{"id":13546186,"url":"https://github.com/Binject/awesome-go-security","last_synced_at":"2025-04-02T17:32:38.061Z","repository":{"id":41188546,"uuid":"172846033","full_name":"Binject/awesome-go-security","owner":"Binject","description":"A dedicated place for cool golang security projects","archived":false,"fork":false,"pushed_at":"2021-07-07T17:08:27.000Z","size":32,"stargazers_count":626,"open_issues_count":3,"forks_count":57,"subscribers_count":25,"default_branch":"master","last_synced_at":"2024-05-18T19:46:52.223Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Binject.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-02-27T04:57:58.000Z","updated_at":"2024-05-18T07:01:00.000Z","dependencies_parsed_at":"2022-08-10T01:43:04.618Z","dependency_job_id":null,"html_url":"https://github.com/Binject/awesome-go-security","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Binject%2Fawesome-go-security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Binject%2Fawesome-go-security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Binject%2Fawesome-go-security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Binject%2Fawesome-go-security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Binject","download_url":"https://codeload.github.com/Binject/awesome-go-security/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246860276,"owners_count":20845636,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T12:00:33.167Z","updated_at":"2025-04-02T17:32:37.769Z","avatar_url":"https://github.com/Binject.png","language":null,"funding_links":[],"categories":["Development","Talks","Others (1002)","Others","Programming Language Lists","Coding"],"sub_categories":["Programming","Frameworks","Go Lists"],"readme":"# awesome-go-security\n\nA dedicated place for cool golang security projects, frameworks, libraries, and software.\n\nPulled from collections such as [awesome-go](https://github.com/avelino/awesome-go) and [awesome-golang-security](https://github.com/guardrailsio/awesome-golang-security)\n\n\n## Auth\n\n* [saml2aws](https://github.com/Versent/saml2aws) - CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP\n\n\n## Encryption\n\n* [bencrypt](https://github.com/awgh/bencrypt) - Encryption Abstraction Layer and Utilities.\n* [holeysocks](https://github.com/audibleblink/HoleySocks) - Cross-Platform Reverse Socks Proxy in Go.\n* [gokrb5](https://github.com/jcmturner/gokrb5) - Pure Go Kerberos library for clients and services.\n* [go-tunnel](https://github.com/opencoff/go-tunnel) - TLS/SSL Tunnel - A modern STunnel replacement written in golang.\n* [memguard](https://github.com/awnumar/memguard) - A pure Go library for handling sensitive values in memory.\n* [nacl](https://github.com/kevinburke/nacl) - Go implementation of the NaCL set of API's.\n* [passlib](https://github.com/hlandau/passlib) - Futureproof password hashing library.\n* [saltpack](https://github.com/keybase/saltpack) - Modern crypto messaging format.\n* [simple-scrypt](https://github.com/elithrar/simple-scrypt) - Scrypt package with a simple, obvious API and automatic cost calibration built-in.\n* [sio](https://github.com/minio/sio) - Go implementation of the Data At Rest Encryption ([DARE](https://blog.minio.io/data-at-rest-encryption-done-right-7446c644ddb6)) format.\n* [hashid](https://github.com/JamesHovious/hashid) - Given a string determine the possible hashing algorithms used to produce that string.\n* [crunchy](https://github.com/muesli/crunchy) - Finds common flaws in passwords. Like cracklib\n\n## Packers / Obfuscators\n\n* [Amber](https://github.com/EgeBalci/Amber) - Amber is a reflective PE packer for bypassing security products and mitigations.\n* [gscript](https://github.com/gen0cide/gscript) - Framework to rapidly implement custom droppers for all three major operating systems\n* [gobfuscate](https://github.com/unixpickle/gobfuscate) - Obfuscate Go binaries and packages\n* [goupx](https://github.com/pwaller/goupx) - Fix golang compiled binaries on x86_64 so that they can be packed with UPX.\n* [stegify](https://github.com/DimitarPetrov/stegify) - Go tool for LSB steganography, capable of hiding any file within an image.\n* [obfs4](https://github.com/Yawning/obfs4) - Yawning Angel courtesy mirror of the obfourscator\n* [strobfus](https://github.com/znly/strobfus) - String obfuscation\n\n\n## Private Key Infrastructure\n\n* [acmetool](https://github.com/hlandau/acme) - ACME (Let's Encrypt) client tool with automatic renewal.\n* [certigo](https://github.com/square/certigo) - A utility to examine and validate certificates in a variety of formats\n* [CloudFlare SSL](https://github.com/cloudflare/cfssl) - CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates.\n\n\n## SSH\n\n* [ssh-vault](https://github.com/ssh-vault/ssh-vault) - encrypt/decrypt using ssh keys.\n* [pam-ussh](https://github.com/uber/pam-ussh) - uber's ssh certificate pam module.\n\n\n## File Transfer\n\n* [dnd](https://github.com/0xcaff/dnd) - A web based drag and drop file transfer tool for sending files across the internet.\n* [grab](https://github.com/cavaliercoder/grab) - Go package for managing file downloads.\n* [onionbox](https://github.com/ciehanski/onionbox) - Send and recieve files through TOR\n* [proxyd](https://github.com/hkparker/proxyd) - proxyd proxies data between TCP, TLS, and unix sockets\n\n\n## Recon\n\n* [goca](https://github.com/gocaio/goca) - Goca Scanner https://goca.io\n\n\n## Phishing\n\n* [evilginx2](https://github.com/kgretzky/evilginx2) - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication.\n* [gophish](https://github.com/gophish/gophish) - Open-Source Phishing Toolkit\n* [modlishka](https://github.com/drk1wi/Modlishka) - Modlishka. Reverse Proxy. Phishing NG.\n* [phishery](https://github.com/ryhanson/phishery) - An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector\n\n\n## Command and Control\n\n* [chashell](https://github.com/sysdream/chashell) - Chashell is a Go reverse shell that communicates over DNS.\n* [chisel](https://github.com/jpillora/chisel) - Chisel is a fast TCP tunnel, transported over HTTP, secured via SSH.\n* [GoAT](https://github.com/petercunha/GoAT) - GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C\u0026C server\n* [gobot2](https://github.com/SaturnsVoid/GoBot2) - Second Version of The GoBot Botnet, But more advanced.\n* [goDoH](https://github.com/sensepost/goDoH) - A DNS-over-HTTPS Command \u0026 Control Proof of Concept.\n* [goredshell](https://github.com/ahhh/goredshell) -  A cross platform tool for verifying credentials and executing single commands\n* [hershell](https://github.com/lesnuages/hershell) - Multiplatform reverse shell generator.\n* [hideNsneak](https://github.com/rmikehodges/hideNsneak) - a CLI for ephemeral penetration testing\n* [keyserver](https://github.com/leoloobeek/keyserver) - Easily serve HTTP and DNS keys for proper payload protection.\n* [liberetto](https://github.com/apcera/libretto) - Libretto is a Golang library to create Virtual Machines (VMs) on any cloud and Virtual Machine hosting platforms such as AWS, Azure, OpenStack, vSphere, or VirtualBox.\n* [merlin](https://github.com/Ne0nd0g/merlin/) - Merlin is a cross-platform post-exploitation HTTP/2 Command \u0026 Control server and agent written in golang.\n* [shellz](https://github.com/evilsocket/shellz) - shellz is a small utility to track and control your ssh, telnet, web and custom shells and tunnels.\n* [squidshell](https://github.com/tomsteele/shellsquid) - A dynamic HTTP and DNS reverse proxy\n* [ratnet](https://github.com/awgh/ratnet) - Ratnet is a prototype anonymity network for mesh routing and embedded scenarios.\n* [Venom](https://github.com/Dliv3/Venom) - A Multi-hop Proxy for Penetration Testers Written in Go\n* [holepunch-client](https://github.com/function61/holepunch-client) - Totally self-contained SSH reverse tunnel written in Go\n* [Platypus](https://github.com/WangYihang/Platypus) - A modern multiple reverse shell sessions manager written in go\n* [GoMet](https://github.com/mimah/GoMet) - Multi-platform backdoor in Go. TCP forwarding, socks5, tunneling, shell, download, exec\n\n\n## Web Framework Hardening\n\n* [beego-security-headers](https://github.com/gosecguy/beego-security-headers) - Beego framework filter for easy security headers management.\n* [badactor](https://github.com/jaredfolkins/badactor) - An in-memory application driven jailer written in Go.\n* [goth](https://github.com/markbates/goth) - Provides a simple, clean, and idiomatic way to use OAuth and OAuth2. Handles multiple providers out of the box.\n* [hsts](https://github.com/StalkR/hsts) - Go HTTP Strict Transport Security library\n* [httpauth](https://github.com/goji/httpauth) - HTTP Authentication middleware.\n* [jwt](https://github.com/robbert229/jwt) - Clean and easy to use implementation of JSON Web Tokens (JWT).\n* [jwt](https://github.com/pascaldekloe/jwt) - Lightweight JSON Web Token (JWT) library.\n* [nosurf](https://github.com/justinas/nosurf) - CSRF protection middleware for Go.\n* [oauth2](https://github.com/golang/oauth2) - Successor of goauth2. Generic OAuth 2.0 package that comes with JWT, Google APIs, Compute Engine and App Engine support.\n* [osin](https://github.com/openshift/osin) - Golang OAuth2 server library.\n* [paseto](https://github.com/o1egl/paseto) - Platform-Agnostic Security Tokens implementation in GO (Golang)\n* [gorilla/csrf](https://github.com/gorilla/csrf) - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications \u0026 services.\n* [gorilla/securecookie](https://github.com/gorilla/securecookie) - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.\n* [secure](https://github.com/unrolled/secure) -  Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.\n\n\n## Web Application Testing\n\n* [gobuster](https://github.com/OJ/gobuster) - Directory/file \u0026 DNS busting tool written in Go.\n* [gofuzz](https://github.com/braaaax/gofuzz) - Aims to reproduce wfuzz's functionality and versatility. Based on gobuster.\n* [recursebuster](https://github.com/C-Sto/recursebuster) - Rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments\n* [url2img](https://github.com/gen2brain/url2img) - HTTP server with API for capturing screenshots of websites.\n* [madns](https://github.com/awgh/madns) - DNS server for pentesters.\n* [rescope](https://github.com/root4loot/rescope) - Parse scope definitions to Burp Suite / ZAP compatible formats for import\n* [Wuzz](https://github.com/asciimoo/wuzz) - Interactive cli tool for HTTP inspection.\n\n## Network Scanners\n\n* [amass](https://github.com/OWASP/Amass) - In-depth DNS Enumeration and Network Mapping\n* [bettercap](https://github.com/bettercap/bettercap) - The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.\n* [furious](https://github.com/liamg/furious) - Golang IP/port scanner with SYN (stealth) scanning and device manufacturer identification \n* [goddi](https://github.com/NetSPI/goddi) - goddi (go dump domain info) dumps Active Directory domain information\n* [nextnet](https://github.com/hdm/nextnet) - nextnet is a pivot point discovery tool written in Go.\n* [vulns](https://github.com/future-architect/vuls) - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go\n* [xray](https://github.com/evilsocket/xray) - XRay is a tool for recon, mapping and OSINT gathering from public networks.\n* [subjack](https://github.com/haccer/subjack) - Subdomain Takeover tool written in Go\n* [flightsim](https://github.com/alphasoc/flightsim) - A utility to generate malicious network traffic and evaluate controls\n* [Cameradar](https://github.com/Ullaakut/cameradar) - An scanner with RTSP stream access tool that comes with its library\n\n## Network Analysis\n\n* [netcap](https://github.com/dreadl0ck/netcap) - The Netcap (NETwork CAPture) framework efficiently converts a stream of network packets into highly accessible type-safe structured data that represent specific protocols or custom abstractions.\n* [goshark](https://github.com/sunwxg/goshark) - Package goshark use tshark to decode IP packet and create data struct to analyse packet.\n* [gosnmp](https://github.com/soniah/gosnmp) - Native Go library for performing SNMP actions.\n* [gopassivedns](https://github.com/Phillipmartin/gopassivedns) - PassiveDNS in Go.\n* [nfp](https://github.com/awgh/nfp) - Network Finger Printer\n\n\n## Exploit Development\n\n* [binjection](https://github.com/Binject/binjection) - Injects additional machine instructions into various binary formats.\n* [pwn](https://github.com/UlisseMini/pwn) - Pwntools for go!\n* [monkey](https://github.com/bouk/monkey) - Monkey patching in Go\n* [usercorn](https://github.com/lunixbochs/usercorn) - Dynamic binary analysis via platform emulation\n\n\n## Detection Engines\n\n* [fleet](https://github.com/kolide/fleet) - A flexible control server for osquery [fleets](https://kolide.com/fleet)\n* [go-yara](https://github.com/hillu/go-yara) - Go Bindings for [YARA](https://github.com/plusvic/yara), the \"pattern matching swiss knife for malware researchers (and everyone else)\".\n* [honeytrap](https://github.com/honeytrap/honeytrap) - Advanced Honeypot framework. \n* [malace](https://github.com/maliceio/malice) - VirusTotal Wanna Be - Now with 100% more Hipster\n* [sgt](https://github.com/OktaSecurityLabs/sgt) - Osquery Mangement Server\n* [osquery-go](https://github.com/kolide/osquery-go) - Go bindings for osquery\n\n\n## Chat Bots\n\n* [marvin](https://github.com/awgh/marvin) - IRC bot with Markov spew, answering machine, and mixed drink recipes.\n* [alfred](https://github.com/demisto/alfred) - A Slack bot to add security info to messages containing URLs, hashes and IPs.\n* [go-chat-bot](https://github.com/go-chat-bot/bot) - IRC, Slack \u0026 Telegram bot written in Go.\n* [flottbot](https://github.com/target/flottbot) - A chatbot framework written in Go. All configurations are made in YAML.\n* [gohubsbot](https://gitlab.com/rek2/gohubsbot) - A minimal bridge bot between Mozilla Hubs and the Matrix chat protocol\n\n## System Information\n\n* [goinfo](https://github.com/matishsiao/goInfo) - get os information use golang\n* [gopsutil](https://github.com/shirou/gopsutil) - psutil for golang\n\n\n## General Post Exploitation\n\n* [dlgs](https://github.com/gen2brain/dlgs) - Go cross-platform library for displaying dialogs and input boxes\n* [goreddeath](https://github.com/ahhh/GoRedDeath) - Experimenting with destructive file attacks in Go.\n* [goredloot](https://github.com/ahhh/GoRedLoot) - A tool to collect secrets (keys and passwords) and stage (compress and encrypt) them for exfiltration.\n* [goredspy](https://github.com/ahhh/GoRedSpy) - Post exploitation desktop screensho / user monitoring tool\n* [PandorasBox](https://github.com/Adversis/PandorasBox) - Security tool to quickly audit Public Box files and folders.\n\n\n## Windows Specific\n\n* [amsi](https://github.com/garethjensen/amsi) - Golang implementation of Microsoft Antimalware Scan Interface\n* [go-acl](https://github.com/hectane/go-acl) - Go library for manipulating ACLs on Windows.\n* [go-execute-assembly](https://github.com/lesnuages/go-execute-assembly) - Allow a Go process to dynamically load .NET assemblies.\n* [go-ole](https://github.com/go-ole/go-ole) - Go bindings for Windows COM using shared libraries instead of cgo.\n* [gosecretsdump](https://github.com/C-Sto/gosecretsdump) - Fast hash dumper for NTDS.dit files\n* [go-winio](https://github.com/Microsoft/go-winio) - This repository contains utilities for efficiently performing Win32 IO operations in Go.\n* [ldap](https://github.com/go-ldap/ldap) - Basic LDAP v3 functionality for the GO programming language.\n* [winrm](https://github.com/masterzen/winrm) - Command-line tool and library for Windows remote command execution in Go.\n* [wmi](https://github.com/StackExchange/wmi) - Package wmi provides a WQL interface to Windows WMI.\n* [taskmaster](https://github.com/capnspacehook/taskmaster) - Windows Task Scheduler Library for Go.\n* [gordp](https://github.com/Madnikulin50/gordp) - Rdp client on pure GoLang\n* [w32](https://github.com/JamesHovious/w32) - A wrapper of Windows APIs for Go\n* [goWMIExec](https://github.com/C-Sto/goWMIExec) - Pash the Hash,  execute a command on a target machine using WMI by providing an NTLM hash for the specified user.\n\n## MacOS Specific\n\n* [damage](https://github.com/itchio/damage) - A toolkit for creating and manipulating DMGs\n* [racoon](https://github.com/groob/racoon) - loop through a munki manifest and install everything\n\n\n## Linux Specific\n\n* [ftrace](https://github.com/evilsocket/ftrace) - Go library to trace Linux syscalls using the FTRACE kernel framework.\n* [netstat](https://github.com/drael/GOnetstat) - Netstat implementation in Go.\n* [opensnitch](https://github.com/evilsocket/opensnitch) - OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.\n* [passwd](https://github.com/willdonnelly/passwd) - A Go parser for the /etc/passwd file.\n\n## Container Specific\n\n* [kube-auto-analyzer](https://github.com/nccgroup/kube-auto-analyzer) - Kubernetes Auto Analyzer.\n* [amicontained](https://github.com/genuinetools/amicontained) - Container introspection tool.\n\n## Data Parsing\n\n* [cacador](https://github.com/sroberts/cacador) -  Indicator extractor of IOCs\n\n\n## Static Code Analysis\n\n* [go-callvis](https://github.com/TrueFurby/go-callvis) - go-callvis is a development tool to help visualize call graph of a Go program using interactive view.\n* [go-diff](https://github.com/sergi/go-diff) - Diff, match and patch text in Go\n* [gosec](https://github.com/securego/gosec) - Inspects source code for security problems by scanning the Go AST.\n* [gometalinter](https://github.com/alecthomas/gometalinter) - Concurrently run Go lint tools and normalise their output.\n\n\n## Assembly\n\n* [avo](https://github.com/mmcloughlin/avo) - Generate x86 Assembly with Go\n* [c2goasm](https://github.com/minio/c2goasm) - C to Go Assembly\n* [shellcode](https://github.com/Binject/shellcode) - Shellcode library as a Go package\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBinject%2Fawesome-go-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FBinject%2Fawesome-go-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FBinject%2Fawesome-go-security/lists"}