Rust Audit and Code Review
- Buy now
- Learn more
Welcome & Summary

Welcome & Overview
Summary
Materials

Day1_Rust_Security_audit_and_code_review_v1_4.pdf
rust_training_day_1.zip
Day1_Rust_Security_Audit_And_Code_Review_v1_7.pdf
1. Introduction to Rust

1.1 - What’s Rust?
1.2 - Rust basics 101
1.3 - Learning Rust
1.4 - Codes examples
2. Rust ecosystem

2.0 - Rust ecosystem
2.1 - Rust toolchains
2.2 - Compilation
2.3 - Development tools
2.4 - Development IDEs
3. Security concepts

3.0 - Security concepts
3.1 - Ownership
3.2 - Borrowing
3.3 - Lifetimes
4. Rust common vulnerabilities

4.0 - Rust vulnerabilities
4.1 - Error handling & Unwrapping
4.2 - Panicking macros
4.3 - Arithmetic errors
4.4 - UTF-8 strings handling
4.5 - Index out of bounds
4.6 - Stack overflow
4.7 - Resource_exhaustion / OOM
4.8 - Exercise #1 - Description
4.9 - Exercises #1 - Solution
4.10 - Exercises #2 - Description
4.11 - Exercises #2 - Solution
5. Unsafe codes

5.0 - What is unsafe code
5.1 - Tooling for detection
5.2- Out of bounds access
5.3 - Use After Free
5.4 - Double free
5.5 - Memory Leak
5.6 - Uninitialized Memory
5.7 - Data Races and Race Conditions
5.8 - Exercise #1 - Description
5.9 - Exercise #1 - Correction
5.10 - Exercise #2 - Description
5.11 - Exercise #2 - Correction
6. Rust advanced vulnerabilities

6.0 - Rust advanced vulnerabilities
6.1 - Cryptographic attacks/vulnerabilities
7. Auditing tools and code review

7.0 - Attack surface discovery
7.1 - Auditing tools
7.2 - Rust code review
7.3 - Exercices
7.4 - Closing remarks

Summary

1. Introduction to Rust

What’s Rust?
Rust basics 101
Learning Rust
Code examples

2. Rust ecosystem

Rust toolchains
Compilation
Development tools
Development IDEs

3. Security concepts

Security by design
Ownership
Borrowing
Lifetimes

4. Rust common vulnerabilities

Error handling & Unwrapping
Panicking macros
Arithmetic errors
UTF-8 strings handling
Index out of bounds
Stack overflow
Resource exhaustion / OOM
Exercises

5. Unsafe codes

What's unsafe code?
Tooling for detection
Out of bounds access
Use after free (UAF)
Double free
Memory leak
Uninitialized Memory
Data Races and Race Conditions
Exercises

6. Rust advanced vulnerabilities

Logic errors
(Un)Soundness
FFI vulnerability
Cryptographic attacks/vulnerabilities

7. Auditing tools and code review

Attack surface discovery
Auditing tools
Rust code review
Exercices