Open Source Go Security Software
Sort By:
Go Security Software
View 5722 business solutionsBrowse free open source Go Security Software and projects below. Use the toggles on the left to filter open source Go Security Software by OS, license, language, programming language, and project status.
-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
G-P - Global EOR SolutionWith G-P's industry-leading Employer of Record (EOR) and Contractor solutions, you can hire, onboard and manage teams in 180+ countries — quickly and compliantly — without setting up entities.
-
1
mkcert
Zero-config tool to make locally trusted development certificates
mkcert is a simple tool for making locally-trusted development certificates. It requires no configuration. Using certificates from real certificate authorities (CAs) for development can be dangerous or impossible (for hosts like example.test, localhost or 127.0.0.1), but self-signed certificates cause trust errors. Managing your own CA is the best solution, but usually involves arcane commands, specialized knowledge and manual steps. mkcert automatically creates and installs a local CA in the system root store, and generates locally-trusted certificates. mkcert does not automatically configure servers to use the certificates, though, that's up to you. The CA certificate and its key are stored in an application data folder in the user's home. You usually don't have to worry about it, as the installation is automated, but the location is printed by mkcert -CAROOT. -
2
Gobuster
Directory/File, DNS and VHost busting tool written in Go
Gobuster is a tool used to brute-force. This project is born out of the necessity to have something that didn't have a fat Java GUI (console FTW), something that did not do recursive brute force, something that allowed me to brute force folders and multiple extensions at once, something that compiled to native on multiple platforms, something that was faster than an interpreted script (such as Python), and something that didn't require a runtime. Provides several modes, like the classic directory brute-forcing mode, DNS subdomain brute-forcing mode, the mode that enumerates open S3 buckets and looks for existence and bucket listings, and the virtual host brute-forcing mode (not the same as DNS!). Since this tool is written in Go you need to install the Go language/compiler/etc. Full details of installation and set up can be found on the Go language website. Once installed you have two options. You need at least go 1.16.0 to compile gobuster. -
3
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks. -
4
hydra
Cloud native, security-first, API security for your infrastructure
Secure access to your applications and APIs, and authenticate third party users. Ory / Hydra is Open Source and OpenID Connect Certified® technology that integrates with any login system. Get started in minutes, and provide secure access to your application and API endpoints. Ory / Hydra works with any login system and only a few lines of code are required. Ory / Hydra is written in Go and we provide SDKs for every language. We work with any login system and it is easy to customize the login experience. Our documentation makes integrating Ory / Hydra a snap. The Ory Community stands on the shoulders of individuals, companies, and maintainers. We thank everyone involved, from submitting bug reports and feature requests, to contributing patches, to sponsoring our work. -
Nonprofit Budgeting SoftwareMartus' collaborative and easy-to-use budgeting and reporting platform will save you hundreds of hours each year. It's designed to make the entire budgeting process easier and create unlimited financial transparency.
-
5
Portmaster
Block Mass Surveillance
Portmaster is a free and open-source application firewall that does the heavy lifting for you. Restore privacy and take back control over all your computer's network activity. Discover everything that is happening on your computer. Expose every connection your applications make and detect evil ones. Finally, get the power to act accordingly. Protect your whole computer, not just your browser. Block all advertisements and trackers for every application. Easily add your own rules and block individual domains. Make your own rules. Completely cut off applications from the Internet. Or block all p2p connections except for certain apps. Or never connect to specific countries. Portmaster has you covered. Portmaster is not only very powerful, but is also free & open source. -
6
nuclei
Fast and customizable vulnerability scanner based on simple YAML
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. We have a dedicated repository that houses various type of vulnerability templates contributed by more than 300 security researchers and engineers. Nuclei has built-in support for automatic template download/update as default since version v2.5.2. Nuclei-Templates project provides a community-contributed list of ready-to-use templates that is constantly updated. You may still use the update-templates flag to update the nuclei templates at any time; You can write your own checks for your individual workflow and needs following Nuclei's templating guide. -
7
gost
GO Simple Tunnel, a simple tunnel written in golang
A simple security tunnel written in Golang. Listening on multiple ports, multi-level forward proxies - proxy chain, standard HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5 proxy protocols support. Probing resistance support for web proxy, TLS encryption via negotiation support for SOCKS5 proxy. Support multiple tunnel types, tunnel UDP over TCP. Local/remote TCP/UDP port forwarding, TCP/UDP Transparent proxy, Shadowsocks Protocol (TCP/UDP), and SNI Proxy. Permission control, load balancing, route control, DNS resolver and proxy, and TUN/TAP Device. In GOST, GOST and other proxy services are considered as proxy nodes, GOST can handle the requests itself, or forward the requests to any one or more proxy nodes. In addition to configuring services directly from the command line, parameters can also be set by specifying the external configuration file with the -C parameter. -
8
Syncthing
Open Source Continuous File Synchronization
Syncthing is an open source continuous file synchronization program, which essentially works by synchronizing files between two or more computers in real time. Syncthing is designed to first and foremost keep users’ data safe and protected against data loss and against attackers who would unlawfully try and access this data. It doesn’t store data anywhere else except on your computers and uses encryption to secure all your data. It is very easy to use, cross-platform and automatic. As such, it is very user-friendly and ideal for all users looking for a secure and easy-to-use file synchronization solution. Syncthing supports file versioning, relaying, ignoring files and many more. Different configurations offer different options to suit users’ specific requirements. -
9
Vuls
Agentless vulnerability scanner for Linux/FreeBSD
Vuls is open-source, agent-less vulnerability scanner based on information from NVD, OVAL, etc. Vuls uses multiple vulnerability databases NVD, JVN, OVAL, RHSA/ALAS/ELSA/FreeBSD-SA and Changelog. Vuls v0.5.0 now possible to detect vulnerabilities that patches have not been published from distributors. Remote scan mode is required to only setup one machine that is connected to other scan target servers via SSH. If you don't want the central Vuls server to connect to each server by SSH, you can use Vuls in the Local Scan mode. Fast scan mode scans without root privilege, no internet access, almost no load on the scan target server. Deep scan mode scans in more detail. It is possible to acquire the state of the server executing some commands. Vuls v0.5.0 warns not-restarting-processes which updated before but not restarting yet. And detect processes affecting software update in advance. -
GWI: On-demand Consumer ResearchNeed easy access to consumer insights? Our intuitive platform is the answer. Get the ultra-reliable research that brands and agencies need to stay ahead of changing consumer behavior.
-
10
kubelogin
kubectl plugin for Kubernetes OpenID Connect authentication
Kubelogin is designed to run as a client-go credential plugin. When you run kubectl, kubelogin opens the browser and you can log in to the provider. Then kubelogin gets a token from the provider and kubectl accesses Kubernetes APIs with the token. If you install via GitHub releases, you need to put the kubelogin binary on your path under the name kubectl-oidc_login so that the kubectl plugin mechanism can find it when you invoke kubectl oidc-login. The other install methods do this for you. If the cached ID token is valid, kubelogin just returns it. If the cached ID token has expired, kubelogin will refresh the token using the refresh token. If the refresh token has expired, kubelogin will perform re-authentication (you will have to login via browser again). -
11
syft
CLI tool and library for generating a Software Bill of Materials
CLI tool and library for generating a Software Bill of Materials from container images and filesystems. syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype. Generates SBOMs for container images, filesystems, archives, and more to discover packages and libraries. Supports OCI, Docker and Singularity image formats. Linux distribution identification. Works seamlessly with Grype (a fast, modern vulnerability scanner). Able to create signed SBOM attestations using the in-toto specification. Convert between SBOM formats, such as CycloneDX, SPDX, and Syft's own format. -
12
emp3r0r
Linux/Windows post-exploitation framework made by linux user
A post-exploitation framework for Linux/Windows. Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas. So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it. -
13
gopass
The slightly more awesome standard unix password manager for teams
gopass is a simple but powerful password manager for your terminal. Manage your credentials with ease. In a globally distributed team, on multiple devices or fully offline on an air-gapped machine. By default your credentials are encrypted with GPG and versioned in git. This can be customized easily. The primary interface is the command line, making it an excellent choice for CLI fans, CI/CD systems or anything you can hook it up with. Gopass can also integrate with your browser so you can largely avoid the command line - if you want. gopass can operate without any dependencies but most users will use it with gpg and git. An external editor is required to use gopass edit. The same user experience on Linux, MacOS, *BSD or Windows. Built from our experience working in distributed development teams. -
14
HackBrowserData
Decrypt passwords/cookies/history/bookmarks from the browser
HackBrowserData is an open-source tool that could help you decrypt data ( password|bookmark|cookie|history|credit card|download|localStorage|extension ) from the browser. It supports the most popular browsers on the market and runs on Windows, macOS and Linux. This tool is limited to security research only, and the user assumes all legal and related responsibilities arising from its use! The author assumes no legal responsibility! Installation of HackBrowserData is dead-simple, just download the release for your system and run the binary. -
15
sbctl
Secure Boot key manager
sbctl intends to be a user-friendly secure boot key manager capable of setting up secure boot, offering key management capabilities, and keeping track of files that need to be signed in the boot chain. It is written top-to-bottom in Golang using go-uefi for the API layer and doesn't rely on existing secure boot tooling. It also tries to sport some integration testing towards tianocore utilizing vmtest. -
16
K9s
Kubernetes CLI To Manage Your Clusters In Style!
K9s is a terminal based UI to interact with your Kubernetes clusters. The aim of this project is to make it easier to navigate, observe and manage your deployed applications in the wild. K9s continually watches Kubernetes for changes and offers subsequent commands to interact with your observed resources. Provides standard cluster management commands such as logs, scaling, port-forwards, restarts. Define your own command shortcuts for quick navigation via command aliases and hotkeys. Plugin support to extend K9s to create your very own cluster commands. Powerful filtering mode to allow user to drill down and view workload related resources. Supports for viewing RBAC rules such as cluster/roles and their associated bindings. Reverse lookup to asserts what a user/group or ServiceAccount can do on your clusters. You can benchmark your HTTP services/pods directly from K9s to see how your application fare and adjust your resources request/limit accordingly. -
17
OWASP Amass
In-depth attack surface mapping and asset discovery
The OWASP Amass Project has developed a tool to help information security professionals perform network mapping of attack surfaces and perform external asset discovery using open source information gathering and active reconnaissance techniques. The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects ,tools, documents, forums, and chapters are free and open to anyone interested in improving application security. The volume argument allows the Amass graph database to persist between executions and output files to be accessed on the host system. The first field (left of the colon) of the volume option is the amass output directory that is external to Docker, while the second field is the path, internal to Docker, where amass will write the output files. -
18
Brook
Brook is a cross-platform strong encryption and not detectable proxy
Brook is a cross-platform strong encryption and not detectable proxy. Brook's goal is to keep it simple, stupid and not detectable. You can run commands after entering the command-line interface. Usually, everyone uses the command line interface on Linux servers. Of course, Linux also has desktops that can also run GUI. Of course, macOS and Windows also have command-line interfaces, but you may not use them frequently. Usually, the applications opened by double-clicking/clicking on macOS/Windows/iOS/Android are all GUIs. Usually, if you use Brook, you will need a combination of Server and Client, Of course Brook CLI also has many other independent functions. The Brook CLI file is an independent command file, it can be said that there is no concept of installation, just download this file to your computer, run it after granting it executable permissions in the command line interface. -
19
Infra
Infra provides authentication and access management to servers
Infra provides authentication and access management to servers and Kubernetes clusters. Infra generates short-lived credentials based on identity, replacing the need for passwords and other shared secrets. Infra brings authentication and access control to servers, clusters, and databases. All credentials are created dynamically after verifying a user or machine's identity. No more shared access. Unique credentials are created for each device, user or application. Credentials generated by Infra can be configured to expire after a short period of time. Authenticate from headless server environments, desktops, and automation tools. Credentials can be revoked at any time, cutting access in the event where a device is compromised. -
20
Lantern
Tool to access videos, messaging, and other popular apps
Can't access your favorite apps? Download Lantern to easily access videos, messaging, and other popular apps while at school or work. Lantern is an application that allows you to bypass firewalls to use your favorite applications and access your favorite websites. Lantern does not cooperate with any law enforcement in any country. Lantern encrypts all of your traffic to blocked sites and services to protect your data and privacy. Lantern passed multiple third party white box security audits to ensure security of our code. Lantern is easy to use, just download and install to start streaming, browsing and using apps, no configuration required. No installation, no registration, no registration, no configuration, just click and go! All you have to do is install it and hit the POWER button! Don't wait forever for your applications to load or the website to appear in your browser. Connect with Lantern and get there fast! -
21
MOSINT
An automated e-mail OSINT tool
MOSINT is the fastest OSINT Tool for emails. It helps you gather information about the target email. Email validation, check social accounts, check data breaches and password leaks, finding related emails and domains, scan Pastebin Dumps. Google Search and DNS Lookup. -
22
fleet
Open-source platform for IT, security, and infrastructure teams
Fleet exposes familiar concepts from traditional MDMs like custom attributes and dynamic grouping, but in a way that lets you work directly with data and events from each native operating system. A device management platform for managing and monitoring endpoints, specifically designed for IT security and compliance teams. -
23
NPS
Lightweight, high-performance, powerful intranet penetration proxy
NPS is a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal. Comprehensive protocol support, compatible with almost all commonly used protocols, such as tcp, udp, http(s), socks5, p2p, http proxy. Full platform compatibility (linux, windows, macos, Synology, etc.), support installation as a system service simply. Comprehensive control, both client and server control are allowed. Https integration, support to convert backend proxy and web services to https, and support multiple certificates. Just simple configuration on web ui can complete most requirements. Complete information display, such as traffic, system information, real-time bandwidth, client version, etc. Powerful extension functions, everything is available (cache, compression, encryption, traffic limit, bandwidth limit, port reuse, etc.) Domain name resolution has functions such as custom headers, 404 page configuration, host modification, etc. -
24
Ligolo-ng
An advanced, yet simple, tunneling/pivoting tool
Ligolo-ng is a simple, lightweight and fast tool that allows pentesters to establish tunnels from a reverse TCP/TLS connection using a tun interface (without the need of SOCKS). When running the relay/proxy server, a tun interface is used, packets sent to this interface are translated and then transmitted to the agent's remote network. You need to download the Wintun driver (used by WireGuard) and place the wintun.dll in the same folder as Ligolo. You can listen to ports on the agent and redirect connections to your control/proxy server. You can easily hit more than 100 Mbits/sec. Here is a test using iperf from a 200Mbits/s server to a 200Mbits/s connection. -
25
SOPS
Simple and flexible tool for managing secrets
sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. For the adventurous, unstable features are available in the develop branch, which you can install from source. To use sops as a library, take a look at the decrypt package. We rewrote Sops in Go to solve a number of deployment issues, but the Python branch still exists under python-sops. We will keep maintaining it for a while, and you can still pip install sops, but we strongly recommend you use the Go version instead. If you're using AWS KMS, create one or multiple master keys in the IAM console and export them, comma separated, in the SOPS_KMS_ARN env variable. It is recommended to use at least two master keys in different regions. If you want to use PGP, export the fingerprints of the public keys, comma separated, in the SOPS_PGP_FP env variable.
