Top 9 Go Http3 Projects
-
Unfortunately, the CVE database(s) are too noisy to be useful. It could benefit from higher standards and more thorough vetting. (Maybe take some lessons from academia.)
A "security researcher" once filed a CVE for a regular bug in Caddy [0], making claims that were totally provably false. It was assigned 7.5... the same as Heartbleed [1] -- yes, the one that leaked almost all the private encryption keys on the Internet back in 2014.
More recently I inadvertently discovered a 0-day RCE in acme.sh [2]. (ACME clients are security-sensitive contexts since they typically deal with private keys and download signed credentials.) Anyway, it was assigned a CVSS 3.x score of * 9.8 * [3] -- I imagine that should be like "cyber-nuclear meltdown" territory, but no, this was actually benign as far as we can tell. Probably deserves more like a 5 or 6 or something.
Anyway, the whole system is broken, and I'm effectively ignoring CVEs now. But if someone tells me to patch my , I'll probably just do that.
[0]: https://github.com/caddyserver/caddy/issues/4775
[1]: https://nvd.nist.gov/vuln/detail/cve-2014-0160
[2]: https://matt.life/writing/the-acme-protocol-in-practice-and-...
-
2023/02/20 11:30:25.292491 [info] tls config has changed, restarting https server 2023/02/20 11:30:25.294059 [info] Start reconfiguring the server 2023/02/20 11:30:25.294064 [info] Stopping the DNS proxy server 2023/02/20 11:30:25.294103 [info] Stopped the DNS proxy server 2023/02/20 11:30:25.394663 [info] dnsproxy: cache: enabled, size 4096 b 2023/02/20 11:30:25.394675 [info] MaxGoroutines is set to 300 2023/02/20 11:30:25.395544 [info] Starting the DNS proxy server 2023/02/20 11:30:25.395549 [info] Ratelimit is enabled and set to 20 rps 2023/02/20 11:30:25.395551 [info] The server is configured to refuse ANY requests 2023/02/20 11:30:25.395553 [info] dnsproxy: cache: enabled, size 4194304 b 2023/02/20 11:30:25.395570 [info] MaxGoroutines is set to 300 2023/02/20 11:30:25.395574 [info] Creating the UDP server socket 2023/02/20 11:30:25.395609 [info] Listening to udp://[::]:53 2023/02/20 11:30:25.395612 [info] Creating a TCP server socket 2023/02/20 11:30:25.395628 [info] Listening to tcp://[::]:53 2023/02/20 11:30:25.395630 [info] Creating a TLS server socket 2023/02/20 11:30:25.395641 [info] Listening to tls://[::]:853 2023/02/20 11:30:25.395645 [info] Creating a QUIC listener 2023/02/20 11:30:25.395702 failed to sufficiently increase receive buffer size (was: 208 kiB, wanted: 2048 kiB, got: 416 kiB). See https://github.com/quic-go/quic-go/wiki/UDP-Receive-Buffer-Size for details. 2023/02/20 11:30:25.395943 [info] Listening to quic://[::]:853 2023/02/20 11:30:25.395960 [info] Entering the UDP listener loop on [::]:53 2023/02/20 11:30:25.395993 [info] Entering the tcp listener loop on [::]:53 2023/02/20 11:30:25.396012 [info] Entering the tls listener loop on [::]:853 2023/02/20 11:30:25.396067 [info] Entering the DNS-over-QUIC listener loop on [::]:853 2023/02/20 11:30:25.396635 [info] go to https://local.adguardhome:443 yaml part: tls: enabled: true server_name: local.adguardhome force_https: false port_https: 443 port_dns_over_tls: 853 port_dns_over_quic: 853 port_dnscrypt: 0 dnscrypt_config_file: "" allow_unencrypted_doh: false certificate_chain: |-
-
SonarLint
Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
-
Centrifugo
Scalable real-time messaging server in a language-agnostic way. Self-hosted alternative to Pubnub, Pusher, Ably. Set up once and forever.
Check out https://github.com/centrifugal/centrifugo - it was initially designed to be a standalone language-agnostic real-time messaging server. So it may be used with Django without radical change in the existing application and using ASGI. It can also provide a much better performance if you care about it.
-
-
algernon
Small self-contained pure-Go web server with Lua, Teal, Markdown, HTTP/2, QUIC, Redis and PostgreSQL support
-
Project mention: Hackers claim vast access to Western Digital systems | news.ycombinator.com | 2023-04-13
"I'm going to take this opportunity to shill gost, an amazing tool ..."
Here is the english readme:
https://github.com/go-gost/gost/blob/master/README_en.md
... and here is a better page:
It seems to have a rich feature set ... can you elaborate on why you like this tool so much ?
-
kawipiko
kawipiko -- blazingly fast static HTTP server -- focused on low latency and high concurrency, by leveraging Go, `fasthttp` and the CDB embedded database
-
InfluxDB
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
-
fileless-xec
Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,...)
-
gopayloader
HTTP/S benchmark/load testing cross-platform tool with optional jwt generation - supports HTTP/1.1, HTTP/2, HTTP/3
Project mention: Gopayloader - New golang HTTP load testing tool. 235% quicker than k6 | /r/programming | 2023-04-27
Go Http3 related posts
Index
What are some of the best open-source Http3 projects in Go? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | Caddy | 49,897 |
| 2 | quic-go | 8,698 |
| 3 | Centrifugo | 7,385 |
| 4 | vulcain | 3,423 |
| 5 | algernon | 2,297 |
| 6 | gost | 1,827 |
| 7 | kawipiko | 367 |
| 8 | fileless-xec | 153 |
| 9 | gopayloader | 12 |