Rust-based Security Research Lab
Passive Wi-Fi auditing, packet fuzzing, Discord security bots, and educational crypto & kernel exploit modules.
A comprehensive collection of Rust-based cybersecurity tools and research projects designed for learning and demonstrating security concepts. This repository showcases Rust's capabilities in building high-performance, memory-safe security applications.
rust Β· security Β· cybersecurity Β· wifi Β· wireless-security Β·
penetration-testing Β· 80211 Β· pcap Β· rust-security Β· passive-monitoring
rust-security-suminworld is a comprehensive collection of Rust-based cybersecurity tools and research projects designed for learning and demonstrating security concepts. This repository showcases Rust's capabilities in building high-performance, memory-safe security applications.
- High Performance: Leverages Rust's zero-cost abstractions and async capabilities
- Memory Safety: Eliminates common security vulnerabilities through Rust's ownership system
- Concurrent Processing: Utilizes Tokio for high-performance async operations
- Educational Focus: Comprehensive documentation and learning resources
- Modular Architecture: Clean separation of tools, research, and documentation
This repository is a collection of Rust-based security research tools and educational modules.
Each tool is self-contained with its own documentation and can be built independently.
| Module | Description | Status | Link |
|---|---|---|---|
| π discord_audit_bot | Security audit bot for Discord servers (Rust + Serenity) | β Complete | tools/discord_audit_bot |
| π packet-match-fuzz | Pattern-matching fuzzer for packet payloads using KMP algorithm | β Complete | tools/packet-match-fuzz |
| π‘ wifi_audit | Passive Wi-Fi auditing tool (802.11 Beacon/Probe analysis, monitor mode) | β Complete | tools/wifi_audit |
| π crypto | Educational implementations of classical/symmetric/asymmetric ciphers & hashing | β Complete | research/crypto |
| π‘οΈ linux-kernel-exploits | Educational CVE labs & write-ups for kernel exploitation research | β Complete | linux-kernel-exploits |
| π³ merkle | Efficient Merkle hash tree implementation using SHA-256 | β Complete | research/merkle |
| π§ protocols | Network protocol analysis (in development) | π§ In Progress | research/protocols |
| π vulns | Vulnerability research & proofs of concept (planned) | π Planned | research/vulns |
| π hash_cracker | Multi-algorithm password cracking tool | π Planned | tools/hash_cracker |
| π log_analyzer | Security log correlation and anomaly detection | π Planned | tools/log_analyzer |
| π web_fuzzer | Web directory/parameter fuzzer | π Planned | tools/web_fuzzer |
| π packet_sniffer | Network packet sniffer | π Planned | tools/packet_sniffer |
β οΈ Important: All tools are designed for educational and authorized security testing only. Always ensure proper authorization before use.
Automated Discord server security assessment and monitoring bot built with Serenity.
Key Features:
- Automated security audits and vulnerability scanning
- Manual security assessments and compliance checks
- Security best practices checklist and recommendations
- Real-time monitoring and alert capabilities
Quick Start:
# Set up bot token
echo "DISCORD_TOKEN=your_bot_token_here" > tools/discord_audit_bot/.env
# Run the bot
cargo run -p discord_audit_botAdvanced pattern matching tool for streaming packet data using the Knuth-Morris-Pratt (KMP) algorithm for network traffic analysis and security testing.
Features:
- High-performance pattern matching in network streams
- Fuzzing capabilities for payload analysis
- Real-time packet processing with async Rust
Passive Wi-Fi network auditing tool for authorized penetration testing and security assessment.
Capabilities:
- 802.11 management frame analysis (Beacon/Probe Request/Response)
- SSID inventory and BSSID mapping
- Client device reconnaissance and probing analysis
- Monitor mode packet capture with custom BPF filters
Usage:
# Basic network discovery
sudo cargo run -p wifi_audit -- --iface wlan0mon
# With client monitoring
sudo cargo run -p wifi_audit -- --iface wlan0mon --list-clientsEducational implementations of cryptographic algorithms in Rust.
Implemented:
- Classical Ciphers: Caesar cipher, Vigenère cipher
- Modern Ciphers: XOR cipher, basic Feistel network
- Asymmetric Crypto: Basic RSA implementation
- Hash Functions: FNV-1a based hash, hash chaining
- Utilities: Key generation, padding schemes
Example:
cargo run -p crypto --example demoEfficient Merkle hash tree implementation using SHA-256 for data integrity verification.
Features:
- Tree construction and management
- Inclusion proof generation
- Proof verification for data integrity
- Membership validation
- Optimized for performance
Usage:
cargo test -p merkleAdvanced pattern matching tool for streaming packet data using the Knuth-Morris-Pratt (KMP) algorithm.
Planned Features:
- Real-time packet stream analysis
- Pattern matching in network traffic
- Fuzzing pattern detection
- Performance-optimized streaming algorithms
rust-security-suminworld/
βββ tools/ # Individual security tools (Rust crates)
β βββ discord_audit_bot/ # β
Discord security audit bot
β βββ packet-match-fuzz/ # β
KMP-based pattern matching & fuzzing
β βββ wifi_audit/ # β
Passive Wi-Fi auditing tool
β βββ hash_cracker/ # π Password & hash cracking tool
β βββ log_analyzer/ # π Security log analysis tool
β βββ web_fuzzer/ # π Web directory/parameter fuzzer
β βββ packet_sniffer/ # π Network packet sniffer
βββ research/ # Security research modules
β βββ crypto/ # β
Cryptographic algorithms & implementations
β βββ merkle/ # β
Merkle tree implementation
β βββ protocols/ # π§ Network protocol analysis
β βββ vulns/ # π Vulnerability research & PoCs
βββ linux-kernel-exploits/ # β
Kernel exploitation labs & CVE research
βββ PoCs/ # Proof-of-concepts for attacks (e.g., cache side channels)
β βββ cache/ # Flush+Reload timing attack PoC (C code)
βββ docs/ # Documentation and learning resources
β βββ learning_notes.md # Study notes and progress logs
β βββ tool_usage.md # Detailed usage guides
β βββ references.md # Resources and references
βββ examples/ # Example usage and test cases
βββ LICENSE # MIT License
βββ README.md # This file
Legend: β Complete | π§ In Progress | π Planned
- Rust: Install via rustup (2021 edition or later)
- System Dependencies:
# Ubuntu/Debian (for Wi-Fi tools) sudo apt install -y libpcap-dev build-essential # macOS brew install libpcap
- Hardware: USB Wi-Fi adapter for monitor mode (optional, for wifi_audit)
-
Clone the repository
git clone https://github.com/sumin-world/rust-security-suminworld.git cd rust-security-suminworld -
Build all tools
cargo build --release
-
Build specific tool
cargo build -p discord_audit_bot --release cargo build -p wifi_audit --release cargo build -p packet-match-fuzz --release
# Set up environment
cd tools/discord_audit_bot
echo "DISCORD_TOKEN=your_token" > .env
# Run bot
cargo run -p discord_audit_bot# Setup monitor mode
sudo airmon-ng start wlan0 # Creates wlan0mon
# Basic audit
sudo cargo run -p wifi_audit -- --iface wlan0mon
# With client monitoring
sudo cargo run -p wifi_audit -- --iface wlan0mon --list-clients# Run pattern matching tests
cargo run -p packet-match-fuzz --example kmp_demo
# Custom payload fuzzing
cargo run -p packet-match-fuzz -- --pattern "HTTP" --input sample.pcapcargo run -p crypto --example demoWarning: The experimental code in this section is for educational purposes only and must be executed exclusively in a local virtual machine or dedicated experimental equipment, and only in environments with explicit authorization.
Side-channel attacks are techniques that infer secrets from incidental information such as computation time, power consumption, or cache behavior. This repository includes a PoC of Flush+Reload, a representative cache-based attack technique. Flush+Reload is a high-resolution, low-noise attack targeting the L3 cache that can determine whether specific memory lines have been accessed, without requiring the attacker and victim to share the same CPU core. This PoC consists of C code located in the PoCs/cache/ directory.
- Victim Program: A simulator that repeatedly accesses specific memory indices
- Attacker Program: Uses
clflushandrdtscpto measure memory access times, distinguishing cache hits from misses - Execution Script: Runs the victim in the background, saves attacker results to CSV, then terminates the victim
# Run victim process in background
./PoCs/cache/victim_sim &
VICTIM_PID=$!
# Run attacker and save to CSV
./PoCs/cache/flush_reload_attacker > /tmp/flush_reload_data.csv
# Terminate victim process
kill $VICTIM_PIDThe CSV format is iter,cycles where small values (~1,000 cycles) indicate cache hits and large values (hundreds of thousands of cycles) indicate cache misses or interrupt/context switches.
Sample Output:
iter,cycles
0,158000
1,1000
2,1000
3,155000
4,1000
...
Measurements typically form two distinct clusters:
- Low latency cluster: Cache hits (victim accessed the memory, data in cache)
- High latency cluster: Cache misses or interrupts/context switches
Statistics:
# Count samples
wc -l /tmp/flush_reload_data.csv
# Calculate mean
awk -F, 'NR>1{n++; sum+=$2} END{print "Samples:", n, "Mean:", sum/n}' /tmp/flush_reload_data.csvVisualization (Python):
import csv, numpy as np
import matplotlib.pyplot as plt
xs = []
with open('/tmp/flush_reload_data.csv') as f:
r = csv.reader(f)
next(r)
for _, c in r:
xs.append(int(c))
xs = np.array(xs)
plt.hist(xs, bins=200, log=True)
plt.xlabel('Cycles')
plt.ylabel('Count (log scale)')
plt.title('Flush+Reload Distribution')
plt.yscale('log')
plt.show()Flush+Reload can be exploited for practical attacks such as tracking AES S-box accesses to extract cryptographic keys. Therefore, defensive techniques should be applied to reduce side-channel leakage, including:
- Constant-time implementations
- Cache partitioning (e.g., Intel CAT)
- Memory access pattern obfuscation
- Discord Security Audit Bot
- Wi-Fi Audit Tool (Monitor Mode)
- Packet Pattern Matcher & Fuzzer
- Basic Cryptographic Toolkit
- Merkle Tree Implementation
- Linux Kernel Exploitation Labs
- Hash Cracker - Multi-algorithm password analysis
- Dictionary attacks, rainbow tables
- GPU acceleration support
- Custom wordlist generation
- Web Fuzzer - Application security testing
- Directory and file discovery
- Parameter fuzzing and injection testing
- Response analysis and filtering
- Log Analyzer - Security event correlation
- Multi-format log parsing
- Anomaly detection algorithms
- Real-time monitoring dashboards
- Packet Sniffer - Network traffic analysis
- Real-time packet capture
- Protocol analysis and decoding
- Traffic pattern recognition
- Vulnerability Research - Security testing
- Proof-of-concept exploits
- Fuzzing frameworks
- Binary analysis tools
- Protocol Analysis - Network security
- Custom protocol implementations
- Security assessment tools
- Traffic manipulation utilities
This project serves as a practical learning platform for:
- Ownership & Borrowing: Memory safety without garbage collection
- Async Programming: Tokio runtime and concurrent operations
- Error Handling: Result types and robust error management
- Performance: Zero-cost abstractions and optimization techniques
- Network Security: TCP/IP protocols, scanning techniques
- Cryptography: Classical and modern cryptographic algorithms
- Web Security: Application testing and vulnerability assessment
- Digital Forensics: Log analysis and incident response
- Learning Notes - Study progress and key concepts
- Tool Usage Guide - Detailed examples and best practices
- References - Curated learning resources and links
We welcome contributions! This project is designed for learning, so contributions of all levels are appreciated.
- π Bug Reports: Found an issue? Please open an issue
- π‘ Feature Requests: Have an idea? We'd love to hear it
- π Documentation: Improve guides, add examples, fix typos
- π§ Code: Implement features, fix bugs, optimize performance
- π Learning: Share your learning journey and insights
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Make your changes
- Add tests if applicable
- Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
- Follow standard Rust formatting (
cargo fmt) - Run clippy for linting (
cargo clippy) - Ensure all tests pass (
cargo test) - Add documentation for public APIs
- Discord Bot: Concurrent async command processing with rate limiting
- Wi-Fi Audit: Real-time packet capture and analysis with minimal CPU overhead
- Crypto Operations: Focus on educational clarity and correctness over raw speed
- Memory Usage: Rust's zero-cost abstractions with minimal heap allocation
- Memory Safety: Rust's ownership system prevents buffer overflows and use-after-free
- Input Validation: Comprehensive validation for all network inputs and user parameters
- Error Handling: Graceful failure modes without information leakage
- Dependency Security: Regular updates and review of third-party crates
- Unit Tests: Comprehensive test coverage for core functionality
- Integration Tests: End-to-end testing of network operations
- Continuous Integration: Automated testing across multiple platforms
- Code Quality: Clippy linting and rustfmt formatting enforcement
This project is licensed under the MIT License - see the LICENSE file for details.
Key Points:
- β Commercial use allowed
- β Modification and distribution allowed
- β Private use allowed
- β No warranty or liability provided
IMPORTANT: All tools in this repository are intended for:
- π Educational purposes - Learning cybersecurity concepts
- π‘οΈ Authorized testing - Only on systems you own or have explicit permission
- π¬ Security research - Improving defensive capabilities
- Always obtain proper authorization before testing any systems
- Respect privacy and confidentiality of data encountered
- Use knowledge responsibly to improve security, not exploit vulnerabilities
- Follow applicable laws and regulations in your jurisdiction
The authors assume no liability for misuse of the provided tools. Users are solely responsible for ensuring their activities comply with applicable laws and regulations.
- Repository: github.com/sumin-world/rust-security-suminworld
- Issues: Report bugs or request features
- Releases: Latest releases and versions
- The Rust Book - Official Rust documentation
- Rustlings - Interactive Rust exercises
- Tokio Tutorial - Async Rust programming
- OWASP - Web application security guidelines
- Rust Security - Secure coding practices
- Tokio - Async runtime for Rust
- Serenity - Discord bot library
- clap - Command line argument parser
- serde - Serialization framework
- sha2 - SHA-2 hash functions
β οΈ See docs/LEGAL_NOTICE.md for legal and ethical guidance. Run experiments only on hardware you own or have explicit permission to test.