High Assurance Rust
Frequently Asked Questions (FAQ)
Engage with this Book!
Sponsor Call for Proposals (CFP)
Download
Changelog
License
Novice: Systems Security
Introduction
1. Why this book?
2. How is this book structured?
3. Hands-on Learning
4. About the Team
5. Warmup: Environment Setup
Software Assurance
1. Static vs. Dynamic Tools
2. Static Assurance (1/2)
3. Static Assurance (2/2)
4. Dynamic Assurance (1/3)
5. Dynamic Assurance (2/3)
6. Dynamic Assurance (3/3)
7. Limitations and Threat Modeling
8. DIY CLI Encryption Tool
9. Operational Assurance (1/2)
10. Operational Assurance (2/2)
11. Challenge: Extend the CLI Tool
Rust Zero-Crash Course
1. On Undefined Behavior
2. Rust: Low-Level Data (1/6)
3. Rust: High-Level Data (2/6)
4. Rust: Control Flow (3/6)
5. Rust: Ownership Principles (4/6)
6. Rust: Ownership in Practice (5/6)
7. Rust: Error Handling (6/6)
8. The Module System
9. Recommended Tooling
10. Rust's Release Cycle
11. Challenge: Port a Program
Understanding Memory Safety and Exploitation
1. Software Perspective: CPU to Process
2. Assurance Perspective: Stack Safety
3. Attacker's Perspective: Breaking Safety (1/2)
4. Attacker's Perspective: Unifying Theory (2/2)
5. Debugging DIY Secret Obfuscation
6. Stack Exploitation
7. Software Perspective: Heap (1/2)
8. Software Perspective: Heap (2/2)
9. Heap Exploitation
10. Rust's Memory Safety Guarantees (1/2)
11. Rust's Memory Safety Guarantees (2/2)
12. Language-agnostic Mitigations
13. Case Study: Real-world Rust CVEs
14. Challenge: Vulnerability Research
Advanced Beginner: Core Project
Binary Search Tree (BST) Basics
1. Core BST Operations in Python
2. Problems Translating to Rust
3. The Importance of Balance
4. TODO
5. Challenge: TODO
Building an Arena Allocator
1. Let's Talk Allocators
2. A Stack-Only Arena
3. Index-based Data Structures
4. TODO
5. Challenge: TODO
A Self-balancing BST
1. Interface-relevant Traits
2. Scapegoat Trees
3. Insert
4. Remove
5. Find
6. Challenge: TODO
Digital Twin Testing
1. Basic QEMU Internals
2. How Semi-hosting Works
3. CLI REPL Harness
4. Limitations
5. TODO
6. Challenge: TODO
Building Maps and Sets
1. TODO
2. Challenge: TODO
Implementing Iterators
1. TODO
2. Challenge: TODO
Competent: Validation and Deployment
Static Verification
1. An Introduction to 1st Order Logic
2. Proving Absence of Panics
3. Deductively Verifying our Arena Allocator
4. Model Checking for unsafe Code
5. TODO
6. Challenge: Prove a Sorting Algorithm
Dynamic Testing
1. Introduction to Coverage-Guided Fuzzing
2. Building a Differential Fuzzing Harness
3. Using Miri to Detect Undefined Behavior
4. Benchmarking and Optimization
5. TODO
6. Challenge: Bug-hunting with Fuzzers
Operational Deployment
1. Understanding unsafe (1/3)
2. Understanding unsafe (2/3)
3. Understanding unsafe (3/3)
4. CFFI 101
5. C99 Interoperability
6. Python3 Interoperability
7. Runtime Balance Reconfiguration
8. TODO
9. Challenge: TODO
Maximizing Assurance
1. Rust Security Research
2. Rust's Limitations
3. Best Practices Beyond Rust
4. Tactical Trust (1/2)
5. Tactical Trust (2/2)
6. TODO
7. Challenge: TODO
Conclusion
Review
1. Key Concepts
2. Key Blue-Team Skills
3. Key Red-Team Skills
Appendix
1. Setup: Using our Docker Container
2. Inventory: Tools of the Trade
3. Inventory: Recommended Reading
4. Inventory: Additional Resources
5. Fundamentals: Stream Ciphers
6. Fundamentals: Type Systems
7. Fundamentals: Component-Based Design
8. Fundamentals: Memory Hierarchy
9. Fundamentals: Dynamic Linking
10. Theory: Inter-procedural CFGs
11. Misc: Size Optimization
12. Misc: The Typestate Pattern
13. Misc: C++ Interoperability
14. Misc: Compile-time Metaprogramming