Awesome Golang Security
| Project Name | Stars | Downloads | Repos Using This | Packages Using This | Most Recent Commit | Total Releases | Latest Release | Open Issues | License | Language |
|---|---|---|---|---|---|---|---|---|---|---|
| Laravel | 73,552 |  | 1,106 | 1,206 | a day ago | 152 | July 19, 2022 | 32 | PHP | |
| Laravel is a web application framework with expressive, elegant syntax. We’ve already laid the foundation for your next big idea — freeing you to create without sweating the small things. | ||||||||||
| Payloadsallthethings | 47,819 | 7 days ago | 17 | mit | Python | |||||
| A list of useful payloads and bypass for Web Application Security and Pentest/CTF | ||||||||||
| Framework | 29,566 |  | 116,342 | 10,768 | 16 hours ago | 840 | September 22, 2022 | 20 | mit | PHP |
| The Laravel Framework. | ||||||||||
| Trivy | 17,501 | 25 | a day ago | 176 | September 16, 2022 | 188 | apache-2.0 | Go | ||
| Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more | ||||||||||
| Authelia | 16,449 | 1 | 18 hours ago | 34 | September 19, 2022 | 98 | apache-2.0 | Go | ||
| The Single Sign-On Multi-Factor portal for web apps | ||||||||||
| Apktool | 16,343 | 4 days ago | 3 | February 26, 2022 | 96 | apache-2.0 | Java | |||
| A tool for reverse engineering Android apk files | ||||||||||
| Flarum | 13,991 | 1 | 7 days ago | 19 | July 13, 2022 | mit | PHP | |||
| Simple forum software for building great communities. | ||||||||||
| Hacker101 | 12,940 | a month ago | 28 | other | SCSS | |||||
| Source code for Hacker101.com - a free online web and mobile security class. | ||||||||||
| Nats Server | 12,831 | 1,090 | a day ago | 417 | September 22, 2022 | 275 | apache-2.0 | Go | ||
| High-Performance server for NATS.io, the cloud and edge native messaging system. | ||||||||||
| Pytest | 10,219 |  | 65,292 | 18,299 | 18 hours ago | 155 | April 23, 2022 | 861 | mit | Python |
| The pytest framework makes it easy to write small tests, yet scales to support complex functional testing | ||||||||||
Alternatives To Awesome Golang SecuritySelect To Compare
Alternative Project Comparisons
Readme
A curated list of awesome golang Security related resources.
List inspired by the awesome list thing.
Supported by: GuardRails.io
Contents
Tools
Web Framework Hardening
- nosurf - CSRF protection middleware for Go.
- gorilla/csrf - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
- gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
- secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.
-
unindexed - A drop-in replacement for
http.Dirwhich disables directory indexing. - beego-security-headers - beego framework filter for easy security headers management.
Libraries
- paseto - Platform-Agnostic Security Tokens implementation in GO (Golang).
- hsts - Go HTTP Strict Transport Security library.
- jwt-go - Golang implementation of JSON Web Tokens (JWT).
- httprobe - Take a list of domains and probe for working HTTP and HTTPS servers.
Static Code Analysis
- safesql - Static analysis tool for Golang that protects against SQL injections. It does not seem to be actively maintained at the moment.
- gosec - Inspects source code for security problems by scanning the Go AST and matching it with a set of rules. Comes bundled in a Docker container securego/gosec.
- gometalinter - Concurrently runs most of the existing go linters and normalizes their output.
- CodeQL - A tool that lets you query your code like data, in order to find vulnerabilities and bugs. See also LGTM.com for pull request integration and running queries in the cloud.
- ChainJacking - Find which of your Go lang direct GitHub dependencies is susceptible to ChainJacking attack.
Vulnerabilities and Security Advisories
- golang-announce - The golang release mailing list. Language-specific security issues are announced here.
- GoCenter Security and JFrog VSCode Extension for Go - Free vulnerability data around Go Modules
- snyk Vulnerability DB - Commercial but free listing of known vulnerabilities in libraries.
- Common Vulnerabilities and Exposures - Vulnerabilities that were assigned a CVE. Covers the language and packages.
- National Vulnerability Database - Golang known vulnerabilities in the National Vulnerability Database.
Private Key Infrastructure
- CloudFlare SSL - CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates.
Educational
Hacking Playground
- govwa - A vulnerable golang application including the most common vulnerabilities found in web applications today.
- Lambhack - A very vulnerable serverless application in AWS Lambda.
Articles, Guides & Talks
- gosea - Go Secure Example Application (GOSEA).
- Go - Secure Coding Practices by OWASP - [PDF] Talk given by Sulhaedir at the OWASP Jakarta meetup.
- OWASP Go - Secure Coding Practices by Checkmarx - Go programming language secure coding practices guide.
- Memory Security in golang - Handling data securely in memory.
- A Go Programmer's Guide to Secure Connections - [Video] GopherCon 2018, Liz Rice.
- golang-tls - Simple Golang HTTPS/TLS Examples.
- Hacking with Go - Hacking with Go for security professionals.
- ReDoS in Go by Checkmarx - Diving Deep into Regular Expression Denial of Service (ReDoS) in Go.
- Attacking Go: A detailed description on Security assessment techniques for Go projects.
Other
Reporting Bugs
Contributing
Found an awesome project, package, article, or another type of resources related to golang Security? Submit a pull request! Just follow the guidelines. Thank you!
License
Popular Security Projects
Popular Vulnerabilities Projects
Popular Security Categories
Related Searches
Get A Weekly Email With Trending Projects For These Categories
No Spam. Unsubscribe easily at any time.
Golang
Security
Vulnerabilities
Awesome List
Tls
Security Tools
Static Analysis
Csrf
Owasp