - Scalable APIs for Chat, Feeds, Moderation, & Video. Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure.

   

3. black-hat-rust

   2 49 4,214 0.0 Rust

   Applied offensive security with Rust - https://kerkour.com/black-hat-rust

   

4. zizmor

   3 7 3,479 9.8 Rust

   Static analysis for GitHub Actions

   

   Project mention: Show HN: Zizmor, static analysis for GitHub Actions | news.ycombinator.com | 2025-06-26

5. noseyparker

   4 13 2,199 8.1 Rust

   Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history.

   

6. matano

   5 39 1,640 3.5 Rust

   Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

   

   Project mention: Matano: Open-source security data lake for cybersecurity analytics | news.ycombinator.com | 2025-04-03

7. moonwalk

   6 5 1,466 0.0 Rust

   Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. (by mufeedvh)

   

8. pdfrip

   7 4 1,279 4.7 Rust

   A multi-threaded PDF password cracking utility equipped with commonly encountered password format builders and dictionary attacks.

   

9. InfluxDB

   www.influxdata.com featured

   InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

   

10. cherrybomb

    8 63 1,220 2.5 Rust

    Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

    

11. DataSurgeon

    9 5 873 8.1 Rust

    Quickly Extracts IP's, Email Addresses, Hashes, Files, Credit Cards, Social Security Numbers and a lot More From Text

    

12. cargo-auditable

    10 23 788 8.5 Rust

    Make production Rust binaries auditable

    

13. ppfuzz

    11 2 645 0.0 Rust

    A fast tool to scan client-side prototype pollution vulnerability written in Rust. 🦀

    

14. novops

    12 4 458 8.1 Rust

    Cross-platform secret & config manager for development and CI environments

    

15. rebuilderd

    13 6 413 9.3 Rust

    Independent verification of binary packages - Reproducible Builds

    

16. shellclear

    14 9 225 1.6 Rust

    Secure shell history commands by finding sensitive data

    

17. pyscan

    15 7 206 7.7 Rust

    python dependency vulnerability scanner that uses osv.dev, written in Rust.

    

18. birdcage

    16 13 200 4.9 Rust

    Cross-platform embeddable sandboxing

    

19. fim

    17 22 173 8.2 Rust

    FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time alerting and provides Audit daemon data.

    

20. Pgen

    18 13 145 8.4 Rust

    Command-line passphrase generator

    

21. kepler

    19 4 136 5.4 Rust

    NIST-based CVE lookup store and API powered by Rust. (by exein-io)

    

22. twistrs

    20 9 130 8.0 Rust

    A domain name permutation and enumeration library powered by Rust.

    

    Project mention: Show HN: Domain Typosquatting Monitoring Tool (Open Beta) | news.ycombinator.com | 2025-03-03

    Hey HN! About a year ago, we launched (https://news.ycombinator.com/item?id=32984110) Have I Been Squatted, a tool to detect domain typosquatting leveraging our own open-source twistrs (https://github.com/haveibeensquatted/twistrs) library. While it was still in its early days, it managed to survive the initial traffic surge. Since then, we’ve grown a small community, iterated a lot, and built out new features.

    We've been working hard on extending the tool to monitor domains for typosquatting over time and we’re now opening up access to our new Domain Monitoring tool for free for a couple of days to anyone interested to give it a spin—just sign-up, no strings (or credit cards) attached. We’d love for you to try it out and share constructive feedback.

    We’ve expanded on our tool quite a bit since its initial launch—there are now screenshots, website classification, geolocation, DNS analysis, and more. Anomaly detection is also in the works, but still in the research phase. We plan to share more about that in a dedicated engineering post soon.

    Would love to hear your thoughts!

23. lotus

    21 4 90 7.7 Rust

    :zap: Fast Web Security Scanner written in Rust based on Lua Scripts :waning_gibbous_moon: :crab: (by CyAxe)

    

24. qos

    22 1 87 9.3 Rust

    QuorumOS is a computation layer for running applications inside Trusted Execution Environments (TEEs) (by tkhq)

    

    Project mention: QuorumOS: A minimal, deterministic OS for verifiable execution in TEEs | news.ycombinator.com | 2025-01-31

25. secutils

    23 31 77 8.2 Rust

    Secutils.dev is an open-source, versatile, yet simple security toolbox for engineers and researchers (by secutils-dev)

    

    Project mention: Show HN: SecUtils – A fast filterable CVE viewer, now with CVSS and CWE support | news.ycombinator.com | 2025-07-13

    Hey! The name of your project caught my eye, as I'm behind https://secutils.dev, so I had to check it out and say hi to a fellow dev in the security tools space :)

    Looks like the home page is empty right now, which might be a bit confusing for visitors. I wonder if it'd make sense to set https://secutils.com/vm/vulnerabilities as the default page until there's something else useful enough to show on the home page.

    > So far I'm using it to monitor vulnerabilities for a few key products

    I'm curious how you actually monitor them - do you just visit the page periodically, or is there some automatic tracking capability I missed?

26. SaaSHub

    www.saashub.com featured

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    

Rust security-tools related posts

• Show HN: CloakProbe – A privacy-first IP and client debug service

  3 projects | news.ycombinator.com | 8 Dec 2025

• Show HN: SecUtils – A fast filterable CVE viewer, now with CVSS and CWE support

  1 project | news.ycombinator.com | 13 Jul 2025

• Show HN: Zizmor, static analysis for GitHub Actions

  1 project | news.ycombinator.com | 26 Jun 2025

• Zizmor: Static analysis tool for GitHub Actions

  1 project | news.ycombinator.com | 24 Mar 2025

• Show HN: Domain Typosquatting Monitoring Tool (Open Beta)

  1 project | news.ycombinator.com | 3 Mar 2025

• Zizmor – static analysis for GitHub Actions

  1 project | news.ycombinator.com | 8 Jan 2025

• Zizmor: Static Analysis for GitHub Actions

  1 project | news.ycombinator.com | 26 Nov 2024
• A note from our sponsor - SaaSHub
  www.saashub.com | 22 Dec 2025

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

Stream - Scalable APIs for Chat, Feeds, Moderation, & Video.

Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure.

getstream.io

Do not miss the trending Rust projects with our weekly report!