25 Resources
Golang infosec Libraries
CLi tools helping to forge HTTP smuggling attack and others
HTTPCustomHouse CLi tools helping to forge HTTP smuggling attack and others (httpcustomhouse) Analyze smuggled request without interacting with remote
Pwnkit-go - Exploit for the PwnKit vulnerability, CVE-2021-4034, written in Go
Pwnkit-go This is a working exploit for the pwnkit vulnerability, CVE-2021-4034,
Volana - Shell command obfuscation to avoid detection systems
volana (moon in malagasy) { Use it ; π(hide from); π(detected by) } Shell comm
sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
sgCheckup - Check your Security Groups for Unexpected Open Ports & Generate nmap Output sgCheckup is a tool to scan your AWS Security Groups for a com
Fast, zero config web endpoint change monitor
web monitor fast, zero config web endpoint change monitor. for comparing responses, a selected list of http headers and the full response body is stor
Golang port of SharpEDRChecker: EDRHunt
EDRHunt scans Windows services, drivers, processes, registry for installed EDRs.
Session Cookie Finder
goSCF Session Cookie Finder - It helps you to find the main session cookie/s (upto 4) from the bunch of cookies, which is responsible for the user aut
Notification webhook for GoPhish
GoPhish Notifier GoPhish Notifier notifies red team members when their GoPhish campaign status has been updated. It supports both Slack and Email noti
A tool get level of subdomain from 1....n
dlevel Get any level of subdomain from 1....N Install go get -u github.com/MPaandeey/dlevel Usage Example π files.txt hackerone.com info.hackerone.co
Another JS scanner but in Go
NipeJS Read list of JS files and look for sensitive data via regex. β Install go get github.com/i5nipe/nipejs β Regular expressions Download the file
Aegis is a library that allows you detect if your software is being debugged or not on Linux, FreeBSD, NetBSD, OpenBSD and Windows
Aegis is a library that allows you detect if your software is being debugged or not on Linux, FreeBSD, NetBSD, OpenBSD and Windows. You can use it natively from C or use the Go bind.
Fast web fuzzer written in Go
/'___\ /'___\ /'___\ /\ \__/ /\ \__/ __ __ /\ \__/ \ \ ,__\\ \ ,__\/\ \/\ \ \ \ ,__\ \ \ \_/ \ \ \_/\ \ \_\ \ \ \
:vulcan_salute: Fast, modern, easy-to-use network scanner
sx is the command-line network scanner designed to follow the UNIX philosophy. The goal of this project is to create the fastest network scanner with
Golang implementation of PyMISP-feedgenerator
Go-MispFeedGenerator Generate MISP feeds without a MISP Instance! Go-MispFeedGenerator aka Go-MFG1000, is a library providing all functions needed to
Gorsair hacks its way into remote docker containers that expose their APIs
Gorsair Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access
Idiomatic nmap library for go developers
nmap This library aims at providing idiomatic nmap bindings for go developers, in order to make it easier to write security audit tools using golang.
Hetty is an HTTP toolkit for security research.
Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful
The fastest dork scanner written in Go.
go-dork The fastest dork scanner written in Go. There are also various search engines supported by go-dork, including Google, Shodan, Bing, Duck, Yaho
Gorsair hacks its way into remote docker containers that expose their APIs
Gorsair Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has access
rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
rpCheckup - Catch AWS resource policy backdoors like Endgame rpCheckup is an AWS resource policy security checkup tool that identifies public, externa
Automatic Linux privesc via exploitation of low-hanging fruit
Traitor Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy! Traitor packages up a bunch of methods to e
Git folder digger, I'm sure it's worthwhile stuff.
Gigger Git folder digger, I'm sure it's worthwhile stuff. Installation Download a prebuilt binary from releases page. or If you have recent go compile
MemBi is all the members of bugbounty and infosec project.
Member of Bugbounty and Infosec π€ What is MemBi? MemBi is all the members of bugbounty and infosec project. If you don't know who to follow, see! π
Cameradar hacks its way into RTSP videosurveillance cameras
Cameradar An RTSP stream access tool that comes with its library Cameradar allows you to Detect open RTSP hosts on any accessible target host Detect w