397 Resources
Golang pentest-tools Libraries
2FA (Two-Factor Authentication) application for CLI terminal with support to import/export andOTP files.
zauth zauth is a 2FA (Two-Factor Authentication) application for terminal written in Go. Features Supports both TOTP and HOTP codes. Add new entries d
Gort is a chatbot framework designed from the ground up for chatops.
Gort Gort is considered "minimally viable", but is still a work in progress under active heavy development. Follow for updates! Gort is a chatbot fram
Redis inventory is a tool to analyse Redis memory usage by key patterns and displaying it hierarchically
Redis inventory is a tool to analyse Redis memory usage by key patterns and displaying it hierarchically. The name is inspired by "Disk Inventory X" tool doing similar analysis for disk usage.
Iter tools for Go(Golang)
Iter tools for Go(Golang) The stable version has been moved to : https://github.com/serge-hulne/go_iter Defines: Filter Map Reduce Range Take on colle
Golang binary for data exfiltration with ICMP protocol
QueenSono ICMP Data Exfiltration A Golang Package for Data Exfiltration with ICMP protocol. QueenSono tool only relies on the fact that ICMP protocol
一个k8s的工具集合
kubectl-tools 这是一款kubectl的工具集合,未来会集成一些好用的功能 源代码 https://github.com/NoBugBoy/kubectl-tools 点个star不过分 使用方法 kubernetes版本 1.12 + 直接从release中下载 https://g
extension of SMx crypto support for go standard lib
Crypto Extension support of China crypto standards for go lib. You can simply copy and replace them to [your_go_src_path]/crypto Use as vendor is alte
mini tools handling migrasion database from cli
mini tools handling migrasion database from cli
Command line monitoring for goroutines
grmon Command line monitoring for goroutines Install go get -u github.com/bcicen/grmon Usage Simply import and call grmon.Start() somewhere in your co
Eget is the best way to easily get pre-built binaries for your favorite tools.
Eget: easy pre-built binary installation Eget is the best way to easily get pre-built binaries for your favorite tools. It downloads and extracts pre-
2FA (Two-Factor Authentication) application for CLI terminal with support to import/export andOTP files.
zauth zauth is a 2FA (Two-Factor Authentication) application for terminal written in Go. Features Supports both TOTP and HOTP codes. Add new entries d
Dynamically Generates Ysoserial's Payload by Golang
Gososerial 介绍 ysoserial是java反序列化安全方面著名的工具 无需java环境,无需下载ysoserial.jar文件 输入命令直接获得payload,方便编写安全工具 目前已支持CC1-CC7,K1-K4和CB1链 Introduce Ysoserial is a well-
Go iter tools (for iterating , mapping, filtering, reducing streams -represented as channels-)
Go iter tools (for iterating , mapping, filtering, reducing streams -represented as channels-)
Tools to help teams develop smart contracts on the Cardano blockchain
toolkit-for-cardano toolkit-for-cardano simplifies the development of Cardano smart contracts by providing teams with frequently needed tasks: Build T
Super Java Vulnerability Scanner
XiuScan 不完善,正在开发中 介绍 一个纯Golang编写基于命令行的Java框架漏洞扫描工具 致力于参考xray打造一款高效方便的漏扫神器 计划支持Fastjson、Shiro、Struts2、Spring、WebLogic等框架 PS: 取名为XiuScan因为带我入安全的大哥是修君 特点
An easy-to-use SHA-1 hash-cracker written in Golang.
wrench - An easy-to-use SHA-1 hash-cracker. Wrench is an SHA-1 hash-cracker that relies on wordlists for comparing hashes, and cracking them. Before W
This tool will listen on a given port, strip SSL encryption, forward traffic through a plain TCP proxy, then encrypt the returning traffic again and send it to the target of your choice. Unlike most SSL stripping solutions this tool will negotiate ALPN and preserve the negotiated protocol all the way to the target.
ALPN Pass This tool will listen on a given port, strip SSL encryption, forward traffic through a plain TCP proxy, then encrypt the returning traffic a
🌀 Dismap - Asset discovery and identification tool
🌀 Dismap - Asset discovery and identification tool [English readme Click Me] Dismap 定位是一个资产发现和识别工具;其特色功能在于快速识别 Web 指纹信息,定位资产类型。辅助红队快速定位目标资产信息,辅助蓝队发现疑
Go-lang LDAP Authentication (GLAuth) is a secure, easy-to-use, LDAP server w/ configurable backends.
A lightweight LDAP server for development, home use, or CI
GoKart - Go Security Static Analysis
GoKart is a static analysis tool for Go that finds vulnerabilities using the SSA (single static assignment) form of Go source code.
yq is a portable command-line YAML processor
yq a lightweight and portable command-line YAML processor. yq uses jq like syntax but works with yaml files as well as json. It doesn't yet support ev
JSONL graph tools - Graph is represented as JSONL of nodes and edges.
JSONL graph tools - Graph is represented as JSONL of nodes and edges.
ctrsploit: A penetration toolkit for container environment
ctrsploit: A penetration toolkit for container environment
A tool get level of subdomain from 1....n
dlevel Get any level of subdomain from 1....N Install go get -u github.com/MPaandeey/dlevel Usage Example 📄 files.txt hackerone.com info.hackerone.co
A penetration toolkit for container environment
ctrsploit: A penetration toolkit for container environment 中文文档 Pre-Built Release https://github.com/ctrsploit/ctrsploit/releases Usage Quick-Start wg
gosec - Golang Security Checker
Inspects source code for security problems by scanning the Go AST.
[独角数卡]更新迁移工具
独角数卡-工具箱 采用Golang编写,支持全平台编译运行,主要用于独角数卡迁移,更新,帮助等等一系列功能。 目前实现的功能 1.8.x版本数据迁移至2.x版本 安装方式 一、自行编译 此安装方式多用于开发者,需电脑上安装go语言环境。 go语言官网 下载源代码: # 克隆仓库 git clone
red-tldr is a lightweight text search tool, which is used to help red team staff quickly find the commands and key points they want to execute, so it is more suitable for use by red team personnel with certain experience.
Red Team TL;DR English | 中文简体 What is Red Team TL;DR ? red-tldr is a lightweight text search tool, which is used to help red team staff quickly find t
Dasel - Select, put and delete data from JSON, TOML, YAML, XML and CSV files with a single tool.
Select, put and delete data from JSON, TOML, YAML, XML and CSV files with a single tool. Supports conversion between formats and can be used as a Go package.
Gokins是一个款轻量级、能够持续集成和持续交付的工具。
Gokins文档 Gokins: More Power Gokins一款由Go语言和Vue编写的款轻量级、能够持续集成和持续交付的工具. 持续集成和持续交付 作为一个可扩展的自动化服务器,Gokins 可以用作简单的 CI 服务器,或者变成任何项目的持续交付中心 简易安装 Gokins 是一个基于
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Ligolo-ng : Tunneling like a VPN An advanced, yet simple, tunneling tool that uses a TUN interface. by TNP IT Security Table of Contents Introduction
hotbuild - a cross platform hot compilation tool for golang
hotbuild A cross platform hot compilation tool By monitoring the modification of the project directory file, the recompilation and running are automat
Gokins是一个款轻量级、能够持续集成和持续交付的工具。
Gokins文档 Gokins: More Power Gokins一款由Go语言和Vue编写的款轻量级、能够持续集成和持续交付的工具. 持续集成和持续交付 作为一个可扩展的自动化服务器,Gokins 可以用作简单的 CI 服务器,或者变成任何项目的持续交付中心 简易安装 Gokins 是一个基于
Go-Notebook is inspired by Jupyter Project (link) in order to document Golang code.
Go-Notebook Go-Notebook is an app that was developed using go-echo-live-view framework, developed also by us. GitHub repository is here. For this proj
frida debug tools
fd windows下frida的调试工具 (单 exe,不需要python和nodejs) 现在他只支持USB english click here 预编译的二进制文件在这里下载 支持列表: 创建一个基于 frida-agent-example的typescript工程(拥有完美的智能提示) 使用
🐺 Deploy Databases and Services Easily for Development and Testing Pipelines.
Peanut provides an API and a command line tool to deploy and configure the commonly used services like databases, message brokers, graphing tools ... etc. It perfectly suited for development, manual testing, automated testing pipelines where mocking is not possible and test drives.
collection of tools to gleam insights from a full bitclout node's data
bitcloutscripts collection of tools to gleam insights from a full bitclout node's data bitcloutscripts $ ./bcs bcs posts # print all posts
Aegis is a library that allows you detect if your software is being debugged or not on Linux, FreeBSD, NetBSD, OpenBSD and Windows
Aegis is a library that allows you detect if your software is being debugged or not on Linux, FreeBSD, NetBSD, OpenBSD and Windows. You can use it natively from C or use the Go bind.
A Visual Go REST API boilerplate builder.
A Visual Go REST API boilerplate builder. The boilerplate builder will export a Go web server with 0 dependencies, besides the ones you add.
gophertunnel is composed of several packages that may be of use for creating Minecraft related tools
gophertunnel is composed of several packages that may be of use for creating Minecraft related tools. A brief overview of all packages may be found here.
Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
Ladon Scanner For Golang Wiki http://k8gege.org/Ladon/LadonGo.html 简介 LadonGo一款开源内网渗透扫描器框架,使用它可轻松一键探测C段、B段、A段存活主机、指纹识别、端口扫描、密码爆破、远程执行、高危漏洞检测等。3.6版本包含2
MQTT安全测试工具 (MQTT Security Tools)
███╗ ███╗ ██████╗ ████████╗████████╗███████╗ ████╗ ████║██╔═══██╗╚══██╔══╝╚══██╔══╝██╔════╝ ██╔████╔██║██║ ██║ ██║ ██║ ███████╗ ██║╚██╔╝█
全新的开源漏洞测试框架,实现poc在线编辑、运行、批量测试。使用文档:
pocassist是一个 Golang 编写的全新开源漏洞测试框架。 简单易用 只需要在前端编辑,即可生成poc对批量目标进行测试 单二进制文件,无依赖,也无需安装 性能优秀 支持高并发,通过使用 ants实例化协程池,复用 goroutine 多重内存复用,尽可能小的内存占用 规则体系 完全兼容x
GoTTY is a simple command line tool that turns your CLI tools into web applications.
GoTTY - Share your terminal as a web application
CapMonsterTool is a set of Go tools designed to simply make requests to the CapMonster Cloud API.
✨ CapMonsterTool ✨ About this module What is ✨ CapMonsterTool ✨ ? CapMonsterTool is a set of Go tools designed to simply make requests to the CapMonst
Access more HTTP ports over CDN with this application.
More-Ports More Ports is a proxy service to establish all web-based applications on different ports on the server-side over a well known TCP port. It
sleuth checks that you declared a slice with length and you are trying append to the slice.
sleuth sleuth detects when an append is used on a slice with an initial size. Instruction go install github.com/sivchari/sleuth/cmd/sleuth Usage packa
Hermit manages isolated, self-bootstrapping sets of tools in software projects.
Hermit - uniform tooling for Linux and Mac Hermit installs tools for software projects in self-contained, isolated sets, so your team, your contributo
golang consul tools
中文文档 consult A consul key/value tool for golang Usage install go get -u github.com/xxjwxc/consult@master New Config conf := consulkv.NewConfig() With
Identity & Access Management simplified and secure.
IAM Zero Identity & Access Management simplified and secure. 🚀 Get Started | 📖 Support What is IAM Zero? IAM Zero detects identity and access manage
A tool to restart a Docker container with a newer version of the image
repull A tool to restart a Docker container with a newer version of an image used by the container Often you may need to pull a newer version of an im
DNS Ping: to check packet loss and latency issues with DNS servers
DNSping DNS Ping checks packet loss and latency issues with DNS servers Installation If you have golang, easiest install is go get -u fortio.org/dnspi
gopkg is a universal utility collection for Go, it complements offerings such as Boost, Better std, Cloud tools.
gopkg is a universal utility collection for Go, it complements offerings such as Boost, Better std, Cloud tools. Table of Contents Introduction
使用Golang编写简易版Sqlmap
Go-Sqlmap 介绍 sqlmap是渗透测试界的神器,于是想尝试写一个简单的sqlmap,深入理解sql注入 使用Golang重写的原因:高效、生成可执行文件直接运行、无需搭建环境等 图片 效果如图,目前能够完成基于报错的注入,sqli-lab前三关没问题 直接使用 指定数据库 指定表名 指定字
Tools to write high performance GraphQL applications using Go/Golang.
graphql-go-tools Sponsors WunderGraph Are you looking for a GraphQL e2e data fetching solution? Supports frameworks like NextJS, type safety with gene
A Simple and Comprehensive Vulnerability Scanner for Container Images, Git Repositories and Filesystems. Suitable for CI
A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts, Suitable for CI. Abstract Trivy (tri pronounced like trigger, vy
Collect data about your dependencies
Collect data about your dependencies Features and Data Sources: Go modules, runs tests, detects tests and benchmarks Flexible rendering with Graphviz,
Interactive client for PostgreSQL and MySQL
dblab Interactive client for PostgreSQL and MySQL. Overview dblab is a fast and lightweight interactive terminal based UI application for PostgreSQL a
Collection of tools to interact with Intigriti website
Small tool, written in Go, that constantly monitors Activity feed on https://app.intigriti.com Dashboard page and sends Slack/Discord notifications on
A flexible commandline tool for template rendering. Supports lots of local and remote datasources.
Read the docs at docs.gomplate.ca, chat with developers and community in the #gomplate channel on Gophers Slack gomplate is a template renderer which
httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
Features • Installation • Usage • Running httpx • Notes • Join Discord httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers us
Upterm is an open-source solution for sharing terminal sessions instantly over the public internet via secure tunnels.
Upterm is an open-source solution for sharing terminal sessions instantly over the public internet via secure tunnels.
The smart virtual machines manager. A modern CLI for Vagrant Boxes.
The smart virtual machines manager Table of Contents: What is Vermin Install Vermin Usage Contributors TODO What is Vermin Vermin is a smart, simple a
🔥 A fast and beautiful command line tool to build API requests.
Poodle A fast and beautiful command line tool to build API requests 🦄 Check out the full Demo! Poodle is an interactive command line tool to build an
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Finder Of XSS, and Dal(달) is the Korean pronunciation of moon. What is DalFox 🌘 🦊 DalFox is a fast, powerful parameter analysis and XSS scanner, bas
A clipboard-based mocking framework for Go that gets out of your way.
A clipboard-based mocking framework for Go that gets out of your way. This tool has been built with inspiration lovingly taken from Moq, and fuelled b
database to golang struct
中文文档 mysql database to golang struct conversion tools base on gorm(v1/v2),You can automatically generate golang sturct from mysql database. big Camel-
An HTTP/HTTPS intercept proxy written in Go.
Broxy Broxy is an open source intercept proxy written in Go. It makes use of goproxy as core proxy implementation and the interface is implemented wit
SSH Lightweight management tools
tssh golang 实现的ssh 工具 安装 下载安装 下载地址 release windows用户请手动下载,暂时不提供一键安装模式( 主要是批处理脚本不会写 ) Mac一键安装 /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.
Chanify is a safe and simple notification tools. This repository is command line tools for Chanify.
Chanify is a safe and simple notification tools. For developers, system administrators, and everyone can push notifications with API.
Distributed simple and robust release management and monitoring system.
Agente Distributed simple and robust release management and monitoring system. **This project on going work. Road map Core system First worker agent M
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.
Introduction Microsoft Application Inspector is a software source code characterization tool that helps identify coding features of first or third par
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
Naabu is a port scanning tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really simple to
Dear ImGui: Bloat-free Graphical User interface for C++ with minimal dependencies
Dear ImGui (This library is available under a free and permissive license, but needs financial support to sustain its continued improvements. In addit
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Not Yet Another Password Manager written in Go using libsodium
secrets Secure and simple passwords manager written in Go. It aims to be NYAPM (Not Yet Another Password Manager), but tries to be different from othe
The power of curl, the ease of use of httpie.
Curlie If you like the interface of HTTPie but miss the features of curl, curlie is what you are searching for. Curlie is a frontend to curl that adds
Gos: Armed Golang 💪 ( solutions for go module, goproxy, cross compilation, etc.)
The current gos is still an alpha version, welcome more heroes to comment and improve it 🍓 , you can add more commands to it, or modify something to make it perform better.
Inspr is an application mesh for simple, fast and secure development of distributed applications.
Inspr is an engine for running distributed applications, using multiple communication patterns such as pub sub and more, focused on type consistency a
The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.
AWS Service Enumeration Disclaimer The tool is in beta stage (testing in progress), no destructive API Calls used ( read only actions ). I hope, there
gqlanalysis makes easy to develop static analysis tools for GraphQL in Go.
gqlanalysis gqlanalysis defines the interface between a modular static analysis for GraphQL in Go. gqlanalysis is inspired by go/analysis. gqlanalysis
gqlanalysis makes easy to develop static analysis tools for GraphQL in Go.
gqlanalysis gqlanalysis defines the interface between a modular static analysis for GraphQL in Go. gqlanalysis is inspired by go/analysis. gqlanalysis
Go version manager. Super simple tool to install and manage Go versions. Install go without root. Gobrew doesn't require shell rehash.
gobrew Go version manager Install or update With curl $ curl -sLk https://git.io/gobrew | sh - or with go $ go get -u github.com/kevincobain2000/gobre
🌍 📋 A web dashboard to inspect Terraform States
🌍 📋 A web dashboard to inspect Terraform States
Realize is the #1 Golang Task Runner which enhance your workflow by automating the most common tasks and using the best performing Golang live reloading.
#1 Golang live reload and task runner Content - ⭐️ Top Features - 💃🏻 Get started - 📄 Config sample - 📚 Commands List - 🛠 Support and Suggestions
Validates your Go installation and dependencies.
govalidate Validates your Go installation and dependencies. Checks the Go installation and version. Checks if the PATH is correctly configured. Checks
'go test' runner with output optimized for humans, JUnit XML for CI integration, and a summary of the test results.
gotestsum gotestsum runs tests using go test --json, prints formatted test output, and a summary of the test run. It is designed to work well for both
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Vuls: VULnerability Scanner Vulnerability scanner for Linux/FreeBSD, agent-less, written in Go. We have a slack team. Join slack team Twitter: @vuls_e
Go compiler for small places. Microcontrollers, WebAssembly, and command-line tools. Based on LLVM.
TinyGo - Go compiler for small places TinyGo is a Go compiler intended for use in small places such as microcontrollers, WebAssembly (Wasm), and comma
A directory of hardware related libs, tools, and tutorials for Go
Go + hardware This repo is a directory of tools, packages and tutorials to let you introduce Go in your hardware projects. Why Go? Go can target platf
Go tool to wrap and fix errors with the new %w verb directive
errwrap Wrap and fix Go errors with the new %w verb directive. This tool analyzes fmt.Errorf() calls and reports calls that contain a verb directive t
Go (Golang) Fake Data Generator for Struct
Docs faker Struct Data Fake Generator Faker will generate you a fake data based on your Struct. Index Support Getting Started Example Limitation Contr
Automatically generate Go test boilerplate from your source code.
gotests gotests makes writing Go tests easy. It's a Golang commandline tool that generates table driven tests based on its target source files' functi
Go testing in the browser. Integrates with `go test`. Write behavioral tests in Go.
GoConvey is awesome Go testing Welcome to GoConvey, a yummy Go testing tool for gophers. Works with go test. Use it in the terminal or browser accordi
A tool to list and diagnose Go processes currently running on your system
gops gops is a command to list and diagnose Go processes currently running on your system. $ gops 983 980 uplink-soecks go1.9 /usr/local/bin/u
A report card for your Go application
Go Report Card A web application that generates a report on the quality of an open source go project. It uses several measures, including gofmt, go ve
Coca is a toolbox which is design for legacy system refactoring and analysis, includes call graph, concept analysis, api tree, design patterns suggest. Coca 是一个用于系统重构、系统迁移和系统分析的瑞士军刀。它可以分析代码中的测试坏味道、模块化分析、行数统计、分析调用与依赖、Git 分析以及自动化重构等。
Coca - toolbox for system refactoring and analysis Coca is a toolbox which is design for legacy system refactoring and analysis, includes call graph,