Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

cybersecurity-golang-security

An ongoing collection of Go tools and frameworks, software, libraries, learning tutorials, frameworks, academic and practical resources.
https://github.com/paulveillard/cybersecurity-golang-security

Last synced: 3 days ago
JSON representation

Packers / Obfuscators
- strobfus - String obfuscation
- Amber - Amber is a reflective PE packer for bypassing security products and mitigations.
- gscript - Framework to rapidly implement custom droppers for all three major operating systems
- gobfuscate - Obfuscate Go binaries and packages
- goupx - Fix golang compiled binaries on x86_64 so that they can be packed with UPX.
- stegify - Go tool for LSB steganography, capable of hiding any file within an image.
- obfs4 - Yawning Angel courtesy mirror of the obfourscator
Command and Control
- liberetto - Libretto is a Golang library to create Virtual Machines (VMs) on any cloud and Virtual Machine hosting platforms such as AWS, Azure, OpenStack, vSphere, or VirtualBox.
- GoMet - Multi-platform backdoor in Go. TCP forwarding, socks5, tunneling, shell, download, exec
- chashell - Chashell is a Go reverse shell that communicates over DNS.
- chisel - Chisel is a fast TCP tunnel, transported over HTTP, secured via SSH.
- GoAT - GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
- gobot2 - Second Version of The GoBot Botnet, But more advanced.
- goDoH - A DNS-over-HTTPS Command & Control Proof of Concept.
- goredshell - A cross platform tool for verifying credentials and executing single commands
- hershell - Multiplatform reverse shell generator.
- hideNsneak - a CLI for ephemeral penetration testing
- keyserver - Easily serve HTTP and DNS keys for proper payload protection.
- shellz - shellz is a small utility to track and control your ssh, telnet, web and custom shells and tunnels.
- squidshell - A dynamic HTTP and DNS reverse proxy
- holepunch-client - Totally self-contained SSH reverse tunnel written in Go
- Platypus - A modern multiple reverse shell sessions manager written in go
- ratnet - Ratnet is a prototype anonymity network for mesh routing and embedded scenarios.
- Venom - A Multi-hop Proxy for Penetration Testers Written in Go
Windows Specific
- amsi - Golang implementation of Microsoft Antimalware Scan Interface
- wmi - Package wmi provides a WQL interface to Windows WMI.
- taskmaster - Windows Task Scheduler Library for Go.
- gordp - Rdp client on pure GoLang
- w32 - A wrapper of Windows APIs for Go
- go-acl - Go library for manipulating ACLs on Windows.
- go-execute-assembly - Allow a Go process to dynamically load .NET assemblies.
- go-ole - Go bindings for Windows COM using shared libraries instead of cgo.
- gosecretsdump - Fast hash dumper for NTDS.dit files
- go-winio - This repository contains utilities for efficiently performing Win32 IO operations in Go.
- ldap - Basic LDAP v3 functionality for the GO programming language.
- winrm - Command-line tool and library for Windows remote command execution in Go.
- goWMIExec - Pash the Hash, execute a command on a target machine using WMI by providing an NTLM hash for the specified user.
Private Key Infrastructure
- CloudFlare SSL - CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates.
- acmetool - ACME (Let's Encrypt) client tool with automatic renewal.
- certigo - A utility to examine and validate certificates in a variety of formats
SSH
- ssh-vault - encrypt/decrypt using ssh keys.
- pam-ussh - uber's ssh certificate pam module.
Auth
- saml2aws - CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP
Encryption
- bencrypt - Encryption Abstraction Layer and Utilities.
- holeysocks - Cross-Platform Reverse Socks Proxy in Go.
- gokrb5 - Pure Go Kerberos library for clients and services.
- go-tunnel - TLS/SSL Tunnel - A modern STunnel replacement written in golang.
- memguard - A pure Go library for handling sensitive values in memory.
- nacl - Go implementation of the NaCL set of API's.
- passlib - Futureproof password hashing library.
- saltpack - Modern crypto messaging format.
- simple-scrypt - Scrypt package with a simple, obvious API and automatic cost calibration built-in.
- sio - Go implementation of the Data At Rest Encryption ([DARE](https://blog.minio.io/data-at-rest-encryption-done-right-7446c644ddb6)) format.
- hashid - Given a string determine the possible hashing algorithms used to produce that string.
- crunchy - Finds common flaws in passwords. Like cracklib
File Transfer
- dnd - A web based drag and drop file transfer tool for sending files across the internet.
- grab - Go package for managing file downloads.
- onionbox - Send and recieve files through TOR
- proxyd - proxyd proxies data between TCP, TLS, and unix sockets
Recon
- goca - Goca Scanner https://goca.io
Phishing
- evilginx2 - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication.
- gophish - Open-Source Phishing Toolkit
- modlishka - Modlishka. Reverse Proxy. Phishing NG.
- phishery - An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector
Web Framework Hardening
- beego-security-headers - Beego framework filter for easy security headers management.
- badactor - An in-memory application driven jailer written in Go.
- goth - Provides a simple, clean, and idiomatic way to use OAuth and OAuth2. Handles multiple providers out of the box.
- hsts - Go HTTP Strict Transport Security library
- httpauth - HTTP Authentication middleware.
- jwt - Clean and easy to use implementation of JSON Web Tokens (JWT).
- jwt - Lightweight JSON Web Token (JWT) library.
- nosurf - CSRF protection middleware for Go.
- oauth2 - Successor of goauth2. Generic OAuth 2.0 package that comes with JWT, Google APIs, Compute Engine and App Engine support.
- osin - Golang OAuth2 server library.
- paseto - Platform-Agnostic Security Tokens implementation in GO (Golang)
- gorilla/csrf - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
- gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
- secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.
Web Application Testing
- gobuster - Directory/file & DNS busting tool written in Go.
- gofuzz - Aims to reproduce wfuzz's functionality and versatility. Based on gobuster.
- recursebuster - Rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments
- url2img - HTTP server with API for capturing screenshots of websites.
- madns - DNS server for pentesters.
- rescope - Parse scope definitions to Burp Suite / ZAP compatible formats for import
- Wuzz - Interactive cli tool for HTTP inspection.
Network Scanners
- amass - In-depth DNS Enumeration and Network Mapping
- bettercap - The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.
- xray - XRay is a tool for recon, mapping and OSINT gathering from public networks.
- subjack - Subdomain Takeover tool written in Go
- flightsim - A utility to generate malicious network traffic and evaluate controls
- Cameradar - An scanner with RTSP stream access tool that comes with its library
- furious - Golang IP/port scanner with SYN (stealth) scanning and device manufacturer identification
- goddi - goddi (go dump domain info) dumps Active Directory domain information
- nextnet - nextnet is a pivot point discovery tool written in Go.
- vulns - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go
Network Analysis
- netcap - The Netcap (NETwork CAPture) framework efficiently converts a stream of network packets into highly accessible type-safe structured data that represent specific protocols or custom abstractions.
- goshark - Package goshark use tshark to decode IP packet and create data struct to analyse packet.
- gopassivedns - PassiveDNS in Go.
- nfp - Network Finger Printer
- gosnmp - Native Go library for performing SNMP actions.
Exploit Development
- binjection - Injects additional machine instructions into various binary formats.
- pwn - Pwntools for go!
- monkey - Monkey patching in Go
- usercorn - Dynamic binary analysis via platform emulation
Detection Engines
- fleet - A flexible control server for osquery [fleets](https://kolide.com/fleet)
- go-yara - Go Bindings for [YARA](https://github.com/plusvic/yara), the "pattern matching swiss knife for malware researchers (and everyone else)".
- honeytrap - Advanced Honeypot framework.
- malace - VirusTotal Wanna Be - Now with 100% more Hipster
- sgt - Osquery Mangement Server
Chat Bots
- marvin - IRC bot with Markov spew, answering machine, and mixed drink recipes.
- alfred - A Slack bot to add security info to messages containing URLs, hashes and IPs.
- go-chat-bot - IRC, Slack & Telegram bot written in Go.
- flottbot - A chatbot framework written in Go. All configurations are made in YAML.
- gohubsbot - A minimal bridge bot between Mozilla Hubs and the Matrix chat protocol
System Information
- goinfo - get os information use golang
- gopsutil - psutil for golang
General Post Exploitation
- dlgs - Go cross-platform library for displaying dialogs and input boxes
- goreddeath - Experimenting with destructive file attacks in Go.
- goredloot - A tool to collect secrets (keys and passwords) and stage (compress and encrypt) them for exfiltration.
- goredspy - Post exploitation desktop screensho / user monitoring tool
- PandorasBox - Security tool to quickly audit Public Box files and folders.
MacOS Specific
- damage - A toolkit for creating and manipulating DMGs
- racoon - loop through a munki manifest and install everything
Linux Specific
- ftrace - Go library to trace Linux syscalls using the FTRACE kernel framework.
- netstat - Netstat implementation in Go.
- opensnitch - OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.
- passwd - A Go parser for the /etc/passwd file.
Container Specific
- kube-auto-analyzer - Kubernetes Auto Analyzer.
- amicontained - Container introspection tool.
Data Parsing
- cacador - Indicator extractor of IOCs
Static Code Analysis
- go-diff - Diff, match and patch text in Go
- gosec - Inspects source code for security problems by scanning the Go AST.
- gometalinter - Concurrently run Go lint tools and normalise their output.
- go-callvis - go-callvis is a development tool to help visualize call graph of a Go program using interactive view.
Assembly
- avo - Generate x86 Assembly with Go
- c2goasm - C to Go Assembly
- shellcode - Shellcode library as a Go package

Programming Languages

Go 121 Python 2 HTML 1 Rust 1

Ecosyste.ms: Awesome

cybersecurity-golang-security

Packers / Obfuscators

Command and Control

Windows Specific

Private Key Infrastructure

SSH

Auth

Encryption

File Transfer

Recon

Phishing

Web Framework Hardening

Web Application Testing

Network Scanners

Network Analysis

Exploit Development

Detection Engines

Chat Bots

System Information

General Post Exploitation

MacOS Specific

Linux Specific

Container Specific

Data Parsing

Static Code Analysis

Assembly