OffensiveRust
Rust Weaponization for Red Team Engagements.
Install / Use
/learn @trickster0/OffensiveRustREADME
OffensiveRust
My experiments in weaponizing Rust for implant development and general offensive operations.
Table of Contents
Why Rust?
- It is faster than languages like C/C++
- It is multi-purpose language, bearing excellent communities
- It has an amazing inbuilt dependency build management called Cargo
- It is LLVM based which makes it a very good candidate for bypassing static AV detection
- Super easy cross compilation to Windows from *nix/MacOS, only requires you to install the
mingwtoolchain, although certain libraries cannot be compiled successfully in other OSes.
Examples in this repo
| File | Description |
|--------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Allocate_With_Syscalls | It uses NTDLL functions directly with the ntapi Library |
| Create_DLL | Creates DLL and pops up a msgbox, Rust does not fully support this so things might get weird since Rust DLL do not have a main function |
| DeviceIoControl | Opens driver handle and executing DeviceIoControl |
| EnableDebugPrivileges | Enable SeDebugPrivilege in the current process |
| Shellcode_Local_inject | Executes shellcode directly in local process by casting pointer |
| Execute_With_CMD | Executes cmd by passing a command via Rust |
| ImportedFunctionCall | It imports minidump from dbghelp and executes it |
| Kernel_Driver_Exploit | Kernel Driver exploit for a simple buffer overflow |
| Named_Pipe_Client | Named Pipe Client |
| Named_Pipe_Server | Named Pipe Server |
| PEB_Walk | Dynamically resolve and invoke Windows APIs |
| Process_Injection_CreateThread | Process Injection in running process with CreateThread |
| Process_Injection_CreateRemoteThread | Process Injection in remote process with CreateRemoteThread |
| Process_Injection_Self_EnumSystemGeoID | Self injector that uses the EnumSystemsGeoID API call to run shellcode. |
| Unhooking | Unhooking calls |
| asm_syscall | Obtaining PEB address via asm |
| base64_system_enum | Base64 encoding/decoding strings |
| http-https-requests | HTTP/S requests by ignoring cert check for GET/POST |
| patch_etw | Patch ETW |
| ppid_spoof | Spoof parent process for created process |
| tcp_ssl_client | TCP client with SSL that ignores cert check (Requires openssl and perl to be installed for compiling) |
| tcp_ssl_server | TCP Server, with port parameter(Requires openssl and perl to be installed for compiling) |
| wmi_execute | Executes WMI query to obtain the AV/EDRs in the host |
| Windows.h+ Bindings | This file contains structures of Windows.h plus complete customized LDR,PEB,etc.. that are undocumented officially by Microsoft, add at the top of your file include!("../bindings.rs"); |
| UUID_Shellcode_Execution | Plants shellcode from UUID array into heap space and uses EnumSystemLocalesA Callback in order to execute the shellcode. |
| AMSI Bypass | AMSI Bypass on Local Process |
| Injection_AES_Loader | NtTestAlert Injection with AES decryption
Related Skills
node-connect
342.0kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
84.7kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
342.0kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
commit-push-pr
84.7kCommit, push, and open a PR
