Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 Go Infosec Projects
-
Project mention: Show HN: Pfuzz, a web fuzzer following the Unix philosophy | news.ycombinator.com | 2024-01-21
It seems to me like "fuzzing" has a different meaning in web application penetration testing. Here, "fuzzer" is a term for tools that just generate different request using wordlists, without adding any mutations. For example, the two popular web fuzzers ffuf [1] and wfuzz [2] also call themselves fuzzers.
I see how reusing a term for a different concept is bothersome, but I feel like "fuzzer" is the term that people learning about bug bounty hunting are familiar with.
-
traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
Project mention: Traitor – Automatic Linux privesc via exploitation of low-hanging fruits | news.ycombinator.com | 2023-06-12 -
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
-
You might want to try this tool https://github.com/Ullaakut/cameradar , as most of the webcams are based on RTSP( Real-Time Streaming Protocol ) protocol.
-
-
-
Adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
-
cariddi
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
-
Project mention: Metabigor - An Intelligence tool, its goal is to do OSINT tasks and more but without any API key. | /r/CKsTechNews | 2023-03-30
-
-
Open-Source-Security-Guide
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
-
wiretap
Wiretap is a transparent, VPN-like proxy server that tunnels traffic via WireGuard and requires no special privileges to run.
-
-
-
ppmap
A scanner/exploitation tool written in GO, which leverages client-side Prototype Pollution to XSS by exploiting known gadgets.
-
BucketLoot
BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.
Project mention: Open source S3 bucket scanner for secrets and assets | news.ycombinator.com | 2023-10-11 -
-
-
rpCheckup
rpCheckup is an AWS resource policy security checkup tool that identifies public, external account access, intra-org account access, and private resources.
-
favirecon
Use favicon.ico to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
-
-
sgCheckup
sgCheckup generates nmap output based on scanning your AWS Security Groups for unexpected open ports.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Go Infosec related posts
- Active Directory ACL Visualizer and Explorer
- Show HN: Pfuzz, a web fuzzer following the Unix philosophy
- Fast web fuzzer written in Go
- Threagile – Agile Threat Modeling Toolkit
- Adalanche v2023.5.3 released
- Hacking ip cameras
- Directory Discovery Tools
-
A note from our sponsor - InfluxDB
www.influxdata.com | 28 Mar 2024
Index
What are some of the best open-source Infosec projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | ffuf | 11,264 |
2 | traitor | 6,474 |
3 | hetty | 5,906 |
4 | Cameradar | 3,849 |
5 | S3Scanner | 2,352 |
6 | jaeles | 2,055 |
7 | Adalanche | 1,473 |
8 | sx | 1,402 |
9 | cariddi | 1,327 |
10 | metabigor | 1,131 |
11 | go-dork | 958 |
12 | Open-Source-Security-Guide | 832 |
13 | wiretap | 752 |
14 | threagile | 551 |
15 | EDRHunt | 543 |
16 | ppmap | 446 |
17 | BucketLoot | 325 |
18 | lit-bb-hack-tools | 302 |
19 | linx | 196 |
20 | rpCheckup | 158 |
21 | favirecon | 158 |
22 | notionterm | 121 |
23 | sgCheckup | 82 |