We are proud to express our love to Rust that keeps the vulns rolling in

Summary

What we do is parse security vulnerabilities and

match them against user profiles.

In order to cover the majority of platforms

and software we need to dig throw a ton of

vulnerabilities. We do everything from

parse large XML blobs from operating system

to writing custom spiders that gather the data

and the list goes on.

In order to make Firo work we need to write good

and effective code and the programming language Rust

is making us very happy and we love the Rust devs for that ❤.

Rust is a pretty new programming language

that is trying to achieve a programming language

trifecta:

* Speed

* Safety

* Concurrency

Rust can be looked at like a modern c++ with built in

memory management and a great library manager Cargo!

Some of our favorite Crates(Libraries)

lmdb_rs

lmdb is our favorite key value based database because it simply provides us with great performance. Here is a syntax example:

extern crate lmdb_rs as lmdb; use lmdb::{EnvBuilder, DbFlags}; let env = EnvBuilder::new(); let env = env.map_size(10485760 * 1024); let env = env.open("database-lmdb", 0o777).unwrap(); let db_handle = env.get_default_db(DbFlags::empty()).unwrap(); let txn = env.new_transaction().unwrap(); { let db = txn.bind(&db_handle); db.set(&input0, &input1).unwrap(); } match txn.commit() { Err(_) => println!("failed to commit!"), Ok(_) => () }

lmdb is also used by a lot of projects such as openldap and Monero! Links: lmdb on wikipedia

Note:

After we have run lmdb for a while we realized how unstable it was,

so for larger systems we do not recommend it.

reqwest

Reqwest is almost like what the request library in python is, a great http swizz army knife library for all your http needs. During bench marking http downloads reqwest performed a lot better then regular old wget! Syntax example:

extern crate reqwest; let mut res = reqwest::get(&url)?; let mut body = String::new(); res.read_to_string(&mut body)?;

Link: Reqwest crates.io

xml-rs

Like a grave digger looking for gold xml-rs is our pick ax in the hunt for vulnerabilities in the xml swamp :) Link: xml-rs

blake2

Blake was one of the candidates to sha3 and now its mainly used by a lot of paranoid people people writing encryption applications. The blake2 is both a nice implementation of blake2 and has a simple syntax for creating a hash:

use blake2::{Blake2b, Digest}; let hash = Blake2b::digest(inputstring.as_bytes()); let hashstring = format!("{:x}", hash);

Link: https://crates.io/crates/blake2

jobsteal

A simple to use threadpool library with a great name! Link: https://github.com/rphmeier/jobsteal