65 Resources
Golang tls Libraries
Fix Burp Suite's horrible TLS stack & spoof any browser fingerprint
Awesome TLS This extension hijacks Burp's HTTP and TLS stack to make it more powerful and less prone to fingerprinting by all kinds of WAFs. It does t
GO Simple Tunnel - a simple tunnel written in golang
GO Simple Tunnel GO语言实现的安全隧道 English README !!!V3版本已经可用,欢迎抢先体验!!! 特性 多端口监听 可设置转发代理,支持多级转发(代理链) 支持标准HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5代理协议 Web代理支持探测防御 支
Crypto-project - Personal project for learning TLS
crypto-project My personal attempt to implement this cipher suite using the Go l
step-ca is an online certificate authority for secure, automated certificate management.
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Http-server - A HTTP server and can be accessed via TLS and non-TLS mode
Application server.go runs a HTTP/HTTPS server on the port 9090. It gives you 4
Laptop Booking Application in Golang and gRPC, load-balancing with NGINX, and fully compatible with HTTPS OpenAPI v3
Laptop Booking Application in Golang and gRPC Goals GitHub CI & Coverage Badge Serialize protobuf messages Create laptop unary gRPC Search laptop Serv
A layer of abstraction the around acme/autocert certificate manager (Golang)
Simple Secure Server Prerequisites: Your server must be reachable through the provided domain name, this is how LetsEncrypt verifies domain ownership
MTLS - Golang mTLS example,mTLS using TLS do both side authentication & authorization
mTLS Golang Example mTLS Golang Example 1. What is mutual TLS (mTLS)? 2. How doe
MTLS - Golang mTLS example,mTLS using TLS do both side authentication & authorization
mTLS Golang Example mTLS Golang Example 1. What is mutual TLS (mTLS)? 2. How doe
Order TLS certificates using ACME TLS-ALPN-01
Order TLS certificates using ACME TLS-ALPN-01
A Golang localhost TLS Server for testing Mutual Authentication (A.K.A Client-Side Authentication)
goMutualAuthServer goMutualAuthServer implements a localhost TLS server in Golang, which can be used to perform Mutual Authentication (A.K.A Client-Si
Acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)
acmetool is an easy-to-use command line tool for automatically acquiring certificates from ACME servers (such as Let's Encrypt). Designed to flexibly integrate into your webserver setup to enable automatic verification. Unlike the official Let's Encrypt client, this doesn't modify your web server configuration.
Monitors the expiry time of tls certificates and exports prometheus metrics
Certificate Monitor Monitors the expiry time of tls certificates and exports prometheus metrics. Target domains can be automatically discovered via in
Spoof TLS/JA3 fingerprints in GO and Javascript
Currently a WIP and under active development. See the Projects Tab for more info More documentation coming soon, Changelog provided as well For any fe
VPN client in a thin Docker container for multiple VPN providers, written in Go
VPN client in a thin Docker container for multiple VPN providers, written in Go, and using OpenVPN or Wireguard, DNS over TLS, with a few proxy servers built-in.
minimal implementation of secured encrypted tcp/ip connection without tls / ssl.
go-secure-transport Demo implementation of secured encrypted TCP connection without TLS / SSL. See ./example for server & client using the transport t
Simple Golang HTTPS/TLS Examples
Generate private key (.key) # Key considerations for algorithm "RSA" ≥ 2048-bit openssl genrsa -out server.key 2048 # Key considerations for algorith
A GREAT GUI Offline Tool for manipulating/seeking resolver list of repique and dnscrypt proxy.
Intro A GUI Offline Tool for decrypting and manipulating *.md files used by repique and dnscrypt proxy It's targeted for creating your own DoT, DoH an
Using Wireshark to decrypt TLS gRPC Client-Server protobuf messages
Using Wireshark to decrypt TLS gRPC Client-Server protobuf messages Sample client server in golang that demonstrates how to decode protobuf messages f
Watch and react to changes in Kubernetes TLS Secrets
cert-watch Watch and react to change in Kubernetes TLS Secrets. What is cert-watch? Kubernetes has introduced a number of different ways to keep certi
Transparent TLS and HTTP proxy serve and operate on all 65535 ports, with domain regex whitelist and rest api control
goshkan Transparent TLS and HTTP proxy serve & operating on all 65535 ports, with domain regex whitelist and rest api control tls and http on same por
Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user.
Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user. Drift
Caddy: an extensible server platform that uses TLS by default
a project Every site on HTTPS Caddy is an extensible server platform that uses TLS by default. Releases · Documentation · Get Help Menu Features Insta
go HTTP client that makes it plain simple to configure TLS, basic auth, retries on specific errors, keep-alive connections, logging, timeouts etc.
goat Goat, is an HTTP client built on top of a standard Go http package, that is extremely easy to configure; no googling required. The idea is simila
For whatever reason you want to transfer TLS certificates in kubernetes to Qiniu CDN
Qiniu Certificate Sync For whatever reason you want to transfer TLS certificates in kubernetes to Qiniu CDN This app will upload provided TLS secrets
Ephemeral One Time/Build-Time gRPC TLS PKI system.
PkiSauce Ephemeral Build Time TLS PKI saucing for your intra services GRPC (or not) communications. Description A simple attempt to avoid deploying co
Simple PKI for developers.
SimpleCA Have you ever been working with a technology and needed TLS certificates quickly? Perhaps you wanted to set up a PKI infrastructure for testi
node api for proxying requests with golang to spoof tls fingerprint
WIP NOT BUILT WONT WORK AS IS gotTLS A node websocket api version of https://github.com/Carcraftz/TLS-Fingerprint-API to spoof TLS fingerprint to prev
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
Easy and Powerful TLS Automation The same library used by the Caddy Web Server Caddy's automagic TLS features—now for your own Go programs—in one powe
Premier ACME client library for Go
acmez - ACME client library for Go ACMEz ("ack-measy" or "acme-zee", whichever you prefer) is a fully-compliant RFC 8555 (ACME) implementation in pure
CVE-2021-3449 OpenSSL denial-of-service exploit 👨🏻💻
CVE-2021-3449 OpenSSL 1.1.1k DoS exploit Usage: go run . -host hostname:port This program implements a proof-of-concept exploit of CVE-2021-3449 affe
High-performance, non-blocking, event-driven, easy-to-use networking framework written in Go, support tls/http1.x/websocket.
High-performance, non-blocking, event-driven, easy-to-use networking framework written in Go, support tls/http1.x/websocket.
This tool will listen on a given port, strip SSL encryption, forward traffic through a plain TCP proxy, then encrypt the returning traffic again and send it to the target of your choice. Unlike most SSL stripping solutions this tool will negotiate ALPN and preserve the negotiated protocol all the way to the target.
ALPN Pass This tool will listen on a given port, strip SSL encryption, forward traffic through a plain TCP proxy, then encrypt the returning traffic a
Discover expired TLS certificates in the services of a kubernetes cluster
About verify-k8s-certs is a daemon (prometheus exporter) to discover expired TLS certificates in a kubernetes cluster. It exposes the informations as
Fork of Go stdlib's net/http that works with alternative TLS libraries like refraction-networking/utls.
github.com/ooni/oohttp This repository contains a fork of Go's standard library net/http package including patches to allow using this HTTP code with
A server that proxies requests and uses fhttp & my fork of CycleTLS to modify your clienthello and prevent your requests from being fingerprinted.
TLS-Fingerprint-API A server that proxies requests and uses my fork of CycleTLS & fhttp (fork of net/http) to prevent your requests from being fingerp
TLS/SSL Tunnel - A modern STunnel replacement written in golang
go-tunnel - Robust Quic/TLS Tunnel (Stunnel replacement) What is it? A supercharged Stunnel replacement written in golang. is in a sense a proxy enabl
proxyd proxies data between TCP, TLS, and unix sockets
proxyd proxyd proxies data between TCP, TLS, and unix sockets TLS termination: Connecting to a remote application's unix socket: +---------+
gobetween - modern & minimalistic load balancer and reverse-proxy for the ☁️ Cloud era.
gobetween - modern & minimalistic load balancer and reverse-proxy for the ☁️ Cloud era. Current status: Maintenance mode, accepting PRs. Currently in
Mutual TLS encryption TCP proxy with golang
mtls-tcp-proxy Mutual Authentication TLS encryption TCP proxy with golang Why? I created this because of sometimes, it is not possible for us to estab
Toy TLS certificate viewer
veilig Toy tls certificate viewer that I built because openssl s_client confuses me Source available at: https://github.com/noqqe/veilig/ Please repor
Tooling to validate HTTPS Certificates and Connections Around Web 🕷️
Cassler - SSL Validator Tool If your read fast, it's sounds like "Cassia Eller" Tooling to validate HTTPS Certificates and Connections Around Web 🕷️
Privacy important, fast, recursive dns resolver server with dnssec support
🚀 Privacy important, fast, recursive dns resolver server with dnssec support Installation go get github.com/semihalev/sdns Pre-build Binaries Downloa
A tiny command line DNS client with support for UDP, DoT, DoH, and DoQ.
q A tiny command line DNS client with support for UDP, DoT, DoH, and DoQ. Usage q command line DNS client (https://github.com/natesales/q) Usage: q
CFSSL: Cloudflare's PKI and TLS toolkit
CFSSL CloudFlare's PKI/TLS toolkit CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing,
Go HTTP tunnel is a reverse tunnel based on HTTP/2.
Go HTTP tunnel is a reverse tunnel based on HTTP/2. It enables you to share your localhost when you don't have a public IP.
mkcert is a simple tool for making locally-trusted development certificates
A simple zero-config tool to make locally trusted development certificates with any names you'd like.
Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API。
Advertisement GOPROXY Introduction The GoProxy is a high-performance http proxy, https proxy, socks5 proxy, ss proxy, websocket proxies, tcp proxies,
Headless CMS with automatic JSON API. Featuring auto-HTTPS from Let's Encrypt, HTTP/2 Server Push, and flexible server framework written in Go.
Ponzu Watch the video introduction Ponzu is a powerful and efficient open-source HTTP server framework and CMS. It provides automatic, free, and secur
Simple and easy go web micro framework
DotWeb Simple and easy go web micro framework Important: Now need go1.9+ version support, and support go mod. Document: https://www.kancloud.cn/devfee
Network-wide ads & trackers blocking DNS server
Privacy protection center for you and your devices Free and open source, powerful network-wide ads & trackers blocking DNS server. AdGuard.com | Wiki
Automatic HTTPS for any Go program: fully-managed TLS certificate issuance and renewal
Easy and Powerful TLS Automation The same library used by the Caddy Web Server Caddy's automagic TLS features—now for your own Go programs—in one powe
A suite of gRPC debugging tools. Like Fiddler/Charles but for gRPC.
grpc-tools A suite of tools for gRPC debugging and development. Like Fiddler/Charles but for gRPC! The main tool is grpc-dump which transparently inte
🙌It 👐just 👌not ☝works
fuck-signal-tls-proxy Why Deliver something [3] not work at all is more rude than dirty word. In short, everything is designed to blend into the backg
Tiny-HTTPS protocol implementation (experiment purpose.)
thttps Basic TLS implementation in Go, written as a learning project. Most components are forked from Go version 1.7 tiny-HTTPS is not suitable for re
Certificate monitoring utility for watching tls certificates and reporting the result as metrics.
cert-checker cert-checker is a certificate monitoring utility for watching tls certificates. These checks get exposed as Prometheus metrics to be view
Let's Encrypt client and ACME library written in Go
Let's Encrypt client and ACME library written in Go. Features ACME v2 RFC 8555 Register with CA Obtain certificates, both from scratch or with an exis
Package telnet provides TELNET and TELNETS client and server implementations, for the Go programming language, in a style similar to the "net/http" library that is part of the Go standard library, including support for "middleware"; TELNETS is secure TELNET, with the TELNET protocol over a secured TLS (or SSL) connection.
go-telnet Package telnet provides TELNET and TELNETS client and server implementations, for the Go programming language. The telnet package provides a
Reverse proxy with automatically obtains TLS certificates from Let's Encrypt
Русскоязычное описание ниже (Russian below). English description Home page: https://github.com/rekby/lets-proxy2 Features: http-01 and tls-alpn-01 val
Fast, multi-platform web server with automatic HTTPS
a project Every site on HTTPS Caddy is an extensible server platform that uses TLS by default. Releases · Documentation · Get Help Menu Features Insta
Let's Encrypt client and ACME library written in Go
Let's Encrypt client and ACME library written in Go. Features ACME v2 RFC 8555 Register with CA Obtain certificates, both from scratch or with an exis
An opinionated helper for generating tls certificates
Certificates helper This is an opinionated helper for generating tls certificates. It outputs only in PEM format but this enables you easily generate
:lock: acmetool, an automatic certificate acquisition tool for ACME (Let's Encrypt)
acmetool is an easy-to-use command line tool for automatically acquiring certificates from ACME servers (such as Let's Encrypt). Designed to flexibly
Golang package for send email. Support keep alive connection, TLS and SSL. Easy for bulk SMTP.
Go Simple Mail The best way to send emails in Go with SMTP Keep Alive and Timeout for Connect and Send. IMPORTANT Examples in this README are for v2.2