354 Resources
Golang security-automation Libraries
CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.
depsdev CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security sig
AI-Powered Code Reviews for Best Practices & Security Issues Across Languages
AI-CodeWise 🦉 AI-Powered Code Reviews for Best Practices & Security Issues Across Languages AI-CodeWise GitHub Action: Your AI-powered Code Reviewer!
A Flask-based HTTP(S) command and control (C2) framework with a web frontend. Malleable agents written in Go and scripts written in bash.
▄▄▄▄ ██▓ █████▒██▀███ ▒█████ ██████ ▄▄▄█████▓ ▓█████▄ ▓██▒▓██ ▒▓██ ▒ ██▒▒██▒ ██▒▒██ ▒ ▓ ██▒ ▓▒ ▒██▒ ▄██▒██▒▒████ ░▓██ ░▄█ ▒▒██░ ██▒░
Zinc Search engine. A lightweight alternative to elasticsearch that requires minimal resources, written in Go.
Zinc Search Engine Zinc is a search engine that does full text indexing. It is a lightweight alternative to Elasticsearch and runs using a fraction of
Kubernetes Operator Samples using Go, the Operator SDK and OLM
Kubernetes Operator Patterns and Best Practises This project contains Kubernetes operator samples that demonstrate best practices how to develop opera
Substation is a cloud native toolkit for building modular ingest, transform, and load (ITL) data pipelines
Substation Substation is a cloud native data pipeline toolkit. What is Substation? Substation is a modular ingest, transform, load (ITL) application f
Gopherscript is a secure and minimal scripting language written in Go.
Gopherscript Gopherscript is a secure scripting/configuration language written in Go. It features a fined-grain permission system and enforces a stron
A collection of cloud security icons :cloud::lock:
Cloud Security Icons These icons are published under the extremely permissive Creative Commons Zero v1.0 Universal license. Downloads We provide all i
A CLI tool that can be used to disrupt wireless connectivity in your area by jamming all the wireless devices connected to multiple access points.
sig-716i A CLI tool written in Go that can be used to disrupt wireless connectivity in the area accessible to your wireless interface. This tool scans
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
Open Source API Firewall API Firewall is a high-performance proxy with API request and response validation based on OpenAPI/Swagger schema. It is desi
A really smart bot that connects with your email, discord, telegram and gitlab
SmarttyBot The smartest multiplatform bot SmarttyBot is a multiplatform bot that uses natural language to execute functions using discord, telegram, e
Wau helps you find apps where target email is registered.
Where are you ? 🧐 wau helps you find apps where target email is registered. wau takes less than 2 seconds! wau can be executed through a Command Line
“Dear Port80” is a zero-config TCP proxy server that hides SSH connection behind a HTTP server!
Dear Port80 About The Project: “Dear Port80” is a zero-config TCP proxy server that hides SSH connection behind a HTTP server! +---------------------
Breaking Cloud Native Web APIs in their natural habitat.
cnfuzz - Cloud Native Web API Fuzzer "Breaking Cloud Native Web APIs in their natural habitat." Fuzzing web APIs in their fully converged Cloud Native
⛓ The security layer for the KYVE protocol.
The KYVE Chain v0.2.0 The chain nodes are the backbone of KYVE. The chain layer is a completely sovereign Proof of Stake blockchain build with Cosmos
Gologin is Golang (Go) login manager working with RDBMS Databases
What is Gologin Gologin is an easy to setup professional login manager for Go web applications. It helps you protect your application resources from u
CetusGuard is a tool that allows to protect the Docker daemon socket by filtering the calls to its API endpoints.
CetusGuard CetusGuard is a tool that allows to protect the Docker daemon socket by filtering the calls to its API endpoints. Some highlights: It is wr
Golang distributed Slowloris attack 🦥
slowloris - Golang distributed Slowloris attack How it works Read the article 🦷 How to protect from it TBD Installation Run go install github.com/its
Use Terraform to build and deploy configurations for Juniper SRX firewalls.
Juniper Terraform - SRX Overview The goal of this project is to provide an example method to interact with Juniper SRX products with Terraform. 📋 Ter
APKrash is an Android APK security analysis toolkit focused on comparing APKs to detect tampering and repackaging.
APKrash APKrash is an Android APK security analysis toolkit focused on comparing APKs to detect tampering and repackaging. Features Able to analyze pu
VaultOperator provides a CRD to interact securely and indirectly with secrets stored in Hashicorp Vault.
vault-operator The vault-operator provides several CRDs to interact securely and indirectly with secrets. Details Currently only stage 1 is implemente
Terraform-house - Golang Based terraform automation example using tf.json
Terraform House Manage your own terraform workflow using go language, with the b
Nmapservices - Most common ports with golang
Sample use package main import ( "fmt" "log" "github.com/jreisinger/nmapser
MemerBreaker - An Advanced, Intellectual DankMemer Automation Bot
Memer Breaker Join Our Community Server! & Join Our Suppport Discord! Have any q
Godbolt console wrapper for easily execute local file without any security risk and compiler.
Godbolt CLI Godbolt console wrapper for easily execute local file without any security risk and compiler. Install Compile the source code and add to y
CLi tools helping to forge HTTP smuggling attack and others
HTTPCustomHouse CLi tools helping to forge HTTP smuggling attack and others (httpcustomhouse) Analyze smuggled request without interacting with remote
GONET-Scanner - Golang network scanner with arp discovery and own parser
GO/NET Scanner ScreenShots Install chmod +x install.sh ./install.sh [as root] U
step-ca is an online certificate authority for secure, automated certificate management.
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Elektra-Auto-Checkout - Utilities to assist in checkout automation of various commercial and retail sites
Elektra About This Project Elektra is designed to automate the process of invent
🍷 Find exploits and vulnerabilities in the most important databases.
🍷 Dionisio Dionisio is a tool that can automate the search for exploits and vulnerabilities. Written in Go and open source, Dionisio has an advanced
ide-gen is a tool for development workspace prepare automation by automatic VCS repositories discovery and clone and project generation for supported IDEs.
ide-gen is a tool for development workspace prepare automation by automatic VCS repositories discovery and clone and project generation for supported IDEs.
Sbom-operator - Catalogue all images of a Kubernetes cluster to multiple targets with Syft
sbom-operator Catalogue all images of a Kubernetes cluster to multiple targets w
Hashkill - A fast hash decryptor with golang
Hashkill ♻️ Changelog v0.2 Added timing Fixed running, the program breaks if all
Stratus-red-team - Granular, Actionable Adversary Emulation for the Cloud
Stratus Red team Stratus Red Team is "Atomic Red Team™" for the cloud, allowing
Pwnkit-go - Exploit for the PwnKit vulnerability, CVE-2021-4034, written in Go
Pwnkit-go This is a working exploit for the pwnkit vulnerability, CVE-2021-4034,
A Telegram bot that feeds you every hour with the latest news about Hacking, FOSS, privacy, security, etc
HackerNews Telegram bot - Golang version A Telegram bot that serves you with personalized HackerNews articles. You can self host it and make it filter
wholeaked is a file-sharing tool that allows you to find the responsible person in case of a leakage
wholeaked is a file-sharing tool that allows you to find the responsible person in case of a leakage
Web-Security-Academy - Web Security Academy, developed in GO
Web-Security-Academy - Web Security Academy, developed in GO
Shfz - Scenario-based fuzzing test execution tool for web applications
shfz A scenario-based web application fuzzng tool that supports fuzz generation
Savoir - A tool to perform tasks during internal security assessment
Savoir Savoir is a tool to perform tasks during internal security assessment. Th
Velociraptor - Endpoint visibility and collection tool.
Velociraptor - Endpoint visibility and collection tool. Velociraptor is a tool for collecting host based state information using The Velociraptor Quer
Wake-On-LAN Server for Home Automation
Wake-On-LAN Server for Home Automation This project builds a simple docker container that runs a webserver that allows you to send a wake-on-lan magic
Authentication Plugin for implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0, SAML Authentication
Authentication Plugin for implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0, SAML Authentication
Larry 🐦 is a really simple Twitter bot generator that tweets random repositories from Github built in Go
Larry 🐦 Larry is a Golang cli bot that tweets random Github repositories. Disclaimer I hold no liability for what you do with this bot or what happen
Volana - Shell command obfuscation to avoid detection systems
volana (moon in malagasy) { Use it ; 🌚(hide from); 🌞(detected by) } Shell comm
A terminal designed for anyone to use and designed for any platform
A terminal designed for anyone to use and designed for any platform. Which includes the basic features of any terminal and includes friendly commands to perform tools such as ping, traceroute, generate key pairs, encrypt/decrypt, router security actions, etc. All of the source code is done in Go.
Integrate Snyk into Harbor
Harbor Snyk Scanner Harbor Snyk Scanner is a scanner adaptor for Harbor to integrate scan results from Snyk. The project is currently work in progress
OpenSCA is a Software Composition Analysis (SCA) solution that supports detection of open source component dependencies and vulnerabilities.
OpenSCA-Cli 项目介绍 OpenSCA 用来扫描项目的第三方组件依赖及漏洞信息。 下载安装 从 releases 下载对应系统架构的可执行文件压缩包 或者下载源码编译(需要 go 1.11 及以上版本) git clone https://github.com/XmirrorSecurit
Developer machine management for Linux/OSX. Think Terraform for your dotfiles
Developer machine management for Linux/OSX. Think Terraform/Ansible for your dotfiles/packages! :gear::house:
Scout is a standalone open source software solution for DIY video security.
scout Scout is a standalone open source software solution for DIY video security. https://www.jonoton-innovation.com Features No monthly fees! Easy In
Hexa is the open-source, standards-based policy orchestration software for multi-cloud and hybrid businesses.
Hexa Policy Orchestrator Hexa is the open-source, standards-based policy orchestration software for multi-cloud and hybrid businesses. The Hexa projec
🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URL and Role.
Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URL and Role. URLs and Roles are managed as YAML-based
QR secrets is a cryptographically secure mechanism to store secret data with the highest levels of security and store it on physical paper.
QR Secrets QR secrets is a cryptographically secure mechanism to store secret data with the highest levels of security. Incorporating; AES256-GCM-HKDF
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
Tink A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. https:/
List your dependencies capabilities and monitor if updates require more capabilities.
A take on supply chain security in Go List your dependencies capabilities and monitor if dependency updates require more capabilities. The Problem Rec
Passive DNS Capture/Monitoring Framework
Table of Contents DNS Monster Main features Installation Linux Container Build Manually Build Statically Windows FreeBSD and MacOS Architecture AIO In
garlicshare is an open source tool that lets you securely and anonymously share files on a hosted onion service using the Tor network.
garlicshare is an open source tool that lets you securely and anonymously share files on a hosted onion service using the Tor network.
Light weight cross-platform test automation
Welcome to Gauge Gauge is a light weight cross-platform test automation tool. It provides the ability to author test cases in the business language. G
Cert bound sts server - Certificate Bound Tokens using Security Token Exchange Server (STS)
Certificate Bound Tokens using Security Token Exchange Server (STS) Sample demonstration of Certificate Bound Tokens acquired from a Security Token Ex
Monero: the secure, private, untraceable cryptocurrency
Monero Copyright (c) 2014-2021 The Monero Project. Portions Copyright (c) 2012-2013 The Cryptonote developers. Table of Contents Development resources
OpenZeppelin Contracts is a library for secure smart contract development.
A library for secure smart contract development. Build on a solid foundation of community-vetted code. Implementations of standards like ERC20 and ERC
A guide to smart contract security best practices
Smart Contract Security Best Practices Visit the documentation site: https://consensys.github.io/smart-contract-best-practices/ Read the docs in Chine
A plugin for Hashicorp Vault to create ephemeral users and API tokens for Jenkins CI
vault-plugin-secrets-jenkins This is a backend plugin to be used with Hashicorp Vault. This plugin generates ephemeral Jenkins Users and API tokens. v
A software supply chain security inspection tool.
README.md murphysec 一款专注于软件供应链安全的开源工具,包含开源组件依赖分析、漏洞检测及漏洞修复等功能。 安装 macOS 使用Homebrew安装 // TODO Windows 使用scoop安装 scoop bucket add murphysec https://gith
Go library providing simple and secure password management
Passhash passhash addresses the dismal state of password management in Go by offering easy-to-use APIs to manage credentials (e.g. password hashes) No
Multitenancy in Postgres with Go using Row Level Security (RLS)
tenancy A Go library for multitenancy in Postgres using Row Level Security (RLS). Usage Tenancy as a connection pool. By default, tenancy.Open() begin
🔥 🔥 Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more. 🔥 🔥
CVE-2021-44228 Log4J Vulnerability can be detected at runtime and attack paths can be visualized by ThreatMapper. Live demo of Log4J Vulnerability her
A very small, very simple, yet very secure encryption tool.
English | Français | Español | Deutsch | Português | Türkçe | 中文 | русский Picocrypt is a very small (hence Pico), very simple, yet very secure encryp
Drone is a Container-Native, Continuous Delivery Platform
Drone Welcome to the Drone codebase, we are thrilled to have you here! What is Drone? Drone is a continuous delivery system built on container technol
Yet another log4j vulnerability scanner
k-amon-k - Yet another log4j scanner Quick-n-Dirty installation Assuming you hav
Secure SDK/vault for personal records/PII built to comply with GDPR
Databunker Databunker is a network-based, self-hosted, GDPR compliant, secure vault for personal data or PII: https://databunker.org/ Project demo is
SMTP (email) server with a focus on simplicity, security, and ease of operation [mirror]
chasquid chasquid is an SMTP (email) server with a focus on simplicity, security, and ease of operation. It is designed mainly for individuals and sma
👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stowaway English Stowaway是一个利用go语言编写、专为渗透测试工作者制作的多级代理工具 用户可使用此程序将外部流量通过多个节点代理至内网,突破内网访问限制,构造树状节点网络,并轻松实现管理功能 PS:谢谢大家的star,同时欢迎大家使用后提出问题&&Bug 😘 。 PPS:
The Bhojpur.NET Platform automates the provisioning of ready-to-use Network, Security, and IT applications
Bhojpur.NET Platform The Bhojpur.NET Platform automates the provisioning of ready-to-use Network, Security, and IT applications Learn more 👉 The Bhoj
⛑ Gatus - Automated service health dashboard
Gatus is a health dashboard that gives you the ability to monitor your services using HTTP, ICMP, TCP, and even DNS queries as well as evaluate the re
Security research and open source implementation of the Apple 'Wireless Accessory Configuration' (WAC) protocol
Apple 'Wireless Accessory Configuration' (WAC) research Introduction This repository contains some research on how the WAC protocol works. I was mostl
Super simple deployment tool
Dropship Dropship is a simple tool for installing and updating artifacts from a CDN. Features Automatically performs md5sum checks of artifact that is
Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policies for your application resources.
Painless access control for cloud-native applications Cerbos helps you super-charge your authorization implementation by writing context-aware access
Handle Web Authentication for Go apps that wish to implement a passwordless solution for users
WebAuthn Library This library is meant to handle Web Authentication for Go apps that wish to implement a passwordless solution for users. While the sp
Memory modification tool for re-signed ipa supports iOS apps running on iPhone and Apple Silicon Mac without jailbreaking.
ipa-medit Ipa-medit is a memory search and patch tool for resigned ipa without jailbreaking. It supports iOS apps running on iPhone and Apple Silicon
Guardian is a tool for extensible and universal data access with automated access workflows and security controls across data stores, analytical systems, and cloud products.
Guardian Guardian is a data access management tool. It manages resources from various data providers along with the users’ access. Users required to r
sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
sgCheckup - Check your Security Groups for Unexpected Open Ports & Generate nmap Output sgCheckup is a tool to scan your AWS Security Groups for a com
Automated changelog tool for preparing releases with lots of customization options
Changie Separate your changelog from commit messages without conflicts. Features File based changelog management keeps your commit history and release
Git watchdog will scan your public repository and find out the vulnerabilities
Dependencies Docker Go 1.17 MySQL 8.0.25 Bootstrap Run chmod +x start.sh if start.sh script does not have privileged to run Run ./start.sh --bootstrap
Catalyst is an incident response platform / SOAR (Security Orchestration, Automation and Response) system.
Catalyst Speed up your reactions Website - The Catalyst Handbook (Documentation) - Try online (user: bob, password: bob) Catalyst is an incident respo
Sync tags in your git repository and a changelog in Keep a Changelog format with releases of your GitLab project.
Automatic GitLab releases Sync tags in your git repository and a changelog in Keep a Changelog format with releases of your GitLab project. Features:
A password manager as a CLI, where you can use a master password to retrieve a specified password and store it in your clipboard
Password manager Description CLI to store and retrieve passwords. The retrieved password will be stored on your clipboard! Usage 1.Start with Go go ru
Simple local scanner for vulnerable log4j instances
Simple local log4j vulnerability scanner (Written in Go because, you know, "write once, run anywhere.") This is a simple tool that can be used to find
A standalone exporter for vulnerability reports and other CRs created by Starboard.
starboard-exporter Exposes Prometheus metrics from Starboard's VulnerabilityReport custom resources (CRs). Metrics This exporter exposes two types of
GoSDDL converter
GoSDDL (Security Descriptor Definition Language) Converter from SDDL-string to user-friendly JSON. SDDL consist of four part: Owner, Primary Group, DA
A Go implementation of in-toto. in-toto is a framework to protect software supply chain integrity.
In-toto Go implementation Go implementation of the in-toto Python reference implementation. Docs To read the documentation along with some examples, r
Gitscanner is used to perform a variety of security checks against Git repositories and is expandable. Feel free to add your own checks.
Git Repository security checker This is a fast Go implementation to check Git repositories (local or remote) for some common security issues. It relie
Pure Golang implementation of server-side ECMR exchange functionality (Tang server)
Tang.go Tang.go pure-go library that implement server side of ECMR key exchange. It functionally similar to Tang project. The library also provides a
Validate the Strength of a Password in Go
go-password-validator Simple password validator using raw entropy values. Hit the project with a star if you find it useful ⭐ Supported by Qvault This
beego framework filter for easy security headers management
beego-security-headers beego-security-headers is a beego framework filter which allows HTTP response security headers to be easily managed on applicat
Go HTTP Strict Transport Security library
HTTP Strict Transport Security (HSTS) http RoundTripper implementing HTTP Strict Transport Security (RFC 6797) with sites preloaded from Chromium usin
Find which of your go lang direct GitHub dependencies is susceptible to ChainJacking attack
ChainJacking is a tool to find which of your Go lang direct GitHub dependencies is susceptible to ChainJacking attack. Read more about it here Require
Simple Golang HTTPS/TLS Examples
Generate private key (.key) # Key considerations for algorithm "RSA" ≥ 2048-bit openssl genrsa -out server.key 2048 # Key considerations for algorith
Golang for Security Professionals
Hacking with Go This is my attempt at filling the gap in Go security tooling. When starting to learn Go, I learned from a lot of tutorials but I could
A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157.
PewSWITCH A FreeSWITCH specific scanning and exploitation toolkit for CVE-2021-37624 and CVE-2021-41157. Related blog: https://0xinfection.github.io/p