Rust Development for Cyber Security
Instructors: Tanguy Duhamel & Christophe Matthieu
Dates: June 23 to 26 2025
Capacity: 25 Seats
The Rust Development for Cyber Security training is a 4-day intensive program designed to equip
participants with the skills to use Rust for building robust defensive and offensive security tools.
Starting with Rust fundamentals, including memory safety, concurrency, and modular design, the course
progresses into practical applications such as OSINT tools, in-memory forensics, port scanning, and
Remote Access Tool (RAT) development.
The training culminates in a hands-on project to build an antivirus and Endpoint Detection and Response
(EDR) tool, integrating network traffic monitoring and advanced forensics. Combining theory with
practical exercises, this course prepares participants to apply Rust effectively in real-world
cybersecurity scenarios.
KEY LEARNING OBJECTIVES
By the end of this training, participants will:
- Understand Rust's unique features, including memory safety and concurrency, and their applications
in
cybersecurity.
- Build tools for OSINT, in-memory forensics, process analysis, and network monitoring.
- Develop offensive security tools such as port scanners, vulnerability mappers, and basic RATs.
- Create a comprehensive antivirus/EDR solution with integrated forensic and network monitoring
capabilities.
Course Topics
Day 1: Introduction and Fundamentals
Morning: Foundations of Rust
Concepts Covered:
- Ownership, borrowing, and memory safety
- Concurrency and multithreading basics
- Error handling in Rust
- Building CLI tools and managing configurations
- Networking basics with Rust
Exercises:
- CLI Tool:
- Create a CLI tool that accepts a configuration file, parses it, and prints a structured report.
- Bonus Challenge: Add validation and support for both JSON and YAML formats.
- Networking Tool:
- Build a basic TCP/UDP client-server model to understand Rust's networking capabilities.
- Bonus Challenge: Implement encrypted communication using rustls.
Afternoon: Advanced Rust Concepts
Concepts Covered:
- Lifetimes and advanced ownership patterns
- Smart pointers (Rc, Arc, Mutex) and interior mutability
- Designing modular and extensible Rust applications
- Handling file system events
Exercises:
- Directory Monitoring Tool:
- Create a tool that monitors a directory for changes (file creation, deletion, modification) using
Rust's concurrency features.
- Bonus Challenge: Add a logging mechanism to record events in JSON format and implement file content
hashing (e.g., SHA256).
Day 2: Defensive Security Tools
Morning: High-Speed OSINT with Rust
Concepts Covered:
- Web scraping and crawling with async Rust
- Interacting with APIs and JSON for OSINT
- Extracting useful metadata and subdomain enumeration
Exercises:
- Web Crawler:
- Build a fast web crawler that extracts subdomains and metadata from a target website.
- Bonus Challenge: Add functionality to identify email addresses or specific file types.
- API Interaction:
- Build an OSINT tool that fetches and parses data from public APIs (e.g., Shodan or Have I Been
Pwned?).
Afternoon: In-Memory Forensics and Process Analysis
Concepts Covered:
- Understanding memory process structures
- Using Rust for memory scanning and dumping
- Analyzing dumped data for patterns or sensitive information
Exercises:
- Memory Dumper:
- Write a Rust tool to scan and dump a target system's process memory.
- Bonus Challenge: Add filters to target specific processes by name or PID.
- Process Analyzer:
- Parse the memory dump to list loaded libraries and their paths.
- Bonus Challenge: Search for specific patterns (e.g., cryptographic keys or credentials) in memory.
Day 3: Offensive Security
Morning: Rapid Recon and Vulnerability Mapping
Concepts Covered:
- Writing high-performance port scanners in Rust
- Using async Rust for parallel scanning
- Automating basic vulnerability detection
Exercises:
- Port Scanner:
- Build a multi-threaded port scanner that identifies open ports and checks for basic vulnerabilities.
- Bonus Challenge: Add version detection and banner grabbing.
- Service Enumeration:
- Extend the scanner to perform service-specific checks for common protocols (e.g., HTTP, SSH).
Afternoon: Building a Command and Control (C2) Framework
Concepts Covered:
- Basics of RAT (Remote Access Tool) development
- Securely managing communication between client and server
- Cross-platform considerations for offensive tools
Exercises:
- RAT Development:
- Develop a basic RAT that communicates with a C2 server, executes simple commands on the target, and
sends back responses.
- Bonus Challenge: Add a feature for encrypted command traffic and file transfer.
Day 4: Hands-On Project - Building an Antivirus & EDR
Morning: Network Traffic Monitoring and Threat Detection
Concepts Covered:
- Capturing network packets with Rust libraries (pcap, libpnet)
- Parsing and filtering network traffic for actionable insights
- Detecting malicious payloads (e.g., URLs, patterns)
Exercises:
- Packet Capturer:
- Build a network monitoring tool that captures network packets and filters specific traffic.
- Bonus Challenge: Add logging and detection for anomalous traffic patterns (e.g., DDoS).
Afternoon: Advanced Forensics and Memory Integration
Concepts Covered:
- Integrating forensic tools into an EDR framework
- Refining memory scanning and analysis techniques
- Correlating memory dumps with network monitoring insights
Exercises:
- Integration:
- Combine memory scanning results with the network monitoring tool to provide comprehensive analysis.
- Bonus Challenge: Add a reporting mechanism that visualizes detected threats and their sources.
- Real-Time Monitoring:
- Develop a feature to actively monitor processes for specific memory patterns.
Prerequisites
- Familiarity with programming concepts (basic understanding of any programming language).
- Basic knowledge of cybersecurity principles (e.g., OSINT, networking, malware analysis).
HARDWARE REQUIREMENTS
- A laptop with at least 8GB RAM and 50GB free disk space.
- A processor with virtualization support (for running virtual machines).
SOFTWARE REQUIREMENTS
- Operating System: Linux (preferred) or macOS/Windows with WSL.
- Rust compiler and Cargo installed (latest stable version).
- Additional Tools: Wireshark, Docker, Python 3, and a code editor (e.g., VSCode with Rust extension).
WHO SHOULD ATTEND
- Cybersecurity professionals seeking to enhance their skills with Rust.
- Developers interested in applying Rust to defensive and offensive security tools.
- Students and researchers working on cybersecurity-related projects.
Bio
Tanguy Duhamel is the Lead Developer on FuzzingLabs' distributed fuzzing platform, collaborating
with
Patrick Ventuzelo on code auditing, fuzzer development, and security research. His research focuses on
advancing distributed fuzzing techniques to improve software security, with a strong foundation in Rust
for building high-performance tools.
Christophe Matthieu is a security engineer who studied Computer Science and Offensive Security, with
experience in major companies across critical sectors such as energy, banking, and automotive.
Now part of FuzzingLabs, he works as a security researcher specialising in hardware and network
security.
To Register
Click here to register.