Filter By
429 Resources
Golang Security
step-ca is an online certificate authority for secure, automated certificate management.
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
CrowdSec - an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global IP reputation database to protect the user network.
📚 Documentation 💠 Configuration Hub 💬 Discourse (Forum) 💬 Gitter (Live chat) 💃 This is a community driven project, we need your feedback. TL;DR
Obfuscate Go code by wrapping the Go toolchain
Obfuscate Go code by wrapping the Go toolchain.
Nuclei is a fast tool for configurable targeted vulnerability scanning based on templates offering massive extensibility and ease of use.
Fast and customisable vulnerability scanner based on simple YAML based DSL. How • Install • For Security Engineers • For Developers • Documentation •
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。
一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。 支持主机存活探测、端口扫描、常见服务的爆破、ms17010、redis批量写公钥、计划任务反弹shell、读取win网卡信息、web指纹识别、web漏洞扫描等。
一款适用于红蓝对抗中的蜜罐和钓鱼系统
goblin 钓鱼演练工具 [English Readme Click Me] goblin 是一款适用于红蓝对抗的钓鱼演练工具。通过反向代理,可以在不影响用户操作的情况下无感知的获取用户的信息,或者诱导用户操作。也可以通过使用代理方式达到隐藏服务端的目的。内置插件,通过简单的配置,快速调整网页内容
ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file.
ZipExec ZipExec is a Proof-of-Concept (POC) tool to wrap binary-based tools into a password-protected zip file. This zip file is then base64 encoded i
Check and exploit log4j2 vulnerability with single Go program.
log4j2-exp Check and exploit log4j2 vulnerability with single Go program. You don't need to install anything except develop it. It supports ldaps and
Let's Encrypt client and ACME library written in Go
Let's Encrypt client and ACME library written in Go. Features ACME v2 RFC 8555 Register with CA Obtain certificates, both from scratch or with an exis
Secure software enclave for storage of sensitive information in memory.
MemGuard Software enclave for storage of sensitive information in memory. This package attempts to reduce the likelihood of sensitive data being expos
Proto-find is a tool for researchers that lets you find client side prototype pollution vulnerability.
proto-find proto-find is a tool for researchers that lets you find client side prototype pollution vulnerability. How it works proto-find open URL in
gosec - Golang Security Checker
Inspects source code for security problems by scanning the Go AST.
Coraza WAF is a golang modsecurity compatible web application firewall library
Coraza Web Application Firewall, this project is a Golang port of ModSecurity with the goal to become the first enterprise-grade Open Source Web Application Firewall, flexible and powerful enough to serve as the baseline for many projects.
Tool to check whether one of your applications is affected by a vulnerability in log4j: CVE-2021-44228
log4shell.tools log4shell.tools is a tool allows you to run a test to check whether one of your applications is affected by a vulnerability in log4j:
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Vuls: VULnerability Scanner Vulnerability scanner for Linux/FreeBSD, agent-less, written in Go. We have a slack team. Join slack team Twitter: @vuls_e
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments, build and deploy repeatable infrastructure focussed on
Scan and analyze OSS dependencies and licenses from compiled Go binaries
golicense - Go Binary OSS License Scanner golicense is a tool that scans compiled Go binaries and can output all the dependencies, their versions, and
Fast scan for redtools
scaninfo by 华东360安服团队 注意的点 漏洞扫描的时候有时候最后几个任务会卡住,是因为ftp爆破模块,这个fscan也一样目前没有好的解决办法,后续更新.先阶段可以-eq 21跳过ftp,或者control+c 主动停止不影响结果保存。 有时候扫外网的全端口会漏掉端口可以使用-n 指定
A modern tool for the Windows kernel exploration and tracing
Fibratus A modern tool for the Windows kernel exploration and observability Get Started » Docs • Filaments • Download • Discussions What is Fibratus?
ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
ServerScan ███████╗███████╗██████╗ ██╗ ██╗███████╗██████╗ ███████╗ ██████╗ █████╗ ███╗ ██╗ ██╔════╝██╔════╝██╔══██╗██║ ██║██╔════╝██╔══██╗
Golang port of SharpEDRChecker: EDRHunt
EDRHunt scans Windows services, drivers, processes, registry for installed EDRs.
A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems
Let's Encrypt client and ACME library written in Go
Let's Encrypt client and ACME library written in Go. Features ACME v2 RFC 8555 Register with CA Obtain certificates, both from scratch or with an exis
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple to
Go bindings for YARA
go-yara Go bindings for YARA, staying as close as sensible to the library's C-API while taking inspiration from the yara-python implementation. Build/
End-to-end encrypted file transfer for Android. An Android Magic Wormhole client.
wormhole-william-mobile This is a Magic Wormhole client for Android. (Perhaps someday this will also support iOS). Some current limitations: Receiving
A tool for secrets management, encryption as a service, and privileged access management
Vault Please note: We take Vault's security and our users' trust very seriously. If you believe you have found a security issue in Vault, please respo
Container Signing
cosign Container Signing, Verification and Storage in an OCI registry. Cosign aims to make signatures invisible infrastructure. Info Cosign is develop
Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.
Database protection suite with field level encryption and intrusion detection. | Acra Engineering Examples | Documentation | Installation | Examples a
A scanner for running security-related configuration checks such as CIS benchmarks
Localtoast Localtoast is a scanner for running security-related configuration checks such as CIS benchmarks in an easily configurable manner. The scan
🔑 A decentralized key derivation protocol for simple passphrase.
Throttled Identity Protocol (TIP) is a decentralized key derivation protocol, which allows people to obtain a strong secret key through a very simple passphrase, e.g. a six-digit PIN.
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.
EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptograp
Go-sec-code is a project for learning Go vulnerability code.
Welcome to go-sec-code 👋 Go-sec-code is a project for learning Go vulnerability code. 🏠 Homepage Introduction 用beego作为后端框架开发的go语言靶场,目前已经完成 commandIn
Implementation of Secret Service API
Secret Service Implementation of Secret Service API What does this project do? By using secret service, you don't need to use KeePassXC secretservice
Monmind - obfuscate multiple strings & hide text from binary searching
Monmind - obfuscate multiple strings & hide text from binary searching Obfuscation strings in golang code INSTALL You can install monmind by running:
Git-like capabilities for your object storage
What is lakeFS lakeFS is an open source layer that delivers resilience and manageability to object-storage based data lakes. With lakeFS you can build
SigStore WebPKI
fulcio - A New Kind of Root CA For Code Signing fulcio is a free Root-CA for code signing certs - issuing certificates based on an OIDC email address.
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
Easy and Powerful TLS Automation The same library used by the Caddy Web Server Caddy's automagic TLS features—now for your own Go programs—in one powe
Find secrets and passwords in container images and file systems
Find secrets and passwords in container images and file systems
PHP security vulnerabilities checker
Local PHP Security Checker The Local PHP Security Checker is a command line tool that checks if your PHP application depends on PHP packages with know
This project used to learn golang and try to bypass AV
sucksAV This project used to learn golang and try to bypass AV 描述 基于Golang开发的BypassAV,采取的shellcode分离技术,将shellcode注入到图片中,通过加载器进行加载,使用Golang动态加载技术 需要使用第
A scanner/exploitation tool written in GO, which leverages Prototype Pollution to XSS by exploiting known gadgets.
ppmap A simple scanner/exploitation tool written in GO which automatically exploits known and existing gadgets (checks for specific variables in the g
Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain.
pinentry-touchid Custom GPG pinentry program for macOS that allows using Touch ID for fetching the password from the macOS keychain. Macbook Pro devic
边界打点后的自动化渗透工具
InScan开源扫描器 简介 本工具只可用于安全测试,勿用于非法用途! 工具定位 边界打点后的自动化内网工具,完全与服务端脱离。服务端只用于生成poc,网段信息等配置。 内网渗透痛点 目前已有的扫描器,依赖库较多,体积过于庞大,在内网渗透中,很多极端情况无法安装扫描器,使用socks4/socks5
Easy to use cryptographic framework for data protection: secure messaging with forward secrecy and secure data storage. Has unified APIs across 14 platforms.
Themis provides strong, usable cryptography for busy people General purpose cryptographic library for storage and messaging for iOS (Swift, Obj-C), An
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
SourcePoint SourcePoint is a polymorphic C2 profile generator for Cobalt Strike C2s, written in Go. SourcePoint allows unique C2 profiles to be genera
In 'n Out - See what goes in and comes out of PEs/DLLs
In 'n Out Parse and return PE information ino -v comsvcs.dll { "Name": "string", "Path": "string", "Type": "string file|directory", "Im
SPIRE is a toolchain of APIs for establishing trust between software systems across a wide variety of hosting platforms
SPIRE (the SPIFFE Runtime Environment) is a toolchain of APIs for establishing trust between software systems across a wide variety of hosting platforms
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place
cent Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place Inst
Build awesome Golang desktop apps and beautiful interfaces with Vue.js, React.js, Framework 7, and more...
Guark Guark allows you to build beautiful user interfaces using modern web technologies such as Vue.js, React.js..., while your app logic handled and
Idiomatic nmap library for go developers
nmap This library aims at providing idiomatic nmap bindings for go developers, in order to make it easier to write security audit tools using golang.
Gofrette is a reverse shell payload developed in Golang that bypasses Windows defender and many others anti-virus.
Gofrette Gofrette is a reverse shell payload developed in Golang that bypasses Windows defender and many others anti-virus.
✒ A self-hosted, cross-platform service to sign iOS apps using any CI as a builder
iOS Signer Service A self-hosted, cross-platform service to sign iOS apps using any CI as a builder Introduction There are many reasons to install app
Automatic Linux privesc via exploitation of low-hanging fruit
Traitor Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy! Traitor packages up a bunch of methods to e