Black Hat Rust logo

Black Hat Rust

Applied offensive security with the Rust programming language
PDF, Kindle & Epub

Buy The Ebook Now!


While the Rust Book does an excellent job teaching What is Rust, a book about Why and How to Rust was missing.


Whether in movies or mainstream media, hackers are often romanticized: they are painted as black magic wizards, nasty criminals, or, in the worst cases, as thieves with a hood and a crowbar.
In reality, the spectrum of the profile of the attackers is extremely large, from the bored teenager exploring the internet to sovereign State's armies as well as the unhappy former employee.

What are the motivations of the attackers? How can they break seemingly so easily into any network? What do they do to their victims?
We will put on our black hat and explore the world of offensive security, whether it be cyber attacks, cybercrimes, or cyberwar.
Scanners, exploits, phishing toolkit, implants... From theory to practice, we will explore the arcane of offensive security and build our own offensive tools with the Rust programming language, Stack Overflow's most loved language for five years in a row.

Which programming language allows to craft shellcodes, build servers, create phishing pages? Before Rust, none! Rust is the long-awaited one-size-fits-all programming language meeting all those requirements thanks to its unparalleled guarantees and feature set. Here is why.

DRM Free, of course :)

Start Reading Now!

Who this book is for

This is NOT a 1000th tutorial about sqlmap and Metasploit, nor will it teach you the fundamentals of programming.

Instead, it's a from-theory-to-practice guide and you may enjoy it if any of the following:

But I repeat, this book is NOT a computer science book.

Buy The Ebook Now!

What they say

Hi, just read your book Black Hat Rust and wanted to say it is awesome.
On the other hand as a developer I’m so scared now to put anything online :D
Thanks again, great book! :) X.

Amazing book by @SylvainKerkour if you want to learn about security and @rustlang #rustlang X.

Thank you, it is a great book, as a network security engineer I really like it ;) X. by @SylvainKerkour
Wonderful book about @rustlang and offensive security X.

Hoy quiero recomendar muchísimo un libro que empecé a leer hace poco. Se llama "Black Hat Rust" (esta en inglés), de @SylvainKerkour
Un propuesta muy interesante para bajar conceptos de Rust a la vida real. Es de pago pero lo vale. X.

Looking forward to this one, Rust is a language I always "loved from afar" (read the Rust book twice) but haven't had the time to play around with it... Your book has the perfect context so I can justify the time spent :) X.

Buy The Ebook Now!

Table of contents


1 - Introduction

Part I: Reconnaissance

2 - Multi-threaded attack surface discovery

How to perform effective reconnaissance? In this chapter, we will build a multi-threaded scanner in order to automate the mapping of the target.

3 - Going full speed with async

Unfortunately, when a program spends most of its time in I/O operations, multi-threading is not a panacea. We will learn how async makes Rust code really, really fast and refactor our scanner to async code.

4 - Adding modules with Trait objects

We will add more heterogeneous modules to our scanner and will learn how Rust's type system helps create properly designed large software projects.

5 - Crawling the web for OSINT

Leveraging all we learned previously, we will build an extremely fast web crawler to help us find the needles in the haystack the web is.

Part II: Exploitation

6 - Finding vulnerabilities

Once the external reconnaissance performed, it's time to find entry points. In this chapter we will learn how automated fuzzing can help us to find vulnerabilities that can be exploited to then gain access to our target's systems.

7 - Exploit development

Rust may not be as fast as python when it comes to iterating on quick scripts such as exploits, but as we will see, its powerful type and modules system make it nonetheless a weapon of choice.

8 - Writing shellcodes in Rust

Shellcode development is an ungrateful task. Writing assembly by hand is definitely not sexy. Fortunately for us, Rust, one more time, got our back! In this chapter we will learn how to write shellcodes in plain Rust with no_std.

9 - Phishing with WebAssembly

When they can't find exploitable hardware or software vulnerability, attackers usually fall back to what is often the weakest link in the chain: Humans.
Again, Rust comes handy and will let us create advanced phishing pages by compiling to WebAssembly.

Part III: Implant development

10 - A modern RAT

A RAT (for Remote Access Tool), also known as implant or beacon, is a kind of software used to perform offensive operations on a target's machines. In this chapter we will build our own RAT communicating to a remote server and database.

11 - Securing communications with end-to-end encryption

The consequences of our own infrastructure being compromised or seized can be disastrous. We will add end-to-end encryption to our RAT's communication in order to secure its communications and avoid leaving traces on our servers.

12 - Going multi-platforms

Today's computing landscape is extremely fragmented. From Windows to macOS, we can't target only one Operating System to ensure the success of our operations. In this section we will see how Rust's ecosystem is extremely useful when it comes to cross-compilation.

13 - Turning into a worm to increase reach

Once the initial targets compromised, we will capitalize on Rust's excellent reusability to incorporate some parts of our initial scanner to turn our RAT into a worm and reach more targets only accessible from the target's internal network.

14 Conclusion

Now it's your turn to get things done!

Start Reading Now!


Can I pay with AliPay, PayPal, Apple Pay or Google Pay?

Yes! You can now buy the ebook by card, PayPal, AliPay, Apple Pay or Google Pay..

How does it work?

By buying the ebook here, you will receive an email with a ZIP file containing the PDF, Epub and Kindle versions of the ebook.

Feel free to contact me if there is any problem during the process.

Which payment provider are you using?

The ebook payments are secured by Paddle which handles invoicing with VAT (if applicable).

The membership payments are secured by Stripe.

Any problem?

Feel free to contact me.


Want to stay updated? I'll write you once a week about avoiding complexity, hacking, and entrepreneurship.

1 email / week to learn how to (ab)use technology for fun & profit: Programming, Hacking & Entrepreneurship.
I hate spam even more than you do. I'll never share your email, and you can unsubscribe at any time.


You'll find all the updates in the Changelog:

Buy The Ebook Now!

Already bought the book and want the latest version? Send me a message :)

All my books are free for premium members. You can click the "Read Now" button to start reading online or send me a message to get the ebooks (PDF, Kindle & Epub).