590 Resources
Golang security-tools Libraries
CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.
depsdev CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security sig
AI-Powered Code Reviews for Best Practices & Security Issues Across Languages
AI-CodeWise ๐ฆ AI-Powered Code Reviews for Best Practices & Security Issues Across Languages AI-CodeWise GitHub Action: Your AI-powered Code Reviewer!
A Flask-based HTTP(S) command and control (C2) framework with a web frontend. Malleable agents written in Go and scripts written in bash.
โโโโ โโโ โโโโโโโโโโโโ โโโโโโ โโโโโโ โโโโโโโโโ โโโโโโโ โโโโโโโ โโโโ โ โโโโโโโ โโโโโโ โ โ โโโ โโ โโโโ โโโโโโโโโโโโ โโโโ โโโ โโโโโ โโโโ
Zinc Search engine. A lightweight alternative to elasticsearch that requires minimal resources, written in Go.
Zinc Search Engine Zinc is a search engine that does full text indexing. It is a lightweight alternative to Elasticsearch and runs using a fraction of
Substation is a cloud native toolkit for building modular ingest, transform, and load (ITL) data pipelines
Substation Substation is a cloud native data pipeline toolkit. What is Substation? Substation is a modular ingest, transform, load (ITL) application f
Cloud IP address ranges lookup tool + DNS subdomain enumeration + Certificate Transparency
Cloud edge Lookup an IP to find the cloud provider and other details based on the provider's published JSON data Cloud edge is a recon tool focused on
Gopherscript is a secure and minimal scripting language written in Go.
Gopherscript Gopherscript is a secure scripting/configuration language written in Go. It features a fined-grain permission system and enforces a stron
Active Directory & Red-Team Cheat-Sheet in constant expansion.
This AD attacks CheatSheet, made by RistBS is inspired by the Active-Directory-Exploitation-Cheat-Sheet repo. Edit : Thanks for 100 stars :D it is the
A download tools for clawing the ebooks from internets.
bookhunter Downloading books from talebook, www.sanqiu.cc This is totally rewrite fork compare to its original version. Development Go Releaser is use
A collection of cloud security icons :cloud::lock:
Cloud Security Icons These icons are published under the extremely permissive Creative Commons Zero v1.0 Universal license. Downloads We provide all i
A CLI tool that can be used to disrupt wireless connectivity in your area by jamming all the wireless devices connected to multiple access points.
sig-716i A CLI tool written in Go that can be used to disrupt wireless connectivity in the area accessible to your wireless interface. This tool scans
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
Open Source API Firewall API Firewall is a high-performance proxy with API request and response validation based on OpenAPI/Swagger schema. It is desi
Miller is like awk, sed, cut, join, and sort for name-indexed data such as CSV, TSV, and tabular JSON
What is Miller? Miller is like awk, sed, cut, join, and sort for data formats such as CSV, TSV, JSON, JSON Lines, and positionally-indexed. What can M
This is a tool to interact with Apigee APIs. The tool lets you manage (create, del, get, list) environments, proxies, etc.
apigeecli This is a tool to interact with Apigee APIs for Apigee hybrid and Apigee's managed offering. The tool lets you manage (Create,Get, List, Upd
๐ ๏ธ Terminal tools, written from scratch.
๐ ๏ธ tools My blog post: Beating grep with Go A bag of toys. A project to take ownership over the terminal tools I use every day. Projects grup (grep)
โDear Port80โ is a zero-config TCP proxy server that hides SSH connection behind a HTTP server!
Dear Port80 About The Project: โDear Port80โ is a zero-config TCP proxy server that hides SSH connection behind a HTTP server! +---------------------
Breaking Cloud Native Web APIs in their natural habitat.
cnfuzz - Cloud Native Web API Fuzzer "Breaking Cloud Native Web APIs in their natural habitat." Fuzzing web APIs in their fully converged Cloud Native
โ The security layer for the KYVE protocol.
The KYVE Chain v0.2.0 The chain nodes are the backbone of KYVE. The chain layer is a completely sovereign Proof of Stake blockchain build with Cosmos
Gologin is Golang (Go) login manager working with RDBMS Databases
What is Gologin Gologin is an easy to setup professional login manager for Go web applications. It helps you protect your application resources from u
Tools for the Gio project, most notably gogio for packaging Gio programs
Gio Tools Tools for the Gio project, most notably gogio for packaging Gio programs. Issues File bugs and TODOs through the issue tracker or send an em
CetusGuard is a tool that allows to protect the Docker daemon socket by filtering the calls to its API endpoints.
CetusGuard CetusGuard is a tool that allows to protect the Docker daemon socket by filtering the calls to its API endpoints. Some highlights: It is wr
๐ง Visual Data Preparation (VDP) is an open-source tool to seamlessly integrate Vision AI with the modern data stack
Website | Community | Blog Get Early Access Visual Data Preparation (VDP) is an open-source tool to streamline the end-to-end visual data processing p
Tools for exploring OpenVG
Testbed for exploring OpenVG on the Raspberry Pi. First program Here is the graphics equivalent of "hello, world" // first OpenVG program // Anthony S
Generic-based collection tools
go-collection go collection is a tool implemented using generic, it can help you process slice/map data quickly and easily convert between them. Note:
Golang distributed Slowloris attack ๐ฆฅ
slowloris - Golang distributed Slowloris attack How it works Read the article ๐ฆท How to protect from it TBD Installation Run go install github.com/its
APKrash is an Android APK security analysis toolkit focused on comparing APKs to detect tampering and repackaging.
APKrash APKrash is an Android APK security analysis toolkit focused on comparing APKs to detect tampering and repackaging. Features Able to analyze pu
VaultOperator provides a CRD to interact securely and indirectly with secrets stored in Hashicorp Vault.
vault-operator The vault-operator provides several CRDs to interact securely and indirectly with secrets. Details Currently only stage 1 is implemente
A simple port forward tools build on libp2p with holepunch support.
p2p-tun A simple port forward and tun2socks tools build on libp2p with holepunch support. Usage NAME: p2p-tun - port forward and tun2socks through
Command line tools for usedevbook.com
dbk dbk is a command-line tool (CLI) for usedevbook.com. It allows you to build and push custom environments for Devbook VMs. You can then launch Devb
Mgosniff: MongoDB Wire Protocol Analysis Tools
mgosniff - MongoDB Wire Protocol Analysis Tools Reference: MongoDB Wire Protocol
Hntoebook - Converts the best HN stories to .mobi format to be read using an e-reader
HN to E-Book What? This program converts the best HN stories to .mobi format to
Harbormaster - Toolkit for automating the creation & mgmt of Docker components and tools
My development environment is MacOS with an M1 chip and I mostly develop for lin
FizzBuzz: A ready-to-use console application that provides tools to format output with conditions
FizzBuzz FizzBuzz is a ready-to-use console application that provides tools to f
Migration - Commonly used migration tools
Migration Commonly used migration tools Usage package main import ( "context"
Migration - Commonly used migration tools
Migration Commonly used migration tools Usage package main import ( "context"
Nmapservices - Most common ports with golang
Sample use package main import ( "fmt" "log" "github.com/jreisinger/nmapser
K8s - A Collection of tools, hands-on walkthroughs with source code
The Ultimate Engineer Toolbox ๐จ ๐ง A Collection of tools, hands-on walkthroughs
Some useful tools to help manage attachments in my local markdown projects.
Some useful tools to help manage attachments in my local markdown projects.
Froggit-Go is a Go library, allowing to perform actions on VCS providers
Froggit-Go is a Go library, allowing to perform actions on VCS providers. Currently supported providers are: GitHub, Bitbucket Server, Bitbucket Cloud, and GitLab.
Trzsz-go - A simple file transfer tools, similar to lrzsz ( rz / sz ), and compatible with tmux
Trzsz-go - A simple file transfer tools, similar to lrzsz ( rz / sz ), and compatible with tmux
Godbolt console wrapper for easily execute local file without any security risk and compiler.
Godbolt CLI Godbolt console wrapper for easily execute local file without any security risk and compiler. Install Compile the source code and add to y
Proto-find is a tool for researchers that lets you find client side prototype pollution vulnerability.
proto-find proto-find is a tool for researchers that lets you find client side prototype pollution vulnerability. How it works proto-find open URL in
MadeiraMadeira boilerplate project to build scalable, testable and high performance Go microservices.
MadeiraMadeira boilerplate project to build scalable, testable and high performance Go microservices.
CLi tools helping to forge HTTP smuggling attack and others
HTTPCustomHouse CLi tools helping to forge HTTP smuggling attack and others (httpcustomhouse) Analyze smuggled request without interacting with remote
Set of scripts & tools for converting between numbers and major system encoded words.
major-system-converter Set of scripts & tools for converting between numbers and major system encoded words. Uses phonetics instead of letters to conv
Tools for authoring and serving codelabs
Tools for authoring and serving codelabs Codelabs are interactive instructional
Isaac Gazimbe - DevOps Golang Tools
Isaac Gazimbe - DevOps Golang Tools git.io/go-tools DevOps Golang Tools All programs have --help to list the available options. See Also: DevOps Bash
GONET-Scanner - Golang network scanner with arp discovery and own parser
GO/NET Scanner ScreenShots Install chmod +x install.sh ./install.sh [as root] U
step-ca is an online certificate authority for secure, automated certificate management.
๐ก๏ธ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Simple Tools to help manage non-production Kubernetes Clusters
SecondMate.io A tool to help your nonProduction Kubernetes Clusters running clean. The goal of this tool is to add some features to non production clu
A Target Tracking , NoteTaking , CheckLists and Data Management GUI App for Bug Hunter's and Pentesters.
Screenshots Features โข Installation โข Usage โข Features โข Notes โข Sandman A Target Tracking , NoteTaking , CheckLists and Data Management GUI App for B
FabricPing: Network tools for service fabric
FabricPing Network debugging tools for Service Fabric Install Windows powershell
Go package providing opinionated tools and methods for working with the `aws-sdk-go/service/cloudfront` package.
go-aws-cloudfront Go package providing opinionated tools and methods for working with the aws-sdk-go/service/cloudfront package. Documentation Tools $
Linux provisioning scripts + application deployment tools. Suitable for self-hosting and hobby-scale application deployments.
Apollo Linux provisioning scripts + application deployment tools. Suitable for self-hosting and hobby-scale application deployments. Philosophy Linux-
๐ท Find exploits and vulnerabilities in the most important databases.
๐ท Dionisio Dionisio is a tool that can automate the search for exploits and vulnerabilities. Written in Go and open source, Dionisio has an advanced
The wazuh-integratord is a daemon that allows Wazuh to connect to external APIs and alerting tools such as Slack, VirusTotal and PagerDuty.
The wazuh-integratord is a daemon that allows Wazuh to connect to external APIs and alerting tools such as Slack, VirusTotal and PagerDuty.
Sbom-operator - Catalogue all images of a Kubernetes cluster to multiple targets with Syft
sbom-operator Catalogue all images of a Kubernetes cluster to multiple targets w
Hashkill - A fast hash decryptor with golang
Hashkill โป๏ธ Changelog v0.2 Added timing Fixed running, the program breaks if all
Various Dungeons and Dragons Tools. Written in go as an aid to learning the language.
dnd_tools Various Dungeons and Dragons Tools. Written in go as an aid to learning the language. Some tools are generic, while others will target eithe
Stratus-red-team - Granular, Actionable Adversary Emulation for the Cloud
Stratus Red team Stratus Red Team is "Atomic Red Teamโข" for the cloud, allowing
Pwnkit-go - Exploit for the PwnKit vulnerability, CVE-2021-4034, written in Go
Pwnkit-go This is a working exploit for the pwnkit vulnerability, CVE-2021-4034,
A Telegram bot that feeds you every hour with the latest news about Hacking, FOSS, privacy, security, etc
HackerNews Telegram bot - Golang version A Telegram bot that serves you with personalized HackerNews articles. You can self host it and make it filter
wholeaked is a file-sharing tool that allows you to find the responsible person in case of a leakage
wholeaked is a file-sharing tool that allows you to find the responsible person in case of a leakage
Web-Security-Academy - Web Security Academy, developed in GO
Web-Security-Academy - Web Security Academy, developed in GO
An interactive menu for Magisk's module installer with tools to alter Android
JD's Toolbox I'll update this with some details later, just getting the source code out for now... LICENSE The source code for JD's Toolbox is release
Shfz - Scenario-based fuzzing test execution tool for web applications
shfz A scenario-based web application fuzzng tool that supports fuzz generation
cli tools for list all pages in logseq repo, marked with public or private
logseq-pages A cli tool for list all pages in logseq repo, marked with public or private. When I using logseq to build my knowledge base and publish p
Savoir - A tool to perform tasks during internal security assessment
Savoir Savoir is a tool to perform tasks during internal security assessment. Th
Gosfdc module - a collection of packages containing the data structures from the various Salesforce APIs and Tools
Gosfdc module - a collection of packages containing the data structures from the various Salesforce APIs and Tools
Velociraptor - Endpoint visibility and collection tool.
Velociraptor - Endpoint visibility and collection tool. Velociraptor is a tool for collecting host based state information using The Velociraptor Quer
Terminal application used for API testing
Easily create, manage and execute http requests from the terminal.
Authentication Plugin for implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0, SAML Authentication
Authentication Plugin for implementing Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0, SAML Authentication
This repository intends to have a set of tools to take advantage of features on the Burp Enterprise
This repository intends to have a set of tools to take advantage of features on the Burp Enterprise
PartyGateRDF - PartyGate tools for linked-data scientists
PartyGateRDF - PartyGate tools for linked-data scientists Introduction This is a data set containing references to information published by the media
Volana - Shell command obfuscation to avoid detection systems
volana (moon in malagasy) { Use it ; ๐(hide from); ๐(detected by) } Shell comm
Go-ipfs-cmds - Cmds offers tools for describing and calling commands both locally and remotely
Go-ipfs-cmds - Cmds offers tools for describing and calling commands both locally and remotely
A terminal designed for anyone to use and designed for any platform
A terminal designed for anyone to use and designed for any platform. Which includes the basic features of any terminal and includes friendly commands to perform tools such as ping, traceroute, generate key pairs, encrypt/decrypt, router security actions, etc. All of the source code is done in Go.
Fractional api base on golang . golang math tools fractional molecular denominator
fractional api base on golang . golang math tools fractional molecular denominator
Tools for parse JSON-like logs for collecting unique fields and events
parsefields Tool for parse JSON-like logs for collecting unique fields. Main purpose to collect JSON-data with typical events and fields it is useful
Playground about microservices Tools
Playground about microservices Tools Branches hello Hello Server using Kubernetes Cluster Requirements Docker Kind Kubectl load_balancer-(Docker-Compo
Integrate Snyk into Harbor
Harbor Snyk Scanner Harbor Snyk Scanner is a scanner adaptor for Harbor to integrate scan results from Snyk. The project is currently work in progress
The Babylon project is a re-creation of my original PBX network integration tools from the early 1990's, in go.
What is Babylon? The Babylon project is a re-creation of many of my original PBX network integration tools from the early 1990's, in go. Many of these
A small GoLang app which can bruteforce ssh credentials
A small GoLang app which can bruteforce ssh credentials, was used before for a ctf and is now optimized for future ctf events.
Hacker tools on Golang
Hacker tools on Go (Golang) I used examples from the books & materials: "Violent Python" TJ O'Connor; "Black Hat Python" Python Programming for Hacker
golang sshBruteforcer
sshBruteforcer A small GoLang app which can bruteforce ssh credentials, was used before for a ctf and is now optimized for future ctf events. Features
A simple shopping list that keeps track of a users shopping list using charm.sh tools
Terminal Shopping List This repo is a practise project for learning practical Go. I have chosen to use a toolset called Charm as it provides a rich se
OpenSCA is a Software Composition Analysis (SCA) solution that supports detection of open source component dependencies and vulnerabilities.
OpenSCA-Cli ้กน็ฎไป็ป OpenSCA ็จๆฅๆซๆ้กน็ฎ็็ฌฌไธๆน็ปไปถไพ่ตๅๆผๆดไฟกๆฏใ ไธ่ฝฝๅฎ่ฃ ไป releases ไธ่ฝฝๅฏนๅบ็ณป็ปๆถๆ็ๅฏๆง่กๆไปถๅ็ผฉๅ ๆ่ ไธ่ฝฝๆบ็ ็ผ่ฏ(้่ฆ go 1.11 ๅไปฅไธ็ๆฌ) git clone https://github.com/XmirrorSecurit
Tools - This subrepository holds the source for various packages and tools that support
Go Tools This subrepository holds the source for various packages and tools that
A collection of tools for Golang, focusing on concurrency and goroutines
A collection of tools for Golang, focusing on concurrency and goroutines
Scout is a standalone open source software solution for DIY video security.
scout Scout is a standalone open source software solution for DIY video security. https://www.jonoton-innovation.com Features No monthly fees! Easy In
Hexa is the open-source, standards-based policy orchestration software for multi-cloud and hybrid businesses.
Hexa Policy Orchestrator Hexa is the open-source, standards-based policy orchestration software for multi-cloud and hybrid businesses. The Hexa projec
๐ Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URL and Role.
Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URL and Role. URLs and Roles are managed as YAML-based
Pokemon Unite scoreboard HUD and extra tools running over captured game feeds using the OpenCV video processing API and Client/Server architecture.
unite Pokemon Unite scoreboard HUD and extra tools running over captured game feeds using the OpenCV video processing API. Client (OBS Live) Server Ar
A library containing useful functions for working with Go types.
Go Type Tools A library containing useful functions for working with Go types. Table of Contents Reasoning Examples Array Map Int String Usage License
fr quick download if i change os'
misc-tools buncha small scripts i wrote winevd shortens the wine virtual desktop command, only need to specify resolution. uses 640x480 by default bec
QR secrets is a cryptographically secure mechanism to store secret data with the highest levels of security and store it on physical paper.
QR Secrets QR secrets is a cryptographically secure mechanism to store secret data with the highest levels of security. Incorporating; AES256-GCM-HKDF
Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.
Tink A multi-language, cross-platform library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse. https:/
Optimized JSON for Go is a high performance parser with a variety of additional JSON tools
Optimized JSON for Go is a high performance parser with a variety of additional JSON tools. OjG is optimized to processing huge data sets where data d
A tiny debug logging tool. Ideal for CLI tools and command applications
A tiny debug logging tool. Ideal for CLI tools and command applications
List your dependencies capabilities and monitor if updates require more capabilities.
A take on supply chain security in Go List your dependencies capabilities and monitor if dependency updates require more capabilities. The Problem Rec