Lib.rs

hyper

A protective and efficient HTTP library for all

datafusion

in-memory query engine that uses Apache Arrow as the memory model

yoke

Abstraction allowing borrowed data to be carried along with the backing data it borrows from

wmi

WMI crate for rust

landlock

LSM helpers

region

Cross-platform virtual memory API

serde_stacker

Serde adapter that avoids stack overflow by dynamically growing the stack

auditable-info

High-level crate to extract the dependency trees embedded in binaries by cargo auditable

flip-link

Flips the memory layout of embedded programs to protect against stack overflows

clerk-rs

The official community Rust SDK for the Clerk API

build-wrap

Help protect against malicious build scripts

process_control

Ergonomically run processes with limits

dryoc

Don't Roll Your Own Crypto: pure-Rust, hard to misuse cryptography library

speakersafetyd

Speaker protection daemon for embedded Linux systems

TR_PDF_rename

Reads security transaction statements (as pdf) from neo-broker Trade Republic and renames them as transactiondate_ordertype_name

aws-sdk-wafv2

AWS SDK for AWS WAFV2

annatar

A command line tool for making memes. Full readme available at: https://github.com/archer884/annatar

cargo-emit

Talk to Cargo easily at build time

git-stack

Stacked branch management for Git

actix-web-grants

Authorization extension actix-web to protect your endpoints

aws-sdk-backup

AWS SDK for AWS Backup

axum-login

🪪 User identification, authentication, and authorization for Axum

passless-rs

FIDO2 security token emulator

trapframe

Handle Trap Frame across kernel and user space on multiple ISAs

toa

TOA compression command-line tool. Modern compression with built-in error correction

aws-db-esdk

implementing client side encryption with DynamoDB

shellfirm

shellfirm will intercept any risky patterns (default or defined by you) and prompt you a small challenge for double verification, kinda like a captcha for your terminal

aws-esdk

implementing client side encryption

oauth2-passkey

OAuth2 and Passkey authentication library for Rust web applications

git-branch-stash-cli

Manage snapshots of your working directory

balloon-hash

Pure Rust implementation of the Balloon password hashing function

hammerwork

high-performance, database-driven job queue for Rust with PostgreSQL and MySQL support, featuring job prioritization, cron scheduling, event streaming (Kafka/Kinesis/PubSub), webhooks…

exarch-cli

Command-line utility for secure archive extraction and creation

aws-sdk-waf

AWS SDK for AWS WAF

prolock

securely storing secrets like passwords and plain text snippets in a password-protected file

ironclaw

Secure personal AI assistant that protects your data and expands its capabilities on the fly

aegis_vm

Advanced Rust code virtualization and obfuscation framework

aws-sdk-wafregional

AWS SDK for AWS WAF Regional

clawdentity-cli

Clawdentity Rust CLI for identity onboarding, provider setup, and connector operations

secrets

Protected-access memory for cryptographic secrets

twitch_oauth_token

Type-safe Twitch OAuth 2.0 authentication library with CSRF protection and full scope support

reference-counted-singleton

Reference-counted singleton whose protected data can be recreated as needed

runique

A Django-inspired web framework for Rust with ORM, templates, and comprehensive security middleware

pjson-rs

Priority JSON Streaming Protocol - high-performance priority-based JSON streaming (requires nightly Rust)

vellaveto-proxy

MCP stdio proxy with built-in security presets — zero config needed

apple-native-keyring-store

Apple-native credential store for keyring

tiny-encrypt

tiny file encrypt tool

tenthash

A high-quality, non-cryptographic, 160-bit hash function

etchdns

A caching DNS proxy with advanced security features, WebAssembly hooks, and comprehensive protection mechanisms

esp-generate

Template generation tool to create no_std applications targeting Espressif's chips

aws-sdk-resiliencehub

AWS SDK for AWS Resilience Hub

muldiv

trait for numeric types to perform combined multiplication and division with overflow protection

adguard-flm

represents a library for managing AdGuard filter lists

donttouch

Add a guard to keep particular files from being modified by AI coding agents and accidental commits

rustyclaw

A lightweight, secure agentic AI assistant runtime with OpenClaw compatibility

deadbranch

Clean up stale git branches safely

atproto-oauth

OAuth workflow implementation for AT Protocol - PKCE, DPoP, and secure authentication flows

vellaveto-shield

Consumer AI shield: bidirectional PII sanitization with encrypted local audit

vellaveto-engine

Policy evaluation engine with glob, regex, and domain matching

axum-helmet

HTTP security headers middleware core for axum web framework

redoubt-aead

AEGIS-128L and XChaCha20-Poly1305 AEAD with zeroization

axum-keycloak-auth

Protect axum routes with a JWT emitted by Keycloak

cf-modkit-http

ModKit HTTP client library

grim-reaper

Death Defying Data Protection - When data death comes knocking, Grim ensures resurrection is just a command away

product-os-server

Product OS : Server provides a full functioning advanced server capable of acting as a web server, command and control distributed network, authentication server, crawling server and more…

poem-grants

Authorization extension for poem to protect your endpoints

s-zip

High-performance streaming ZIP library with AES-256 encryption and async/await support - Read/write ZIP files with minimal memory footprint. Supports password protection, cloud storage, and Tokio runtime.

elf2tab

Compiles from ELF to TAB (a Tock Application Bundle using the Tock Binary Format)

zero4rs

powerful, pragmatic, and extremely fast web framework for Rust

ironshield-cli

IronShield CLI component

oxifaster

A high-performance concurrent key-value store and log engine in Rust

t-rust-less-lib

Password manager library

sqry-mcp-redaction

Client-side helper library for redacting sensitive data from MCP responses

rocket-grants

Authorization extension for rocket to protect your endpoints

conducer

Easy async

jetdb

Pure Rust library for reading Microsoft Access (.mdb/.accdb) files

mcpdome

Protective Dome for AI Agents — MCP security gateway proxy

fs-walk

File-system walking crate

ka3005p

cli tool to remote control a ka3005p power supply

memsec

libsodium/utils

cortex-ar

CPU support for AArch32 Arm Cortex-R and Arm Cortex-A

nautilus-risk

Core risk management machinery for the Nautilus trading engine

loco-oauth2

oauth2 library for loco

google-cloud-modelarmor-v1

Google Cloud Client Libraries for Rust - Model Armor API

google-cloud-recaptchaenterprise-v1

Google Cloud Client Libraries for Rust - reCAPTCHA Enterprise API

cocoon

protected container with strong encryption and format validation

vmprotect

Unofficial VMProtect SDK for Rust

salvo-cors

CORS support for salvo web server framework

adk-auth

Access control and authentication for Rust Agent Development Kit (ADK-Rust)

acton-dx

Acton DX - Developer experience focused web framework for HTMX applications in Rust

destructive_command_guard

A Claude Code hook that blocks destructive commands before they execute

autosar-e2e

AUTOSAR E2E (End-to-End) Protection Library implementation in Rust

instant-akismet

Rust client for Akismet spam protection

actix-ip-filter

IP filter of HTTP requests for Actix Framework

kernex-core

Core types, traits, config, and error handling for Kernex

tauri-plugin-biometry

A Tauri v2 plugin for biometric authentication (Touch ID, Face ID, fingerprint) on Android, macOS, iOS and Windows

hypnus

Memory Obfuscation in Rust

vitaminc-password

Secure password generator. Part of the Vitamin-C cryptographic suite.

enact-core

Core agent runtime for Enact - Graph-Native AI agents

multi-tier-cache

Customizable multi-tier cache with L1 (Moka in-memory) + L2 (Redis distributed) defaults, expandable to L3/L4+, cross-instance invalidation via Pub/Sub, stampede protection, and flexible TTL scaling

ashcore

ASH (Application Security Hash) — RFC 8785 compliant request integrity verification with anti-replay protection

google-cloud-privacy-dlp-v2

Google Cloud Client Libraries for Rust - Sensitive Data Protection (DLP)

limiteron

Unified flow control framework for Rust

ockam

End-to-end encryption and mutual authentication for distributed applications

b4ae

B4AE (Beyond For All Encryption) - Quantum-resistant secure communication protocol

kernex-skills

Skills.sh-compatible skill loader and trigger matcher for Kernex

rssh-cli

Secure SSH agent daemon with enhanced security features

resctl-bench

Whole system resource control benchmarks with realistic scenarios

vellaveto-tls

Shared TLS/mTLS module for Vellaveto server and HTTP proxy

zip-password-finder

Find the password of protected ZIP files

memory_utils

A memory reading/writing utility using Windows and mach API

soteria-rs

Wrapper around a secret that is stored in memory with the goal to protect against side-channel and speculative attacks

cat25040

A no_std, async Rust driver for the ON Semiconductor CAT25040 (4-Kbit SPI EEPROM), built on embedded-hal-async traits

ddex-parser

High-performance DDEX XML parser with SIMD optimization (40+ MB/s)

secure-types

Secure data types that protect sensitive data in memory via locking and zeroization

opusic-c

High level bindings to libopus

darkstrata-credential-check

Rust SDK for DarkStrata credential breach checking API with k-anonymity privacy protection

irc-repartee

the irc crate – usable, async IRC for Rust. Temporary fork for repartee IRC client (bind_address, immediate flush, rustls fix, flood protection, batched autojoin).

freebird-common

Common utilities and shared types for the Freebird privacy-preserving authentication system

mycelium-api-test-svc

Mycelium API Test Service

mwtimestamp

parsing and formatting for MediaWiki timestamps

legalis-ru

Russian Federation jurisdiction support for Legalis-RS

vanguards-rs

Enhanced security for Tor hidden services through vanguard relay selection

legalis-my

Malaysia jurisdiction support for Legalis-RS - Malaysian legal system with Common Law + Islamic Law hybrid, PDPA 2010, Companies Act 2016, Employment Act 1955

ultrasonic

Transactional execution layer with capability-based memory access for zk-AluVM

aws-sdk-mpa

AWS SDK for AWS Multi-party Approval

office-crypto

Pure Rust library to decrypt password-protected MS Office files

railgun

CLI - Claude Code security hook for LLM protection

legalis-kr

South Korea (대한민국) jurisdiction support for Legalis-RS - Civil law system with Korean characteristics

rusty-socks

High-performance WebSocket server written in Rust

sheetkit

reading and writing Excel (.xlsx) files

agent-fetch

A sandboxed HTTP client for AI agents with SSRF protection, domain policies, rate limiting, and resource controls

vitaminc

cryptographic suite by CipherStash

maw

efficient web framework for Rust

brec

A flexible binary format for storing and streaming structured data as packets with CRC protection and recoverability from corruption. Built for extensibility and robustness.

bolt-web

⚡ A high-performance, minimalist web framework for Rust, inspired by Express.js and Gin

tower-request-guard

Request validation middleware for Tower

maker_web

Security-first, high-performance, zero-allocation HTTP server for microservices

legalis-mx

Mexican law library - Federal Civil Code, CLT, LFPDPPP, Tax Code, Corporate Law

hmac-circuit-breaker

HMAC-protected circuit breaker with fail-open semantics. Persists circuit state to disk and verifies integrity with HMAC-SHA256 on every reload to prevent state-file tampering from inducing self-DoS.

secrets-tweaked

Protected-access memory for cryptographic secrets

pg_guard

A Postgres proxy with built-in safety features

pingora-memory-cache

An async in-memory cache with cache stampede protection

subduction_crypto

Cryptographic types for Subduction: signed payloads, verification witnesses

vitaminc-protected

Protected type wrappers for handling sensitive data. Part of the VitaminC cryptographic suite.

marshall

NullSec Command Center | Browser • OSINT • Workforce • VoIP • AI

webrtc-core

Sub-microsecond WebRTC media core with zero-copy architecture

recurl

Drop-in curl replacement with automatic anti-bot bypass

ldap-rs

LDAP client for Rust

atproto-oauth-aip

ATProtocol AIP OAuth tools

keyquorum-split

Split a secret into Shamir shares for use with keyquorum

rocket-oidc

Rocket OpenID Connect utility crate, provides redirect route, and claims guard for OIDC

memsecurity

Securely hold secrets in memory and protect them against cross-protection-boundary readout via microarchitectural, via attacks on physical layout, and via coldboot attacks

intrusivelock

Intrusive locks for Rust — locks that live inside the memory region they protect

gkill

rssh-types

Shared protocol and domain types for rssh-agent

ap33772s-rs

Driver for the AP33772S USB C Power Delivery and Extended Power Supply IC. Allowing for both embedded-hal and embedded-hal-async I2C

sos-login

Login authentication for the Save Our Secrets SDK

secbits

secure memory handling featuring

locker-backend

Self-hosted digital encrypted vault with immutable consent receipts for personal documents

rssh-proto

SSH wire protocol and custom CBOR extensions for rssh-agent

kindly-guard-server

KindlyGuard MCP server - Enterprise-grade security for AI model interactions

birdcage

Cross-platform embeddable sandbox

ohttp-relay

Relay Oblivious HTTP requests to protect IP metadata

api-keys-simplified

Secure API key generation and validation library

safecrate

A CLI tool to safely open, build, and inspect untrusted source code in isolated Docker containers, protecting your system from potentially malicious projects

memsafe

A Secure cross-platform Rust library for securely wrapping data in memory

vellaveto-mcp-shield

Consumer shield: bidirectional PII sanitization, session isolation, encrypted local audit

actix-security

Spring Security-like authentication and authorization for Actix Web

rssh-daemon

Async SSH agent daemon with hardened memory management and socket handling

patina_dxe_core

A pure rust implementation of the UEFI DXE Core

centinel-analytica-fastly

Centinel Analytica Bot Protection for Fastly Compute

freebird-interface

Client interface and CLI for the Freebird privacy-preserving authentication system

autonomo-arabic-reshaper

Arabic text shaper + visual RTL reverser tailored for game modding (RimWorld, Unity LTR UIs). Handles tags, escapes, entities, and common UI artifacts.

mykey

MIKEY (RFC 3830) — Multimedia Internet KEYing for SRTP key exchange

ntex-basicauth

A Basic Authentication middleware for ntex web framework

aranya-fast-channels

High throughput, low latency encryption protected by Aranya Policy

guardy

Fast, secure git hooks in Rust with secret scanning and protected file synchronization

reishi-quinn

Noise IK handshake integration for quinn with QUIC key derivation

axum-turnstile

Cloudflare Turnstile verification middleware for Axum

actix-firebase-auth

Firebase ID token verification for Actix Web using Google's JWKs

pulseengine-mcp-security

Security middleware and validation for MCP servers - PulseEngine MCP Framework

kindly-guard

Security-focused MCP server for AI protection - the actual KindlyGuard server

oxideshield-core

Core types and pattern matching for OxideShield

codeq

Codec trait

safe-path

safely handle file system paths for container runtimes

totp-gateway

A high-performance TOTP-based authentication gateway built on Cloudflare's Pingora framework for securing private network access

elara-crypto

ELARA Protocol - Cryptographic engine with identity binding, multi-ratchet encryption, and post-quantum ready security

ap33772s-driver

A platform-agnostic driver for the AP33772S USB-PD Sink Controller

k-lock

A fast mutex for short critical sections

adguard-home-toggle

CLI and system tray tool to control AdGuard Home protection on Linux

sidekick

Seamless integration between Claude Code and Neovim. Protects your workflow by safely coordinating AI edits with your unsaved work.

rust_code_obfuscator

easily obfuscate strings and control-flow using cryptify lib

legalis-uk

United Kingdom jurisdiction support for Legalis-RS (Employment Law, UK GDPR, Consumer Rights, Contract Law, Company Law)

llm-security

Comprehensive LLM security layer to prevent prompt injection and manipulation attacks

renetcode

Server/Client network protocol library for multiplayer games

turbomcp-auth

OAuth 2.1 and authentication for TurboMCP with MCP protocol compliance

liboscore

Rust wrapper around the libOSCORE implementation of OSCORE (RFC8613), a security layer for CoAP

vitaminc-aead

Authenticated Encryption with Associated Data (AEAD) primitives. Part of the Vitamin-C cryptographic suite.

staticrypt

Static encryption for string literals and binary data

legalis-eu

European Union jurisdiction support for Legalis-RS (GDPR, Consumer Rights, Competition, Treaties)

legalis-sg

Singapore jurisdiction support for Legalis-RS (Companies Act, Employment Act, PDPA, Consumer Protection)

legalis-in

India jurisdiction support for Legalis-RS - comprehensive modeling of Indian law

reinhardt-middleware

Middleware system for request/response processing pipeline

pep

Policy Enforcement Point - OIDC authentication and authorization library

oauth2-passkey-axum

Axum integration for oauth2-passkey authentication library

guts-auth

Authorization and governance for Guts: Permissions, Organizations, Teams, Webhooks

flat_db

Flat file database

path-security

Comprehensive path validation and sanitization library with 85%+ attack vector coverage

hdc302x

An embedded driver for the HDC302x(-Q1) low-power humidity and temperature digital sensor

secretscout

Blazingly fast Rust CLI for detecting secrets, passwords, API keys, and tokens in git repositories

sad-rsa

Hardened pure Rust RSA implementation with Marvin attack mitigation

mcp794xx

Platform-agnostic Rust driver for the MCP794xx real-time clock / calendar (RTC) family. Compatible with MCP7940N, MCP7940M, MCP79400, MCP79401, MCP79402, MCP79410, MCP79411 and MCP79412.

saferet

Secure types for handling sensitive data in Rust with automatic memory cleanup and protection against accidental exposure

leviso-cheat-guard

Runtime macros for cheat-aware error handling (bail, ensure, check)

trustcaptcha

Privacy-first CAPTCHA solution for Rust. GDPR-compliant, bot protection made in Europe.

orchestrator_lock

A Mutex whose access order is managed by a separate thread

sequoia-keyring-linter

A linter for keyrings

axum_jwt_ware

Axum Authentication Library

ironshield-api

IronShield Web Server API, Built with Axum

shade-proxy

SHADE: Simple Host Attestation & Dynamic Enrollment with TCP proxy

legalis-cn

China (中国) jurisdiction support for Legalis-RS - Socialist civil law with Chinese characteristics

jwt-authorizer

jwt authorizer middleware for axum and tonic

mdbook-pagecrypt

Encrypt your mdbook-built site with password protection

styrolite

Lightweight, programmatic sandboxing tool

shush-rs

designed to manage sensitive data securely by leveraging memory protection mechanisms

unifi-protect-client

client library for interacting with the UniFi Protect API

vitaminc-encrypt

Secure, flexible and fast encryption for Rust types. Part of the Vitamin-C cryptographic suite.

ollama-lan-share

LAN sharing for Ollama AI models with GUI

elif-security

Security middleware and utilities for the elif.rs web framework

ate-auth

Represents a standardized data model and API for authenticating an ATE chain-of-trust

mp4decrypt

Decrypt CENC protected MP4 content using Bento4

rusty-api

A secure Rust API crate for rapid development, featuring HTTPS, authentication, privilege levels, and rate limiting

stakpak-server

Stakpak: Your DevOps AI Agent. Generate infrastructure code, debug Kubernetes, configure CI/CD, automate deployments, without giving an LLM the keys to production.

sf-cli

Secure file encryption CLI/TUI tool with password protection

sword-layers

Tower layers for the Sword web framework

axum_csrf

Provide a CSRF (Cross-Site Request Forgery) protection layer

mcuboot-meta

read and parse MCUboot images written in rust 🦀

atomic-lti-tool-axum

LTI Tool related functionality for Axum

anubis-vault

Post-quantum secure secrets manager with ML-KEM-1024, ML-DSA-87, zero-knowledge proofs, Shamir sharing, and memory protection. The ultimate security vault.

prisma_auth

authentication crate supporting both Rocket backend API and Yew frontend authentication components

bastion-toolkit

🏰 Bastion Security Toolkit - Industrial Grade Protection for Vibe Coders

o42sdk

Official OAuth42 SDK for Rust - OAuth2/OIDC client library with Actix-web, Axum, and Rocket support

cowp

Unofficial Rust client for the CoW Protocol API (cowp)

legalis-br

Brazilian law library - CDC, CLT, LGPD, Civil Code, Corporate Law

herkos

Compile-Time Memory Isolation via WebAssembly and Rust Transpilation

csrf

CSRF protection primitives

nullsec-discord-shield

Discord token hardening and anti-theft protection - Monitors, encrypts, and protects Discord tokens from stealers and grabbers

legalis-ae

UAE (United Arab Emirates) jurisdiction support for Legalis-RS - Federal Laws, Labor, Commercial Companies, Data Protection, Free Zones

crissy

CSRF protection middleware for Axum

capnoise

A captcha based on noise animations, designed to protect website from AI or automation scripts

secure-vault

A secure memory vault that protects sensitive data from memory dumps and swap disk attacks

protect-axum

Authorization extension for axum to protect your endpoints

axum-tower-sessions-csrf

CSRF protection for Axum using tower-sessions with the Synchronizer Token Pattern

oxidite-security

Security utilities for Oxidite (CSRF, XSS protection, encryption)

openadp-ocrypt

Rust SDK for OpenADP - Distributed secret sharing and advanced data protection

timing-shield

Comprehensive timing leak protection for Rust

rg-policy

Policy engine for Railguard: secret scanning, dangerous command detection, path protection

e2e-protection

End-to-End protection core with pluggable profiles. AUTOSAR profile family is optional via feature

protect-endpoints-core

Core primitives for protecting endpoints within *-grants ecosystem

antiswear-rs

recognizing obscene words with distortion protection,

unifi-protect-bulk-download

bulk download videos from a Unifi Protect NVR

axum-csrf-simple

CSRF protection for axum apps

seckey

Use memsec protected secret memory

html2pdf-secure

converting HTML to password-protected PDF files

protect-salvo

Authorization extension salvo to protect your endpoints

ruswacipher

encrypting and protecting WebAssembly modules