Awesome Open Source

Programming Languages

Search results for golang security tools

security-tools x

273 search results found

Trivy ⭐ 18,781

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Gitleaks ⭐ 13,862

Protect and discover secrets using Gitleaks 🔑

Trufflehog ⭐ 12,158

Find and verify credentials

Vuls ⭐ 10,280

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Gosec ⭐ 7,099

Golang security checker

Sliver ⭐ 6,586

Adversary Emulation Framework

Traitor ⭐ 5,724

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Certificates ⭐ 5,636

🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Osv Scanner ⭐ 5,342

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Syzkaller ⭐ 4,849

syzkaller is an unsupervised coverage-guided kernel fuzzer

Osmedeus ⭐ 4,676

A Workflow Engine for Offensive Security

Terrascan ⭐ 4,223

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Scan4all ⭐ 4,018

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

Spicedb ⭐ 3,875

Open Source, Google Zanzibar-inspired fine-grained permissions database

Cameradar ⭐ 3,451

Cameradar hacks its way into RTSP videosurveillance cameras

🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

Secretscanner ⭐ 2,831

🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓

Dockle ⭐ 2,461

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Containerssh ⭐ 2,360

ContainerSSH: Launch containers on demand

Torbot ⭐ 2,155

Dark Web OSINT Tool

Gokart ⭐ 2,101

A static analysis tool for securing Go code

Stowaway ⭐ 2,077

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Jaeles ⭐ 1,911

The Swiss Army knife for automated Web Application Testing

Awesome Golang Security ⭐ 1,768

Awesome Golang Security resources 🕶🔐

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

Dismap ⭐ 1,692

Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点

Hacking With Golang ⭐ 1,567

Golang安全资源合集

Ksubdomain ⭐ 1,457

无状态子域名爆破工具

Picocrypt ⭐ 1,441

A very small, very simple, yet very secure encryption tool.

Bearer ⭐ 1,369

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Ghorg ⭐ 1,337

Quickly clone an entire org/users repositories into one directory - Supports GitHub, GitLab, Bitbucket, and more 🥚

Ladongo ⭐ 1,287

LadonGO 4.5 Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透，使用它可轻松一键批量探

Gotestwaf ⭐ 1,221

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

Packetstreamer ⭐ 1,212

⭐️ ⭐️ Distributed tcpdump for cloud native environments ⭐️ ⭐️

Goblin ⭐ 1,182

一款适用于红蓝对抗中的仿真钓鱼系统

Pocassist ⭐ 1,138

全新的漏洞测试框架，支持poc在线编辑、运行、批量测试。使用文档：

Git Hound ⭐ 1,015

Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos.

Metabigor ⭐ 1,003

OSINT tools and more but without API ke

Cariddi ⭐ 989

Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

Deimosc2 ⭐ 926

DeimosC2 is a Golang command and control framework for post-exploitation.

Golang Tls ⭐ 788

Simple Golang HTTPS/TLS Examples

Kube Scan ⭐ 734

kube-scan: Octarine k8s cluster risk assessment tool

面向红队的, 高度可控可拓展的自动化引擎

Security scanner coordinator

Trivy Operator ⭐ 702

Kubernetes-native security toolkit

Reverse Ssh ⭐ 672

Statically-linked ssh server with reverse shell functionality for CTFs and such

Web Cache Vulnerability Scanner ⭐ 672

Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).

Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration

Chain Bench ⭐ 626

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

Saferwall ⭐ 611

☁️ Collaborative Malware Analysis Platform at Scale

Apkhunt ⭐ 580

APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.

Huskyci ⭐ 530

Performing security tests inside your CI

Kubesploit ⭐ 501

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.

Api Firewall ⭐ 494

Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.

Edrhunt ⭐ 475

Scan installed EDRs and AVs on Windows

Fwanalyzer ⭐ 438

a tool to analyze filesystem images for security

Github Subdomains ⭐ 426

Find subdomains on GitHub.

Local Log4j Vuln Scanner ⭐ 386

Simple local scanner for vulnerable log4j instances

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

Firefly ⭐ 332

Black box fuzzer for web applications

🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.

Kube Psp Advisor ⭐ 317

Help building an adaptive and fine-grained pod security policy

Aws Sso Cli ⭐ 315

A powerful tool for using AWS Identity Center for the CLI and web console.

Rescope ⭐ 298

A scope generation tool for Burp Suite & ZAP

Second Order ⭐ 295

Second-order subdomain takeover scanner

Witness ⭐ 294

Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.

Slsa Github Generator ⭐ 289

Language-agnostic SLSA provenance generation for Github Actions

Dnsmonster ⭐ 277

Passive DNS Capture and Monitoring Toolkit

Yaklang ⭐ 276

A programming language exclusively designed for cybersecurity

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support

Lit Bb Hack Tools ⭐ 269

Little Bug Bounty & Hacking Tools⚔️

Apk Medit ⭐ 261

memory search and patch tool on debuggable apk without root & ndk

Hijagger ⭐ 259

Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration

W3a_soc ⭐ 256

元豚科技 - 基于日志安全分析做切入，做最好用的「云原生安全运维工作台」

Insider ⭐ 255

Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilities right in the source code, focused on a agile and easy to implement software inside your DevOps pipeline. Support the following technologies: Java (Maven and Android), Kotlin (Android), Swift (iOS), .NET Full Framework, C#, and Javascript (Node.js).

🧹 Cleaning up images from Kubernetes nodes

Jsubfinder ⭐ 238

jsubfinder searches webpages for javascript & analyzes them for hidden subdomains and secrets (wip).

Lazytrivy ⭐ 236

Vulnerability scanning just got lazier

Ja3transport ⭐ 226

Impersonating JA3 signatures

去中心化远程控制工具（Decentralized Remote Administration Tool），通过ENS实现了配置文件分发的去中心化，通过Telegram实现了服务端的去中心化

Csprecon ⭐ 213

Discover new target domains using Content Security Policy

Secure Repo ⭐ 211

Orchestrate GitHub Actions Security and get a higher OpenSSF Scorecard score

Generate tens of thousands of subdomain combinations in a matter of seconds

By scanning CI/CD misconfigurations, Allero helps reduce production issues, harden your security posture and shift-left CI/CD from DevOps to developers.

Dirsearch ⭐ 195

A Go implementation of dirsearch.

Teler Waf ⭐ 189

teler-waf is a Go HTTP middleware that provides teler IDS functionality.

Gotator ⭐ 183

Gotator is a tool to generate DNS wordlists through permutations.

Pillager ⭐ 178

Pillage filesystems for sensitive information with Go 🔍

Argo is an automated general crawler for automatically obtaining website URLs . Argo 是一个自动化扫描器爬虫用于自动化获取网站的URL 基于go-rod实现了静态和动态结合的方式来实现

NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.

Iamzero ⭐ 168

Identity & Access Management simplified and secure.

Age based repository file encryption gitops tool

Nmap Formatter ⭐ 155

A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter.

gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/

Github Endpoints ⭐ 141

Find endpoints on GitHub.

Squealer ⭐ 133

Telling tales on you for leaking secrets!

Airmaster ⭐ 131

Use ExpiredDomains.net and BlueCoat to find useful domains for red team.

An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.

Turbo Scanner ⭐ 120

A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts's ip or fqdn with the sole purpose of testing your own network to ensure there are no malicious services running.

Find Gh Poc ⭐ 117

Find CVE PoCs on GitHub

Related Searches

Golang Cli (8,138)

Golang Command Line (7,967)

Golang Docker (7,059)

Golang Kubernetes (6,482)

Golang Server (4,273)

Golang Http (4,238)

Golang Http2 (4,189)

Javascript Golang (3,129)

Es6 Golang (3,129)

Golang Database (2,758)

1-100 of 273 search results

Privacy | About | Terms | Follow Us On Twitter

Copyright 2018-2023 Awesome Open Source. All rights reserved.