Zigi makes context switching a thing of the past. It monitors Jira and GitHub updates, pings you when PRs need approval and lets you take fast actions - all directly from Slack! Learn more →
Top 23 Go Security Projects
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPSProject mention: New feature: HTTPS support for bpo | reddit.com/r/perl | 2022-11-30
Rather the answer was to use Caddy as a frontend, because Go programs are statically linked and because Go has its own proven crypto, which together make the creaky platform irrelevant.
DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)Project mention: Standard container sizes | reddit.com/r/kubernetes | 2022-11-11
Anyone tried using https://github.com/docker-slim/docker-slim To minify an image?..
Truly a developer’s best friend. Scout APM is great for developers who want to find and fix performance issues in their applications. With Scout, we'll take care of the bugs so you can focus on building great things 🚀.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and moreProject mention: Is OPA Gatekeeper the best solution for writing policies for k8s clusters? | reddit.com/r/kubernetes | 2022-11-10
The Single Sign-On Multi-Factor portal for web appsProject mention: A way for the users to connect to all services seamlesly ? | reddit.com/r/unRAID | 2022-11-29
eBPF-based Networking, Security, and ObservabilityProject mention: Go based eBPF projects | reddit.com/r/golang | 2022-11-27
Cilium : Container networking based. It is the torch-bearer of eBPF
OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.Project mention: Show HN: Open-source OAuth2 server Ory Hydra v2.0 | reddit.com/r/hypeurls | 2022-11-03
The easiest, most secure way to access infrastructure.Project mention: Apache Guacamole (or other) to browse internal web-GUIs? | reddit.com/r/homelab | 2022-11-27
Dunno if Teleport does it. I've been meaning to deploy it for a while and will be looking in getting it in soon. https://github.com/gravitational/teleport
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.Project mention: Secure E2E File Transfer Product Needed | reddit.com/r/AskNetsec | 2022-11-29
send them a link to a binary release of age; https://github.com/FiloSottile/age/releases/tag/v1.0.0 has binary releases for 4 desktop/server platforms
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.Project mention: PAW-GPS issue - "skipping event 'handshake' because the worker is busy" | reddit.com/r/pwnagotchi | 2022-07-12
Here's my config.toml for reference (ai is disabled because of issues with bettercap trying to switch to disabled channels, see https://github.com/bettercap/bettercap/issues/881 )
Simple and flexible tool for managing secretsProject mention: Ensure that an ansible secrets.yml is never committed unencrypted | reddit.com/r/devops | 2022-11-23
Use either Mozilla SOPS to encrypt the values in the file, or got-encrypt to encrypt the whole repo
Protect and discover secrets using Gitleaks 🔑Project mention: GitHub Access Token Exposure | news.ycombinator.com | 2022-11-20
Fast and customizable vulnerability scanner based on simple YAML based DSL.Project mention: Thoughts on Vuln scanning public facing websites/hosts during an incident? | reddit.com/r/blueteamsec | 2022-08-17
Had an idea to leverage the community vuln scanner Nuclei (https://nuclei.projectdiscovery.io/) to just run a quick scan against the public facing hostname/IP. The job isn't supposed to be "hey you're vulnerable to xyz, but to aid in the discovering initial access. I believe this would be considered "good faith" and you're not technically be doing anything nefarious, but wanted to get the communities thoughts on this.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devicesProject mention: Scan for vulnerabilities? | reddit.com/r/debian | 2022-08-23
Open-Source Phishing ToolkitProject mention: "Scam Defense" training? | reddit.com/r/Scams | 2022-10-23
Manage your dotfiles across multiple diverse machines, securely.Project mention: How to manage dotfiles and organize it effectively? | reddit.com/r/linux4noobs | 2022-11-15
i use a tool called chezmoi. it has an apply mechanism that just copies files to the proper location. it also uses go templates to manage different host/OS configurations.
Kubescape is a K8s open-source tool providing a multi-cloud K8s single pane of glass, including risk analysis, security compliance, RBAC visualizer and image vulnerabilities scanning.Project mention: How to validate Kubernetes YAML files? | dev.to | 2022-10-20
New security controls are something you should incorporate into your security validation steps. Kubescape, an open-source platform by AMRO, allows you to define your own framework of controls. Even though the out-of-the-box framework is robust, you will see your policy controls take shape per the exact needs of your business and Kubernetes resources.
Golang security checkerProject mention: Goast: Generic static analysis for Go Abstract Syntax Tree by OPA/Rego | dev.to | 2022-09-12
Various static analysis tools are available for the Go language, and existing static analysis tools can check general best practices. For example, gosec is a tool to check secure Go coding, and I use it myself. However, coding rules in software development are not only based on best practices, but can also be software- or team-specific. For example
Safely store secrets in Git/Mercurial/SubversionProject mention: We have this many ".env" files in a project at work. Is this normal? Is there a better way? | reddit.com/r/webdev | 2022-06-16
My preferred version is blackbox: https://github.com/StackExchange/blackbox
CrowdSec - the open-source and participative IPS able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global CTI database to protect the user network.Project mention: What service can I use to ban users? | reddit.com/r/webdev | 2022-11-18
You should check out https://crowdsec.net. More advanced, uses crowdsources cti to block attacks even before they happen. Also both nginx and captcha is supported. Disclaimer: I am head of community. Visit /r/CrowdSec or our Discord at https://discord.gg/crowdsec if you have questions :-)
Let's Encrypt/ACME client and library written in GoProject mention: Anyone know of a decent enterprise linux crash course? | reddit.com/r/sysadmin | 2022-11-01
Yes, for a lot of stuff, we typically either use some wildcard certs or letsencrypt issued certs. Personally I've been moving away from certbot to softare that has it built-in (i.e. Caddy server) or use go-acme/lego. The reason I've stopped using certbot is that they've switched to only publishing snap packages. I don't use snap in prod.
Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.Project mention: 0.17.0 in Pre-Release | reddit.com/r/netmaker | 2022-11-30
Security scanner for your Terraform codeProject mention: My Cloud Resume Challenge Journey | dev.to | 2022-11-30
Once I completed the main steps of the challenge, I went back to do some security modificaions including enabled DNSSEC, deploying WAF (I ended up removing this as the costs were quite high and instead set up account level throttling for my API) and running IAM Access Analyser to flag anything I'd over permissioned. I also set up Git commit signing and added a new Git Action workflow to run Tfsec any time I updated my terraform config files
The slightly more awesome standard unix password manager for teamsProject mention: Tool / workflow recommendations for the terminal | reddit.com/r/commandline | 2022-10-19
I wrote my own secret manager: safe. It stores your secrets as encrypted files on your disk (like pass and gopass), and is accessible from the command line. It differs from them in that you only need a master password to use it (so no GPG keys to manage). It comes with an agent (like ssh-agent) that can store your encryption key in memory to avoid typing your master password over and over.
Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Data Platform where developers build real-time applications for analytics, IoT and cloud-native services in less time with less code.
Go Security related posts
My Cloud Resume Challenge Journey
2 projects | dev.to | 30 Nov 2022
Secure Kubernetes with Kubescape
2 projects | dev.to | 30 Nov 2022
0.17.0 in Pre-Release
1 project | reddit.com/r/netmaker | 30 Nov 2022
Dropbox Buys Boxcryptor
3 projects | news.ycombinator.com | 29 Nov 2022
Secure E2E File Transfer Product Needed
1 project | reddit.com/r/AskNetsec | 29 Nov 2022
How do I remove this?
2 projects | reddit.com/r/cybersecurity_help | 28 Nov 2022
Sync all your cloud asses to Snowflake and build an "Infrastructure Lake"
1 project | reddit.com/r/devops | 25 Nov 2022
A note from our sponsor - Zigi
www.zigi.ai | 30 Nov 2022
What are some of the best open-source Security projects in Go? This list will help you:
|2||Lean and Mean Docker containers||15,525|