Awesome Open Source
Search results for golang security tools
273 search results found
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Protect and discover secrets using Gitleaks 🔑
Find and verify credentials
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Golang security checker
Adversary Emulation Framework
⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
syzkaller is an unsupervised coverage-guided kernel fuzzer
A Workflow Engine for Offensive Security
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
Open Source, Google Zanzibar-inspired fine-grained permissions database
Cameradar hacks its way into RTSP videosurveillance cameras
🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
ContainerSSH: Launch containers on demand
Dark Web OSINT Tool
A static analysis tool for securing Go code
👻Stowaway -- Multi-hop Proxy Tool for pentesters
The Swiss Army knife for automated Web Application Testing
Awesome Golang Security
Awesome Golang Security resources 🕶🔐
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Asset discovery and identification tools 快速识别 Web 指纹信息，定位资产类型。辅助红队快速定位目标资产信息，辅助蓝队发现疑似脆弱点
Hacking With Golang
A very small, very simple, yet very secure encryption tool.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Quickly clone an entire org/users repositories into one directory - Supports GitHub, GitLab, Bitbucket, and more 🥚
LadonGO 4.5 Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透，使用它可轻松一键批量探
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
⭐️ ⭐️ Distributed tcpdump for cloud native environments ⭐️ ⭐️
Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos.
OSINT tools and more but without API ke
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
DeimosC2 is a Golang command and control framework for post-exploitation.
Simple Golang HTTPS/TLS Examples
kube-scan: Octarine k8s cluster risk assessment tool
Security scanner coordinator
Kubernetes-native security toolkit
Statically-linked ssh server with reverse shell functionality for CTFs and such
Web Cache Vulnerability Scanner
Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.
☁️ Collaborative Malware Analysis Platform at Scale
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
Performing security tests inside your CI
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
Scan installed EDRs and AVs on Windows
a tool to analyze filesystem images for security
Find subdomains on GitHub.
Local Log4j Vuln Scanner
Simple local scanner for vulnerable log4j instances
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
Black box fuzzer for web applications
🔑 Authz0 is an automated authorization test tool. Unauthorized access can be identified based on URLs and Roles & Credentials.
Kube Psp Advisor
Help building an adaptive and fine-grained pod security policy
Aws Sso Cli
A powerful tool for using AWS Identity Center for the CLI and web console.
A scope generation tool for Burp Suite & ZAP
Second-order subdomain takeover scanner
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
Slsa Github Generator
Language-agnostic SLSA provenance generation for Github Actions
Passive DNS Capture and Monitoring Toolkit
A programming language exclusively designed for cybersecurity
A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support
Lit Bb Hack Tools
Little Bug Bounty & Hacking Tools⚔️
memory search and patch tool on debuggable apk without root & ndk
Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration
元豚科技 - 基于日志安全分析做切入，做最好用的「云原生安全运维工作台」
🧹 Cleaning up images from Kubernetes nodes
Vulnerability scanning just got lazier
Impersonating JA3 signatures
去中心化远程控制工具（Decentralized Remote Administration Tool），通过ENS实现了配置文件分发的去中心化，通过Telegram实现了服务端的去中心化
Discover new target domains using Content Security Policy
Orchestrate GitHub Actions Security and get a higher OpenSSF Scorecard score
Generate tens of thousands of subdomain combinations in a matter of seconds
By scanning CI/CD misconfigurations, Allero helps reduce production issues, harden your security posture and shift-left CI/CD from DevOps to developers.
A Go implementation of dirsearch.
teler-waf is a Go HTTP middleware that provides teler IDS functionality.
Gotator is a tool to generate DNS wordlists through permutations.
Pillage filesystems for sensitive information with Go 🔍
Argo is an automated general crawler for automatically obtaining website URLs . Argo 是一个自动化扫描器爬虫 用于自动化获取网站的URL 基于go-rod实现了静态和动态结合的方式来实现
NoSql Injection CLI tool, for finding vulnerable websites using MongoDB.
Identity & Access Management simplified and secure.
Age based repository file encryption gitops tool
A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter.
gonids is a library to parse IDS rules, with a focus primarily on Suricata rule compatibility. There is a discussion forum available that you can join on Google Groups: https://groups.google.com/forum/#!topic/gonids/
Find endpoints on GitHub.
Telling tales on you for leaking secrets!
Use ExpiredDomains.net and BlueCoat to find useful domains for red team.
An open source tool to aid in command line driven generation of bug bounty reports based on user provided templates.
A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts's ip or fqdn with the sole purpose of testing your own network to ensure there are no malicious services running.
Find Gh Poc
Find CVE PoCs on GitHub
Golang Cli (8,138)
Golang Command Line (7,967)
Golang Docker (7,059)
Golang Kubernetes (6,482)
Golang Server (4,273)
Golang Http (4,238)
Golang Http2 (4,189)
Es6 Golang (3,129)
Golang Database (2,758)
1-100 of 273 search results
Follow Us On Twitter
Copyright 2018-2023 Awesome Open Source. All rights reserved.