Rust Development for Cyber Security

Instructors:  Tanguy Duhamel & Christophe Matthieu
Dates:  June 23 to 26 2025
Capacity:   25 Seats

The Rust Development for Cyber Security training is a 4-day intensive program designed to equip participants with the skills to use Rust for building robust defensive and offensive security tools. Starting with Rust fundamentals, including memory safety, concurrency, and modular design, the course progresses into practical applications such as OSINT tools, in-memory forensics, port scanning, and Remote Access Tool (RAT) development.

The training culminates in a hands-on project to build an antivirus and Endpoint Detection and Response (EDR) tool, integrating network traffic monitoring and advanced forensics. Combining theory with practical exercises, this course prepares participants to apply Rust effectively in real-world cybersecurity scenarios.

KEY LEARNING OBJECTIVES

By the end of this training, participants will:

• Understand Rust's unique features, including memory safety and concurrency, and their applications in
cybersecurity.
• Build tools for OSINT, in-memory forensics, process analysis, and network monitoring.
• Develop offensive security tools such as port scanners, vulnerability mappers, and basic RATs.
• Create a comprehensive antivirus/EDR solution with integrated forensic and network monitoring
capabilities.

Course Topics

Day 1: Introduction and Fundamentals

Morning: Foundations of Rust

Concepts Covered:

• Ownership, borrowing, and memory safety
• Concurrency and multithreading basics
• Error handling in Rust
• Building CLI tools and managing configurations
• Networking basics with Rust

Exercises:

• CLI Tool:
• Create a CLI tool that accepts a configuration file, parses it, and prints a structured report.
• Bonus Challenge: Add validation and support for both JSON and YAML formats.
• Networking Tool:
• Build a basic TCP/UDP client-server model to understand Rust's networking capabilities.
• Bonus Challenge: Implement encrypted communication using rustls.

Afternoon: Advanced Rust Concepts

Concepts Covered:

• Lifetimes and advanced ownership patterns
• Smart pointers (Rc, Arc, Mutex) and interior mutability
• Designing modular and extensible Rust applications
• Handling file system events

Exercises:

• Directory Monitoring Tool:
• Create a tool that monitors a directory for changes (file creation, deletion, modification) using Rust's concurrency features.
• Bonus Challenge: Add a logging mechanism to record events in JSON format and implement file content hashing (e.g., SHA256).

Day 2: Defensive Security Tools

Morning: High-Speed OSINT with Rust

Concepts Covered:

• Web scraping and crawling with async Rust
• Interacting with APIs and JSON for OSINT
• Extracting useful metadata and subdomain enumeration

Exercises:

• Web Crawler:
• Build a fast web crawler that extracts subdomains and metadata from a target website.
• Bonus Challenge: Add functionality to identify email addresses or specific file types.
• API Interaction:
• Build an OSINT tool that fetches and parses data from public APIs (e.g., Shodan or Have I Been Pwned?).

Afternoon: In-Memory Forensics and Process Analysis

Concepts Covered:

• Understanding memory process structures
• Using Rust for memory scanning and dumping
• Analyzing dumped data for patterns or sensitive information

Exercises:

• Memory Dumper:
• Write a Rust tool to scan and dump a target system's process memory.
• Bonus Challenge: Add filters to target specific processes by name or PID.
• Process Analyzer:
• Parse the memory dump to list loaded libraries and their paths.
• Bonus Challenge: Search for specific patterns (e.g., cryptographic keys or credentials) in memory.

Day 3: Offensive Security

Morning: Rapid Recon and Vulnerability Mapping

Concepts Covered:

• Writing high-performance port scanners in Rust
• Using async Rust for parallel scanning
• Automating basic vulnerability detection

Exercises:

• Port Scanner:
• Build a multi-threaded port scanner that identifies open ports and checks for basic vulnerabilities.
• Bonus Challenge: Add version detection and banner grabbing.
• Service Enumeration:
• Extend the scanner to perform service-specific checks for common protocols (e.g., HTTP, SSH).

Afternoon: Building a Command and Control (C2) Framework

Concepts Covered:

• Basics of RAT (Remote Access Tool) development
• Securely managing communication between client and server
• Cross-platform considerations for offensive tools

Exercises:

• RAT Development:
• Develop a basic RAT that communicates with a C2 server, executes simple commands on the target, and sends back responses.
• Bonus Challenge: Add a feature for encrypted command traffic and file transfer.

Day 4: Hands-On Project - Building an Antivirus & EDR

Morning: Network Traffic Monitoring and Threat Detection

Concepts Covered:

• Capturing network packets with Rust libraries (pcap, libpnet)
• Parsing and filtering network traffic for actionable insights
• Detecting malicious payloads (e.g., URLs, patterns)

Exercises:

• Packet Capturer:
• Build a network monitoring tool that captures network packets and filters specific traffic.
• Bonus Challenge: Add logging and detection for anomalous traffic patterns (e.g., DDoS).

Afternoon: Advanced Forensics and Memory Integration

Concepts Covered:

• Integrating forensic tools into an EDR framework
• Refining memory scanning and analysis techniques
• Correlating memory dumps with network monitoring insights

Exercises:

• Integration:
• Combine memory scanning results with the network monitoring tool to provide comprehensive analysis.
• Bonus Challenge: Add a reporting mechanism that visualizes detected threats and their sources.
• Real-Time Monitoring:
• Develop a feature to actively monitor processes for specific memory patterns.

Prerequisites

• Familiarity with programming concepts (basic understanding of any programming language).
• Basic knowledge of cybersecurity principles (e.g., OSINT, networking, malware analysis).

HARDWARE REQUIREMENTS

• A laptop with at least 8GB RAM and 50GB free disk space.
• A processor with virtualization support (for running virtual machines).

SOFTWARE REQUIREMENTS

• Operating System: Linux (preferred) or macOS/Windows with WSL.
• Rust compiler and Cargo installed (latest stable version).
• Additional Tools: Wireshark, Docker, Python 3, and a code editor (e.g., VSCode with Rust extension).

WHO SHOULD ATTEND

• Cybersecurity professionals seeking to enhance their skills with Rust.
• Developers interested in applying Rust to defensive and offensive security tools.
• Students and researchers working on cybersecurity-related projects.

Bio

Tanguy Duhamel is the Lead Developer on FuzzingLabs' distributed fuzzing platform, collaborating with Patrick Ventuzelo on code auditing, fuzzer development, and security research. His research focuses on advancing distributed fuzzing techniques to improve software security, with a strong foundation in Rust for building high-performance tools.

Christophe Matthieu is a security engineer who studied Computer Science and Offensive Security, with experience in major companies across critical sectors such as energy, banking, and automotive. Now part of FuzzingLabs, he works as a security researcher specialising in hardware and network security.

To Register

Click here to register.