369 Resources
Golang dependency-security Libraries
Pokes users on Slack about outstanding risks found by Crowdstrike Spotlight or vmware Workspace ONE so they can secure their own endpoint.
🤖 security-slacker Pokes users on Slack about outstanding risks found by Crowdstrike Spotlight or vmware Workspace ONE so they can secure their own e
Pure Go implementation of the NaCL set of API's
go-nacl This is a pure Go implementation of the API's available in NaCL: https://nacl.cr.yp.to. Compared with the implementation in golang.org/x/crypt
Secure software enclave for storage of sensitive information in memory.
MemGuard Software enclave for storage of sensitive information in memory. This package attempts to reduce the likelihood of sensitive data being expos
Send and receive files securely through Tor.
onionbox A basic implementation of OnionShare in Go. Mostly built as a fun project, onionbox is still a WIP so usage is not guaranteed secure, yet. Ke
This application demonstrates how to launch high-performance "serverless" functions from the YoMo framework to process streaming data. The functions are embedded in a WebAssembly VM, WasmEdge, for safety, security, portability, and manageability.
Streaming Image Recognition by WebAssembly This project demonstrates how to process a video stream in real-time using WebAssembly and apply a pre-trai
Open Source runtime scanner for Linux containers (LXD), It performs security audit checks based on CIS Linux containers Benchmark specification
lxd-probe Scan your Linux container runtime !! Lxd-Probe is an open source audit scanner who perform audit check on a linux container manager and outp
Aegis is a library that allows you detect if your software is being debugged or not on Linux, FreeBSD, NetBSD, OpenBSD and Windows
Aegis is a library that allows you detect if your software is being debugged or not on Linux, FreeBSD, NetBSD, OpenBSD and Windows. You can use it natively from C or use the Go bind.
Aquatone is a tool for visual inspection of websites across a large amount of hosts and is convenient for quickly gaining an overview of HTTP-based attack surface.
Aquatone is a tool for visual inspection of websites across a large amount of hosts and is convenient for quickly gaining an overview of HTTP-based attack surface.
sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP
sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. (demo)
Mortar is a GO framework/library for building gRPC (and REST) web services.
Mortar Mortar is a GO framework/library for building gRPC (and REST) web services. Mortar has out-of-the-box support for configuration, application me
Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Ladon Scanner For Golang Wiki http://k8gege.org/Ladon/LadonGo.html 简介 LadonGo一款开源内网渗透扫描器框架,使用它可轻松一键探测C段、B段、A段存活主机、指纹识别、端口扫描、密码爆破、远程执行、高危漏洞检测等。3.6版本包含2
MQTT安全测试工具 (MQTT Security Tools)
███╗ ███╗ ██████╗ ████████╗████████╗███████╗ ████╗ ████║██╔═══██╗╚══██╔══╝╚══██╔══╝██╔════╝ ██╔████╔██║██║ ██║ ██║ ██║ ███████╗ ██║╚██╔╝█
全新的开源漏洞测试框架,实现poc在线编辑、运行、批量测试。使用文档:
pocassist是一个 Golang 编写的全新开源漏洞测试框架。 简单易用 只需要在前端编辑,即可生成poc对批量目标进行测试 单二进制文件,无依赖,也无需安装 性能优秀 支持高并发,通过使用 ants实例化协程池,复用 goroutine 多重内存复用,尽可能小的内存占用 规则体系 完全兼容x
Kubei is a flexible Kubernetes runtime scanner, scanning images of worker and Kubernetes nodes providing accurate vulnerabilities assessment, for more information checkout:
Kubei is a vulnerabilities scanning and CIS Docker benchmark tool that allows users to get an accurate and immediate risk assessment of their kubernet
F1 Game Telemetry Client written in Go (no dependency)
F1 Game Telemetry Client in Go Telemetry client for F1 Game, written in Go. Currently, supported only the UDP 2020 format. Features Event System Rich
Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more...
Take a list of domains and scan for endpoints, secrets, api keys, file extensions, tokens and more... Coded with 💙 by edoardottt. Share on Twitter! P
Cloud governance reports from native services in a clear and readable digest
cloudig, or Cloudigest, is a simple CLI tool for creating reports from various cloud sources with user-provided comments. It is written in Go and curr
Official IVPN Desktop app
IVPN for Desktop (Windows/macOS/Linux) IVPN for Desktop is the official IVPN app for desktop platforms. Some of the features include: multiple protoco
🚤 Cross-platform, unofficial CLI for Cloudflare Warp
wgcf is an unofficial, cross-platform CLI for Cloudflare Warp
A template repository to quickly scaffold a Kubewarden policy written with Go language
go-policy-template This is a template repository that can be used to to quickly scaffold a Kubewarden policy written with Go language. Don't forget to
Grafana Tempo is a high volume, minimal dependency distributed tracing backend.
Grafana Tempo is an open source, easy-to-use and high-scale distributed tracing backend. Tempo is cost-efficient, requiring only object storage to ope
Identity & Access Management simplified and secure.
IAM Zero Identity & Access Management simplified and secure. 🚀 Get Started | 📖 Support What is IAM Zero? IAM Zero detects identity and access manage
Just a simple CLI tool to group dependabot PRs by dependency and merge them.
Dependabotbot Have you been the victim of a lodash update? Has your notification page in Github been assaulted by needing to update a patch version of
CrowdSec - an open-source massively multiplayer firewall able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global IP reputation database to protect the user network.
📚 Documentation 💠 Configuration Hub 💬 Discourse (Forum) 💬 Gitter (Live chat) 💃 This is a community driven project, we need your feedback. TL;DR
A local LKM rootkit loader/dropper that lists available security mechanisms
A local LKM rootkit loader Introduction This loader can list both user and kernel mode protections that are present on the system, and additionally di
使用Golang编写简易版Sqlmap
Go-Sqlmap 介绍 sqlmap是渗透测试界的神器,于是想尝试写一个简单的sqlmap,深入理解sql注入 使用Golang重写的原因:高效、生成可执行文件直接运行、无需搭建环境等 图片 效果如图,目前能够完成基于报错的注入,sqli-lab前三关没问题 直接使用 指定数据库 指定表名 指定字
Dynamic Application Security Testing (DAST) for Cloud
Dynamic Application Security Testing (DAST) for Cloud Probr analyzes the complex behaviours and interactions in your cloud resources to enable enginee
A Simple and Comprehensive Vulnerability Scanner for Container Images, Git Repositories and Filesystems. Suitable for CI
A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI. Abstract Trivy (tri pronounced like trigger, vy
preflight helps you verify scripts and executables to mitigate chain of supply attacks such as the recent Codecov hack.
💣 Mitigate chain of supply attacks 👌 Verify your curl scripts and executables 🤔 What is it? preflight helps you verify scripts and executables to m
A fantastic modular Go web framework boiled with black magic.
A fantastic modular Go web framework boiled with black magic. Getting started The minimum requirement of Go is 1.16. To install Flamego: go get github
Authentication service that keeps you in control without forcing you to be an expert in web security.
Authentication service that keeps you in control without forcing you to be an expert in web security.
coyim - a safe and secure chat client
CoyIM - a safe and secure chat client CoyIM is a new client for the XMPP protocol. It is built upon https://github.com/agl/xmpp-client and https://git
Fast HTTP enumerator
monsoon A fast HTTP enumerator that allows you to execute a large number of HTTP requests, filter the responses and display them in real-time. Example
🦄🌈 YoyoGo is a simple, light and fast , dependency injection based micro-service framework written in Go.
🦄🌈 YoyoGo is a simple, light and fast , dependency injection based micro-service framework written in Go. Support Nacos ,Consoul ,Etcd ,Eureka ,kubernetes.
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Finder Of XSS, and Dal(달) is the Korean pronunciation of moon. What is DalFox 🌘 🦊 DalFox is a fast, powerful parameter analysis and XSS scanner, bas
Go Dependency Analysis toolkit
Goda is a Go dependency analysis toolkit. It contains tools to figure out what your program is using.
:vulcan_salute: Fast, modern, easy-to-use network scanner
sx is the command-line network scanner designed to follow the UNIX philosophy. The goal of this project is to create the fastest network scanner with
An HTTP/HTTPS intercept proxy written in Go.
Broxy Broxy is an open source intercept proxy written in Go. It makes use of goproxy as core proxy implementation and the interface is implemented wit
Lightweight, fast and dependency-free Cron expression parser (due checker) for Golang (tested on v1.13 and above)
adhocore/gronx gronx is Golang cron expression parser ported from adhocore/cron-expr. Zero dependency. Very fast because it bails early in case a segm
Convenience of containers, security of virtual machines
Convenience of containers, security of virtual machines With firebuild, you can build and deploy secure VMs directly from Dockerfiles and Docker image
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Introduction Microsoft Application Inspector is a software source code characterization tool that helps identify coding features of first or third par
Go fearless SQL. Sqlvet performs static analysis on raw SQL queries in your Go code base.
Sqlvet Sqlvet performs static analysis on raw SQL queries in your Go code base to surface potential runtime errors at build time. Feature highlights:
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Not Yet Another Password Manager written in Go using libsodium
secrets Secure and simple passwords manager written in Go. It aims to be NYAPM (Not Yet Another Password Manager), but tries to be different from othe
一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
Welcome to xray 👋 一款功能强大的安全评估工具 ✨ Demo 🏠 使用文档 ⬇️ 下载地址 注意:xray 不开源,直接下载构建的二进制文件即可,仓库内主要为社区贡献的 poc,每次 xray 发布将自动打包。 🚀 快速使用 在使用之前,请务必阅读并同意 License 文件中
🔍 gowitness - a golang, web screenshot utility using Chrome Headless
🔍 gowitness A golang, web screenshot utility using Chrome Headless. introduction gowitness is a website screenshot utility written in Golang, that us
Inspr is an application mesh for simple, fast and secure development of distributed applications.
Inspr is an engine for running distributed applications, using multiple communication patterns such as pub sub and more, focused on type consistency a
The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.
AWS Service Enumeration Disclaimer The tool is in beta stage (testing in progress), no destructive API Calls used ( read only actions ). I hope, there
Certificate authority and access plane for SSH, Kubernetes, web applications, and databases
Teleport is an identity-aware, multi-protocol access proxy which understands SSH, HTTPS, Kubernetes API, MySQL and PostgreSQL wire protocols.
Open Source runtime tool which help to detect malware code execution and run time mis-configuration change on a kubernetes cluster
Kube-Knark Project Trace your kubernetes runtime !! Kube-Knark is an open source tracer uses pcap & ebpf technology to perform runtime tracing on a de
Golang RESTful Client for HanLP.中文分词 词性标注 命名实体识别 依存句法分析 语义依存分析 新词发现 关键词短语提取 自动摘要 文本分类聚类 拼音简繁转换 自然语言处理
gohanlp 中文分词 词性标注 命名实体识别 依存句法分析 语义依存分析 新词发现 关键词短语提取 自动摘要 文本分类聚类 拼音简繁转换 自然语言处理 HanLP 的golang 接口 在线轻量级RESTful API 仅数KB,适合敏捷开发、移动APP等场景。服务器算力有限,匿名用户配额较少
Hubble - Network, Service & Security Observability for Kubernetes using eBPF
Network, Service & Security Observability for Kubernetes What is Hubble? Getting Started Features Service Dependency Graph Metrics & Monitoring Flow V
Decentralized VPN
Decentralized VPN The RadVPN doesn't need any central point as it connects to other nodes directly (full mesh) it has built-in router that helps packe
🔒🌍 Security scanner for your Terraform code
🔒🌍tfsec uses static analysis of your terraform templates to spot potential security issues.
Generated dependency injection containers in go (golang)
Generation of dependency injection containers for go programs (golang). Dingo is a code generator. It generates dependency injection containers based
Spaghetti: a dependency analysis tool for Go packages
Spaghetti is an interactive web-based tool to help you understand the dependencies of a Go program, and to explore and evaluate various possible efforts to eliminate dependencies.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Vuls: VULnerability Scanner Vulnerability scanner for Linux/FreeBSD, agent-less, written in Go. We have a slack team. Join slack team Twitter: @vuls_e
Compile-time Dependency Injection for Go
Wire: Automated Initialization in Go Wire is a code generation tool that automates connecting components using dependency injection. Dependencies betw
Gorsair hacks its way into remote docker containers that expose their APIs
Gorsair Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access
kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
Kunpeng 简介 Kunpeng是一个Golang编写的开源POC检测框架,集成了包括数据库、中间件、web组件、cms等等的漏洞POC(查看已收录POC列表),可检测弱口令、SQL注入、XSS、RCE等漏洞类型,以动态链接库的形式提供调用,通过此项目可快速开发漏洞检测类的系统,比攻击者快一步发
A zero dependency asset embedder for Go
Mewn A zero dependency asset embedder for Go. About Mewn is perhaps the easiest way to embed assets in a Go program. Here is an example: package main
Fast, dependency-free, small Go package to infer the binary file type based on the magic numbers signature
filetype Small and dependency free Go package to infer file and MIME type checking the magic numbers signature. For SVG file type checking, see go-is-
gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services 🔒
gorilla/csrf gorilla/csrf is a HTTP middleware library that provides cross-site request forgery (CSRF) protection. It includes: The csrf.Protect middl
At LinkedIn, we are using this curriculum for onboarding our entry-level talents into the SRE role.
School of SRE In early 2019, we started visiting campuses across India to recruit the best and brightest minds to ensure LinkedIn, and all the service
Hetty is an HTTP toolkit for security research.
Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful
Serverless SOAR (Security Orchestration, Automation and Response) framework for automatic inspection and evaluation of security alert
DeepAlert DeepAlert is a serverless framework for automatic response of security alert. Overview DeepAlert receives a security alert that is event of
⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting
A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting Family project Table of Contents WHW-Tools Weapons Awesome Bookmarkl
How to systematically secure anything: a repository about security engineering
How to Secure Anything Security engineering is the discipline of building secure systems. Its lessons are not just applicable to computer security. In
Advanced Honeypot framework.
Honeytrap Honeytrap is an extensible and opensource system for running, monitoring and managing honeypots. Features Combine multiple services to one h
The fastest HTTP/2 Go Web Framework. AWS Lambda, gRPC, MVC, Unique Router, Websockets, Sessions, Test suite, Dependency Injection and more. A true successor of expressjs and laravel | 谢谢 https://github.com/kataras/iris/issues/1329 |
News This is the under-development branch. Stay tuned for the upcoming release v12.2.0. Looking for a stable release? Head over to the v12.1.8 branch
The fastest dork scanner written in Go.
go-dork The fastest dork scanner written in Go. There are also various search engines supported by go-dork, including Google, Shodan, Bing, Duck, Yaho
Secure-by-default HTTP servers in Go.
go-safeweb DISCLAIMER: This is not an officially supported Google product. go-safeweb is a collection of libraries for writing secure-by-default HTTP
Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories: www.shhgit.com
shhgit helps secure forward-thinking development, operations, and security teams by finding secrets across their code before it leads to a security br
A scalable overlay networking tool with a focus on performance, simplicity and security
What is Nebula? Nebula is a scalable overlay networking tool with a focus on performance, simplicity and security. It lets you seamlessly connect comp
Sqreen's Application Security Management for the Go language
Sqreen's Application Security Management for Go After performance monitoring (APM), error and log monitoring it’s time to add a security component int
A Simple and Comprehensive Vulnerability Scanner for Container Images, Git Repositories and Filesystems. Suitable for CI
A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI. Table of Contents Abstract Features Installation
The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse e
Compile-time dependency injection for Go
Dihedral Dihedral is a compile-time injection framework for Go. Getting started go get -u github.com/dimes/dihedral Create a type you want injected
Declarative penetration testing orchestration framework
Decker - Penetration Testing Orchestration Framework Purpose Decker is a penetration testing orchestration framework. It leverages HashiCorp Configura
Gorsair hacks its way into remote docker containers that expose their APIs
Gorsair Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access
Age based repository file encryption gitops tool
agebox Easy and simple file repository encryption tool based on Age. Have you ever though "this should be simple" while you were using tools like Blac
A flexible configuration manager for Wireguard networks
Drago A flexible configuration manager for WireGuard networks Drago is a flexible configuration manager for WireGuard networks which is designed to ma
Golang security checker
gosec - Golang Security Checker Inspects source code for security problems by scanning the Go AST. License Licensed under the Apache License, Version
ServerScan一款使用Golang开发的高并发网络扫描、服务探测工具。
ServerScan ███████╗███████╗██████╗ ██╗ ██╗███████╗██████╗ ███████╗ ██████╗ █████╗ ███╗ ██╗ ██╔════╝██╔════╝██╔══██╗██║ ██║██╔════╝██╔══██╗
Demonstrating how you can take an action to your intrusions detected by Falco using OpenFaaS functions
Kubernetes Response Engine powered by OpenFaaS Although Falco can be used to detect any intrusion attempts and sends alerts to channels according to t
Vilicus is an open source tool that orchestrates security scans of container images(docker/oci) and centralizes all results into a database for further analysis and metrics.
Vilicus Table of Contents Overview How does it work? Architecture Development Run deployment manually Usage Example of analysis Overview Vilicus is an
rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
rpCheckup - Catch AWS resource policy backdoors like Endgame rpCheckup is an AWS resource policy security checkup tool that identifies public, externa
Package core is a service container that elegantly bootstrap and coordinate twelve-factor apps in Go.
Package core is a service container that elegantly bootstrap and coordinate twelve-factor apps in Go. Background The twelve-factor methodology has pro
Machine is a zero dependency library for highly concurrent Go applications.
Machine is a zero dependency library for highly concurrent Go applications. It is inspired by errgroup.Group with extra bells & whistles
Friends don't let friends leak secrets on their terminal window
senv - safer env Friends don't let friends leak secrets in terminal windows. 📺 Print your environment to the terminal without worry.
Listing git repository from URL/User/Org
This tool is available when the repository, such as github, is included in the bugbounty scope. Sometimes specified as an org name or user name rather than a specific repository, you can use this tool to extract url from all public repositories included in the org/user.
Tracee: Linux Runtime Security and Forensics using eBPF
Tracee is a Runtime Security and forensics tool for Linux. It is using Linux eBPF technology to trace your system and applications at runtime, and analyze collected events to detect suspicious behavioral patterns.
Tool to check for dependency confusion vulnerabilities in multiple package management systems
Confused A tool for checking for lingering free namespaces for private package names referenced in dependency configuration for Python (pypi) requirem
Someone tried to unlock your device
PC Auth Notifier Someone tried to unlock your device I made this project because I want to learn flutter by myself, unfortunately I can't use my XPS c
Telling tales on you for leaking secrets!
Squealer Telling tales on you for leaking secrets! Squealer scans a local git repository for secrets that are being leaked deep within the commit hist
Automatic Linux privesc via exploitation of low-hanging fruit
Traitor Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy! Traitor packages up a bunch of methods to e
zero-trust remote firewall instrumentation
ShieldWall embraces the zero-trust principle and instruments your server firewall to block inbound connections from every IP on any port, by default.
🏵 Gee is tool of stdin to each files and stdout
Gee is tool of stdin to each files and stdout. It is similar to the tee command, but there are more functions for convenience. In addition, it was written as go. which provides output to stdout and files.
⛩️ Go library for protecting HTTP handlers with authorization bearer token.
G8, pronounced Gate, is a simple Go library for protecting HTTP handlers with tokens. Tired of constantly re-implementing a security layer for each