awesome/awesome-go-security
1
0
Fork 0
mirror of https://github.com/Binject/awesome-go-security.git synced 2024-11-24 08:42:29 +02:00
Code Issues Releases Activity
db4223d473
awesome-go-security/README.md
Dan Borges db4223d473
Update README.md
2019-02-26 23:27:05 -08:00

11 KiB
Raw Blame History

awesome-go-security

A dedicated place for cool golang security projects, frameworks, libraries, and software.

Pulled from collections such as awesome-go and awesome-golang-security

Encryption

  • bencrypt - Encryption Abstraction Layer and Utilities for ratnet .
  • holeysocks - Cross-Platform Reverse Socks Proxy in Go.
  • gokrb5 - Pure Go Kerberos library for clients and services.
  • go-tunnel - TLS/SSL Tunnel - A modern STunnel replacement written in golang.
  • memguard - A pure Go library for handling sensitive values in memory.
  • nacl - Go implementation of the NaCL set of API's.
  • passlib - Futureproof password hashing library.
  • saltpack - Modern crypto messaging format.
  • simple-scrypt - Scrypt package with a simple, obvious API and automatic cost calibration built-in.

Packers / Obfuscators

  • gscript - Framework to rapidly implement custom droppers for all three major operating systems
  • gobfuscate - Obfuscate Go binaries and packages
  • goupx - Fix golang compiled binaries on x86_64 so that they can be packed with UPX.
  • stegify - Go tool for LSB steganography, capable of hiding any file within an image.
  • obfs4 - Yawning Angel courtesy mirror of the obfourscator

Private Key Infrastructure

  • acmetool - ACME (Let's Encrypt) client tool with automatic renewal.
  • certigo - A utility to examine and validate certificates in a variety of formats
  • CloudFlare SSL - CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates.

SSH

  • ssh-vault - encrypt/decrypt using ssh keys.
  • pam-ussh - uber's ssh certificate pam module.

File Transfer

  • dnd - A web based drag and drop file transfer tool for sending files across the internet.
  • grab - Go package for managing file downloads.
  • onionbox - Send and recieve files through TOR

Phishing

  • evilginx2 - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication.
  • gophish - Open-Source Phishing Toolkit
  • modlishka - Modlishka. Reverse Proxy. Phishing NG.

Command and Control

  • chashell - Chashell is a Go reverse shell that communicates over DNS.
  • GoAT - GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
  • gobot2 - Second Version of The GoBot Botnet, But more advanced.
  • goredshell - A cross platform tool for verifying credentials and executing single commands
  • hershell - Multiplatform reverse shell generator.
  • hideNsneak - a CLI for ephemeral penetration testing
  • merlin - Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
  • shellz - shellz is a small utility to track and control your ssh, telnet, web and custom shells and tunnels.
  • squidshell - A dynamic HTTP and DNS reverse proxy
  • ratnet - Ratnet is a prototype anonymity network for mesh routing and embedded scenarios.
  • Venom - A Multi-hop Proxy for Penetration Testers Written in Go

Web Framework Hardening

  • beego-security-headers - Beego framework filter for easy security headers management.
  • goth - Provides a simple, clean, and idiomatic way to use OAuth and OAuth2. Handles multiple providers out of the box.
  • hsts - Go HTTP Strict Transport Security library
  • httpauth - HTTP Authentication middleware.
  • jwt - Clean and easy to use implementation of JSON Web Tokens (JWT).
  • jwt - Lightweight JSON Web Token (JWT) library.
  • nosurf - CSRF protection middleware for Go.
  • oauth2 - Successor of goauth2. Generic OAuth 2.0 package that comes with JWT, Google APIs, Compute Engine and App Engine support.
  • osin - Golang OAuth2 server library.
  • paseto - Platform-Agnostic Security Tokens implementation in GO (Golang)
  • gorilla/csrf - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
  • gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
  • secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.

Web Application Testing

  • gobuster - Directory/file & DNS busting tool written in Go.
  • gofuz - Aims to reproduce wfuzz's functionality and versatility. Based on gobuster.
  • url2img - HTTP server with API for capturing screenshots of websites.

Network Scanners

  • bettercap - The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.
  • goddi - goddi (go dump domain info) dumps Active Directory domain information
  • nextnet - nextnet is a pivot point discovery tool written in Go.
  • vulns - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go
  • xray - XRay is a tool for recon, mapping and OSINT gathering from public networks.

Network Analysis

  • goshark - Package goshark use tshark to decode IP packet and create data struct to analyse packet.
  • gosnmp - Native Go library for performing SNMP actions.
  • gopassivedns - PassiveDNS in Go.
  • nfp - Network Finger Printer

Exploit Development

  • binjection - Injects additional machine instructions into various binary formats.
  • pwn - Pwntools for go!
  • monkey - Monkey patching in Go
  • usercorn - Dynamic binary analysis via platform emulation

Detection Engines

  • fleet - A flexible control server for osquery fleets
  • go-yara - Go Bindings for YARA, the "pattern matching swiss knife for malware researchers (and everyone else)".
  • honeytrap - Advanced Honeypot framework.
  • malace - VirusTotal Wanna Be - Now with 100% more Hipster
  • sgt - Osquery Mangement Server

Chat Bots

  • alfred - A Slack bot to add security info to messages containing URLs, hashes and IPs.
  • go-chat-bot - IRC, Slack & Telegram bot written in Go.
  • flottbot - A chatbot framework written in Go. All configurations are made in YAML.

System Information

General Post Exploitation

  • dlgs - Go cross-platform library for displaying dialogs and input boxes
  • goreddeath - Experimenting with destructive file attacks in Go.
  • goredloot - A tool to collect secrets (keys and passwords) and stage (compress and encrypt) them for exfiltration.
  • goredspy - Post exploitation desktop screensho / user monitoring tool

Windows Specific

  • amsi - Golang implementation of Microsoft Antimalware Scan Interface
  • com - Go wrapper for Microsoft COM's IUnknown interface.
  • go-execute-assembly - Allow a Go process to dynamically load .NET assemblies.
  • gosecretsdump - Fast hash dumper for NTDS.dit files
  • taskmaster - Windows Task Scheduler Library for Go.

MacOS Specific

  • damage - A toolkit for creating and manipulating DMGs

Linux Specific

  • ftrace - Go library to trace Linux syscalls using the FTRACE kernel framework.
  • opensnitch - OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.

Data Parsing

  • cacador - Indicator extractor of IOCs

Static Code Analysis

  • go-diff - Diff, match and patch text in Go
  • gosec - Inspects source code for security problems by scanning the Go AST.
  • gometalinter - Concurrently run Go lint tools and normalise their output.

Assembly

  • avo - Generate x86 Assembly with Go
  • c2goasm - C to Go Assembly
  • shellcode - Shellcode library as a Go package