Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

cybersecurity-golang-security

An ongoing collection of Go tools and frameworks, software, libraries, learning tutorials, frameworks, academic and practical resources.
https://github.com/paulveillard/cybersecurity-golang-security

Last synced: 4 days ago
JSON representation

  • Packers / Obfuscators

    • strobfus - String obfuscation
    • Amber - Amber is a reflective PE packer for bypassing security products and mitigations.
    • gscript - Framework to rapidly implement custom droppers for all three major operating systems
    • gobfuscate - Obfuscate Go binaries and packages
    • goupx - Fix golang compiled binaries on x86_64 so that they can be packed with UPX.
    • stegify - Go tool for LSB steganography, capable of hiding any file within an image.
    • obfs4 - Yawning Angel courtesy mirror of the obfourscator
  • Command and Control

    • liberetto - Libretto is a Golang library to create Virtual Machines (VMs) on any cloud and Virtual Machine hosting platforms such as AWS, Azure, OpenStack, vSphere, or VirtualBox.
    • GoMet - Multi-platform backdoor in Go. TCP forwarding, socks5, tunneling, shell, download, exec
    • chashell - Chashell is a Go reverse shell that communicates over DNS.
    • chisel - Chisel is a fast TCP tunnel, transported over HTTP, secured via SSH.
    • GoAT - GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
    • gobot2 - Second Version of The GoBot Botnet, But more advanced.
    • goDoH - A DNS-over-HTTPS Command & Control Proof of Concept.
    • goredshell - A cross platform tool for verifying credentials and executing single commands
    • hershell - Multiplatform reverse shell generator.
    • hideNsneak - a CLI for ephemeral penetration testing
    • keyserver - Easily serve HTTP and DNS keys for proper payload protection.
    • shellz - shellz is a small utility to track and control your ssh, telnet, web and custom shells and tunnels.
    • squidshell - A dynamic HTTP and DNS reverse proxy
    • holepunch-client - Totally self-contained SSH reverse tunnel written in Go
    • Platypus - A modern multiple reverse shell sessions manager written in go
    • ratnet - Ratnet is a prototype anonymity network for mesh routing and embedded scenarios.
    • Venom - A Multi-hop Proxy for Penetration Testers Written in Go
    • merlin - Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
  • Windows Specific

    • amsi - Golang implementation of Microsoft Antimalware Scan Interface
    • wmi - Package wmi provides a WQL interface to Windows WMI.
    • taskmaster - Windows Task Scheduler Library for Go.
    • gordp - Rdp client on pure GoLang
    • w32 - A wrapper of Windows APIs for Go
    • go-acl - Go library for manipulating ACLs on Windows.
    • go-execute-assembly - Allow a Go process to dynamically load .NET assemblies.
    • go-ole - Go bindings for Windows COM using shared libraries instead of cgo.
    • gosecretsdump - Fast hash dumper for NTDS.dit files
    • go-winio - This repository contains utilities for efficiently performing Win32 IO operations in Go.
    • ldap - Basic LDAP v3 functionality for the GO programming language.
    • winrm - Command-line tool and library for Windows remote command execution in Go.
    • goWMIExec - Pash the Hash, execute a command on a target machine using WMI by providing an NTLM hash for the specified user.
  • Private Key Infrastructure

    • CloudFlare SSL - CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates.
    • certigo - A utility to examine and validate certificates in a variety of formats
    • acmetool - ACME (Let's Encrypt) client tool with automatic renewal.
  • SSH

    • ssh-vault - encrypt/decrypt using ssh keys.
    • pam-ussh - uber's ssh certificate pam module.
  • Auth

    • saml2aws - CLI tool which enables you to login and retrieve AWS temporary credentials using a SAML IDP
  • Encryption

    • bencrypt - Encryption Abstraction Layer and Utilities.
    • holeysocks - Cross-Platform Reverse Socks Proxy in Go.
    • gokrb5 - Pure Go Kerberos library for clients and services.
    • go-tunnel - TLS/SSL Tunnel - A modern STunnel replacement written in golang.
    • memguard - A pure Go library for handling sensitive values in memory.
    • nacl - Go implementation of the NaCL set of API's.
    • passlib - Futureproof password hashing library.
    • saltpack - Modern crypto messaging format.
    • simple-scrypt - Scrypt package with a simple, obvious API and automatic cost calibration built-in.
    • sio - Go implementation of the Data At Rest Encryption ([DARE](https://blog.minio.io/data-at-rest-encryption-done-right-7446c644ddb6)) format.
    • hashid - Given a string determine the possible hashing algorithms used to produce that string.
    • crunchy - Finds common flaws in passwords. Like cracklib
  • File Transfer

    • dnd - A web based drag and drop file transfer tool for sending files across the internet.
    • onionbox - Send and recieve files through TOR
    • proxyd - proxyd proxies data between TCP, TLS, and unix sockets
    • grab - Go package for managing file downloads.
  • Recon

    • goca - Goca Scanner https://goca.io
  • Phishing

    • evilginx2 - Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication.
    • gophish - Open-Source Phishing Toolkit
    • modlishka - Modlishka. Reverse Proxy. Phishing NG.
    • phishery - An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector
  • Web Framework Hardening

    • beego-security-headers - Beego framework filter for easy security headers management.
    • badactor - An in-memory application driven jailer written in Go.
    • goth - Provides a simple, clean, and idiomatic way to use OAuth and OAuth2. Handles multiple providers out of the box.
    • hsts - Go HTTP Strict Transport Security library
    • httpauth - HTTP Authentication middleware.
    • jwt - Clean and easy to use implementation of JSON Web Tokens (JWT).
    • jwt - Lightweight JSON Web Token (JWT) library.
    • nosurf - CSRF protection middleware for Go.
    • oauth2 - Successor of goauth2. Generic OAuth 2.0 package that comes with JWT, Google APIs, Compute Engine and App Engine support.
    • osin - Golang OAuth2 server library.
    • paseto - Platform-Agnostic Security Tokens implementation in GO (Golang)
    • gorilla/csrf - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
    • gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
    • secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.
  • Web Application Testing

    • gobuster - Directory/file & DNS busting tool written in Go.
    • gofuzz - Aims to reproduce wfuzz's functionality and versatility. Based on gobuster.
    • recursebuster - Rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments
    • url2img - HTTP server with API for capturing screenshots of websites.
    • madns - DNS server for pentesters.
    • rescope - Parse scope definitions to Burp Suite / ZAP compatible formats for import
    • Wuzz - Interactive cli tool for HTTP inspection.
  • Network Scanners

    • bettercap - The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.
    • xray - XRay is a tool for recon, mapping and OSINT gathering from public networks.
    • subjack - Subdomain Takeover tool written in Go
    • flightsim - A utility to generate malicious network traffic and evaluate controls
    • Cameradar - An scanner with RTSP stream access tool that comes with its library
    • furious - Golang IP/port scanner with SYN (stealth) scanning and device manufacturer identification
    • goddi - goddi (go dump domain info) dumps Active Directory domain information
    • nextnet - nextnet is a pivot point discovery tool written in Go.
    • vulns - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go
    • amass - In-depth DNS Enumeration and Network Mapping
  • Network Analysis

    • netcap - The Netcap (NETwork CAPture) framework efficiently converts a stream of network packets into highly accessible type-safe structured data that represent specific protocols or custom abstractions.
    • goshark - Package goshark use tshark to decode IP packet and create data struct to analyse packet.
    • gopassivedns - PassiveDNS in Go.
    • nfp - Network Finger Printer
  • Exploit Development

    • binjection - Injects additional machine instructions into various binary formats.
    • pwn - Pwntools for go!
    • monkey - Monkey patching in Go
    • usercorn - Dynamic binary analysis via platform emulation
  • Detection Engines

    • fleet - A flexible control server for osquery [fleets](https://kolide.com/fleet)
    • go-yara - Go Bindings for [YARA](https://github.com/plusvic/yara), the "pattern matching swiss knife for malware researchers (and everyone else)".
    • honeytrap - Advanced Honeypot framework.
    • malace - VirusTotal Wanna Be - Now with 100% more Hipster
    • sgt - Osquery Mangement Server
  • Chat Bots

    • marvin - IRC bot with Markov spew, answering machine, and mixed drink recipes.
    • alfred - A Slack bot to add security info to messages containing URLs, hashes and IPs.
    • go-chat-bot - IRC, Slack & Telegram bot written in Go.
    • flottbot - A chatbot framework written in Go. All configurations are made in YAML.
    • gohubsbot - A minimal bridge bot between Mozilla Hubs and the Matrix chat protocol
  • System Information

  • General Post Exploitation

    • dlgs - Go cross-platform library for displaying dialogs and input boxes
    • goreddeath - Experimenting with destructive file attacks in Go.
    • goredloot - A tool to collect secrets (keys and passwords) and stage (compress and encrypt) them for exfiltration.
    • goredspy - Post exploitation desktop screensho / user monitoring tool
    • PandorasBox - Security tool to quickly audit Public Box files and folders.
  • MacOS Specific

    • damage - A toolkit for creating and manipulating DMGs
    • racoon - loop through a munki manifest and install everything
  • Linux Specific

    • ftrace - Go library to trace Linux syscalls using the FTRACE kernel framework.
    • netstat - Netstat implementation in Go.
    • opensnitch - OpenSnitch is a GNU/Linux port of the Little Snitch application firewall.
    • passwd - A Go parser for the /etc/passwd file.
  • Container Specific

  • Data Parsing

    • cacador - Indicator extractor of IOCs
  • Static Code Analysis

    • go-diff - Diff, match and patch text in Go
    • gosec - Inspects source code for security problems by scanning the Go AST.
    • gometalinter - Concurrently run Go lint tools and normalise their output.
  • Assembly

    • avo - Generate x86 Assembly with Go
    • c2goasm - C to Go Assembly
    • shellcode - Shellcode library as a Go package