Awesome Golang Security

Awesome Golang Security resources 🕶🔐
Alternatives To Awesome Golang Security
Project NameStarsDownloadsRepos Using ThisPackages Using ThisMost Recent CommitTotal ReleasesLatest ReleaseOpen IssuesLicenseLanguage
Laravel73,5521,1061,206a day ago152July 19, 202232PHP
Laravel is a web application framework with expressive, elegant syntax. We’ve already laid the foundation for your next big idea — freeing you to create without sweating the small things.
7 days ago17mitPython
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Framework29,566116,34210,76816 hours ago840September 22, 202220mitPHP
The Laravel Framework.
Trivy17,50125a day ago176September 16, 2022188apache-2.0Go
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Authelia16,449118 hours ago34September 19, 202298apache-2.0Go
The Single Sign-On Multi-Factor portal for web apps
4 days ago3February 26, 202296apache-2.0Java
A tool for reverse engineering Android apk files
17 days ago19July 13, 2022mitPHP
Simple forum software for building great communities.
a month ago28otherSCSS
Source code for - a free online web and mobile security class.
Nats Server12,8311,090a day ago417September 22, 2022275apache-2.0Go
High-Performance server for, the cloud and edge native messaging system.
Pytest10,21965,29218,29918 hours ago155April 23, 2022861mitPython
The pytest framework makes it easy to write small tests, yet scales to support complex functional testing
Alternatives To Awesome Golang Security
Select To Compare

Alternative Project Comparisons

A curated list of awesome golang Security related resources.


List inspired by the awesome list thing.

Supported by:



Web Framework Hardening

  • nosurf - CSRF protection middleware for Go.
  • gorilla/csrf - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
  • gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
  • secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.
  • unindexed - A drop-in replacement for http.Dir which disables directory indexing.
  • beego-security-headers - beego framework filter for easy security headers management.


  • paseto - Platform-Agnostic Security Tokens implementation in GO (Golang).
  • hsts - Go HTTP Strict Transport Security library.
  • jwt-go - Golang implementation of JSON Web Tokens (JWT).
  • httprobe - Take a list of domains and probe for working HTTP and HTTPS servers.

Static Code Analysis

  • safesql - Static analysis tool for Golang that protects against SQL injections. It does not seem to be actively maintained at the moment.
  • gosec - Inspects source code for security problems by scanning the Go AST and matching it with a set of rules. Comes bundled in a Docker container securego/gosec.
  • gometalinter - Concurrently runs most of the existing go linters and normalizes their output.
  • CodeQL - A tool that lets you query your code like data, in order to find vulnerabilities and bugs. See also for pull request integration and running queries in the cloud.
  • ChainJacking - Find which of your Go lang direct GitHub dependencies is susceptible to ChainJacking attack.

Vulnerabilities and Security Advisories

Private Key Infrastructure

  • CloudFlare SSL - CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates.


Hacking Playground

  • govwa - A vulnerable golang application including the most common vulnerabilities found in web applications today.
  • Lambhack - A very vulnerable serverless application in AWS Lambda.

Articles, Guides & Talks


Reporting Bugs


Found an awesome project, package, article, or another type of resources related to golang Security? Submit a pull request! Just follow the guidelines. Thank you!



Popular Security Projects
Popular Vulnerabilities Projects
Popular Security Categories
Related Searches

Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Awesome List
Security Tools
Static Analysis