Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
cybersecurity-golang-security
An ongoing collection of Go tools and frameworks, software, libraries, learning tutorials, frameworks, academic and practical resources.
https://github.com/paulveillard/cybersecurity-golang-security
Last synced: about 8 hours ago
JSON representation
-
Packers / Obfuscators
- strobfus - String obfuscation
- Amber - Amber is a reflective PE packer for bypassing security products and mitigations.
- gscript - Framework to rapidly implement custom droppers for all three major operating systems
- gobfuscate - Obfuscate Go binaries and packages
- goupx - Fix golang compiled binaries on x86_64 so that they can be packed with UPX.
- stegify - Go tool for LSB steganography, capable of hiding any file within an image.
- obfs4 - Yawning Angel courtesy mirror of the obfourscator
-
Command and Control
- liberetto - Libretto is a Golang library to create Virtual Machines (VMs) on any cloud and Virtual Machine hosting platforms such as AWS, Azure, OpenStack, vSphere, or VirtualBox.
- GoMet - Multi-platform backdoor in Go. TCP forwarding, socks5, tunneling, shell, download, exec
- chashell - Chashell is a Go reverse shell that communicates over DNS.
- chisel - Chisel is a fast TCP tunnel, transported over HTTP, secured via SSH.
- GoAT - GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
- gobot2 - Second Version of The GoBot Botnet, But more advanced.
- goDoH - A DNS-over-HTTPS Command & Control Proof of Concept.
- goredshell - A cross platform tool for verifying credentials and executing single commands
- hershell - Multiplatform reverse shell generator.
- hideNsneak - a CLI for ephemeral penetration testing
- keyserver - Easily serve HTTP and DNS keys for proper payload protection.
- shellz - shellz is a small utility to track and control your ssh, telnet, web and custom shells and tunnels.
- squidshell - A dynamic HTTP and DNS reverse proxy
- holepunch-client - Totally self-contained SSH reverse tunnel written in Go
- Platypus - A modern multiple reverse shell sessions manager written in go
- ratnet - Ratnet is a prototype anonymity network for mesh routing and embedded scenarios.
- Venom - A Multi-hop Proxy for Penetration Testers Written in Go
-
Windows Specific
- amsi - Golang implementation of Microsoft Antimalware Scan Interface
- wmi - Package wmi provides a WQL interface to Windows WMI.
- taskmaster - Windows Task Scheduler Library for Go.
- gordp - Rdp client on pure GoLang
- w32 - A wrapper of Windows APIs for Go
- go-acl - Go library for manipulating ACLs on Windows.
- go-execute-assembly - Allow a Go process to dynamically load .NET assemblies.
- go-ole - Go bindings for Windows COM using shared libraries instead of cgo.
- gosecretsdump - Fast hash dumper for NTDS.dit files
- go-winio - This repository contains utilities for efficiently performing Win32 IO operations in Go.
- ldap - Basic LDAP v3 functionality for the GO programming language.
- winrm - Command-line tool and library for Windows remote command execution in Go.
- goWMIExec - Pash the Hash, execute a command on a target machine using WMI by providing an NTLM hash for the specified user.
-
Private Key Infrastructure
- CloudFlare SSL - CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates.
- certigo - A utility to examine and validate certificates in a variety of formats
-
SSH
-
Auth
- saml2aws - CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP
-
Encryption
- bencrypt - Encryption Abstraction Layer and Utilities.
- holeysocks - Cross-Platform Reverse Socks Proxy in Go.
- gokrb5 - Pure Go Kerberos library for clients and services.
- go-tunnel - TLS/SSL Tunnel - A modern STunnel replacement written in golang.
- memguard - A pure Go library for handling sensitive values in memory.
- nacl - Go implementation of the NaCL set of API's.
- passlib - Futureproof password hashing library.
- saltpack - Modern crypto messaging format.
- simple-scrypt - Scrypt package with a simple, obvious API and automatic cost calibration built-in.
- sio - Go implementation of the Data At Rest Encryption ([DARE](https://blog.minio.io/data-at-rest-encryption-done-right-7446c644ddb6)) format.
- hashid - Given a string determine the possible hashing algorithms used to produce that string.
- crunchy - Finds common flaws in passwords. Like cracklib
-
File Transfer
-
Recon
- goca - Goca Scanner https://goca.io
-
Phishing
- evilginx2 - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication.
- gophish - Open-Source Phishing Toolkit
- modlishka - Modlishka. Reverse Proxy. Phishing NG.
- phishery - An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector
-
Web Framework Hardening
- beego-security-headers - Beego framework filter for easy security headers management.
- badactor - An in-memory application driven jailer written in Go.
- goth - Provides a simple, clean, and idiomatic way to use OAuth and OAuth2. Handles multiple providers out of the box.
- hsts - Go HTTP Strict Transport Security library
- httpauth - HTTP Authentication middleware.
- jwt - Clean and easy to use implementation of JSON Web Tokens (JWT).
- jwt - Lightweight JSON Web Token (JWT) library.
- nosurf - CSRF protection middleware for Go.
- oauth2 - Successor of goauth2. Generic OAuth 2.0 package that comes with JWT, Google APIs, Compute Engine and App Engine support.
- osin - Golang OAuth2 server library.
- paseto - Platform-Agnostic Security Tokens implementation in GO (Golang)
- gorilla/csrf - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
- gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
- secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.
-
Web Application Testing
- gobuster - Directory/file & DNS busting tool written in Go.
- gofuzz - Aims to reproduce wfuzz's functionality and versatility. Based on gobuster.
- recursebuster - Rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments
- url2img - HTTP server with API for capturing screenshots of websites.
- madns - DNS server for pentesters.
- rescope - Parse scope definitions to Burp Suite / ZAP compatible formats for import
- Wuzz - Interactive cli tool for HTTP inspection.
-
Network Scanners
- bettercap - The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.
- xray - XRay is a tool for recon, mapping and OSINT gathering from public networks.
- subjack - Subdomain Takeover tool written in Go
- flightsim - A utility to generate malicious network traffic and evaluate controls
- Cameradar - An scanner with RTSP stream access tool that comes with its library
- furious - Golang IP/port scanner with SYN (stealth) scanning and device manufacturer identification
- goddi - goddi (go dump domain info) dumps Active Directory domain information
- nextnet - nextnet is a pivot point discovery tool written in Go.
- vulns - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go
- amass - In-depth DNS Enumeration and Network Mapping
-
Network Analysis
- netcap - The Netcap (NETwork CAPture) framework efficiently converts a stream of network packets into highly accessible type-safe structured data that represent specific protocols or custom abstractions.
- goshark - Package goshark use tshark to decode IP packet and create data struct to analyse packet.
- gopassivedns - PassiveDNS in Go.
- nfp - Network Finger Printer
- gosnmp - Native Go library for performing SNMP actions.
-
Exploit Development
- binjection - Injects additional machine instructions into various binary formats.
- pwn - Pwntools for go!
- monkey - Monkey patching in Go
- usercorn - Dynamic binary analysis via platform emulation
-
Detection Engines
- fleet - A flexible control server for osquery [fleets](https://kolide.com/fleet)
- go-yara - Go Bindings for [YARA](https://github.com/plusvic/yara), the "pattern matching swiss knife for malware researchers (and everyone else)".
- honeytrap - Advanced Honeypot framework.
- malace - VirusTotal Wanna Be - Now with 100% more Hipster
- sgt - Osquery Mangement Server
-
Chat Bots
- marvin - IRC bot with Markov spew, answering machine, and mixed drink recipes.
- alfred - A Slack bot to add security info to messages containing URLs, hashes and IPs.
- go-chat-bot - IRC, Slack & Telegram bot written in Go.
- flottbot - A chatbot framework written in Go. All configurations are made in YAML.
- gohubsbot - A minimal bridge bot between Mozilla Hubs and the Matrix chat protocol
-
System Information
-
General Post Exploitation
- dlgs - Go cross-platform library for displaying dialogs and input boxes
- goreddeath - Experimenting with destructive file attacks in Go.
- goredloot - A tool to collect secrets (keys and passwords) and stage (compress and encrypt) them for exfiltration.
- goredspy - Post exploitation desktop screensho / user monitoring tool
- PandorasBox - Security tool to quickly audit Public Box files and folders.
-
MacOS Specific
-
Linux Specific
- ftrace - Go library to trace Linux syscalls using the FTRACE kernel framework.
- netstat - Netstat implementation in Go.
- opensnitch - OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.
- passwd - A Go parser for the /etc/passwd file.
-
Container Specific
- kube-auto-analyzer - Kubernetes Auto Analyzer.
- amicontained - Container introspection tool.
-
Data Parsing
- cacador - Indicator extractor of IOCs
-
Static Code Analysis
- go-diff - Diff, match and patch text in Go
- gosec - Inspects source code for security problems by scanning the Go AST.
- gometalinter - Concurrently run Go lint tools and normalise their output.
- go-callvis - go-callvis is a development tool to help visualize call graph of a Go program using interactive view.
-
Assembly
Categories
Command and Control
17
Web Framework Hardening
14
Windows Specific
13
Encryption
12
Network Scanners
10
Packers / Obfuscators
7
Web Application Testing
7
General Post Exploitation
5
Detection Engines
5
Chat Bots
5
Network Analysis
5
Linux Specific
4
Phishing
4
Exploit Development
4
Static Code Analysis
4
Assembly
3
File Transfer
3
Container Specific
2
Private Key Infrastructure
2
License
2
System Information
2
SSH
2
MacOS Specific
2
Recon
1
Data Parsing
1
Auth
1
Sub Categories
Keywords
golang
36
security
27
go
25
security-tools
7
infosec
7
pentesting
6
ssh
4
malware
4
cli
4
linux
4
windows
4
redteam
4
hacking
3
bugbounty
3
middleware
3
reverse-shell
3
monitoring
3
proxy
3
assembly
2
tunnel
2
http
2
penetration-testing
2
dfir
2
crypto
2
docker
2
bot
2
network
2
password
2
ctf
2
ed25519
2
encryption
2
dns
2
osint
2
security-automation
2
pentest
2
gorilla
2
gorilla-web-toolkit
2
slack
2
socks5
2
csrf
2
cybersecurity
2
phishing
2
jwt
2
mitm
2
kubernetes
2
ssh-tunnel
2
c2
1
virus
1
command-and-control
1
dns-over-https
1