Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →
Top 23 Go Security Projects
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Lean and Mean Docker containers
Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
-
age
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
-
Ory Hydra
OpenID Certifiedâ„¢ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.
-
vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
-
kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
-
Netmaker
Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
-
crowdsec
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
However, it's very unlikely that .NET developers will directly expose their Kestrel-based web apps to the internet. Typically, we use other popular web servers like Nginx, Traefik, and Caddy to act as a reverse-proxy in front of Kestrel for various reasons:
Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16Trivy Owner/Maintainer: Aqua Security Age: First released on GitHub on May 7th, 2019 License: Apache License 2.0 backward-compatible with tfsec
It's me and two others though I'm definitely the most active. We put a lot of effort into security best practices and one of my co-developers is currently reviewing the 4.38.0 release. It's a fairly major release with a lot of important code paths that have been improved for the future.
Our official docs can be found at https://www.authelia.com and you can find docs for a particular PR in the relevant PR. We've also linked the pre-release docs in the pre-release discussions which can be found here: https://github.com/authelia/authelia/discussions/categories/...
Project mention: Cisco to Acquire Cloud Native Networking and Security Leader Isovalent | news.ycombinator.com | 2023-12-21They would have had to add a few externals to get to Graduated but it's definitely a minority:
https://github.com/cilium/cilium/blob/main/MAINTAINERS.md
And if you want to make the container quickly secure without bloats, maybe give this a try https://github.com/slimtoolkit/slim
Project mention: The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research) | /r/SaaS | 2023-05-22Nuclei
Project mention: Apache Guacamole: a clientless remote desktop gateway | news.ycombinator.com | 2024-03-29https://github.com/gravitational/teleport/blob/master/rfd/00...
Project mention: bettercap VS petep - a user suggested alternative | libhunt.com/r/bettercap | 2023-10-03
Project mention: Age: A simple, modern and secure encryption tool | news.ycombinator.com | 2024-02-25
install gitleaks in your machine gitleaks
My script just sets up default .sops.yaml for https://github.com/getsops/sops
You can further edit .sops.yaml(eg have multiple of them) and decide how you split secrets in your directory tree to further customize who can decrypt the secrets.
It works pretty well for prod/dev splits, etc
Project mention: Show HN: Open-source OAuth2 server Ory Hydra now 6x faster | news.ycombinator.com | 2024-02-13
Project mention: Seeking help to identify vulnerabilities and secrets in a website backup file | /r/HowToHack | 2023-07-03Trufflehog
Project mention: Any self-host FOSS suites for running phishing testing campaigns? | /r/selfhosted | 2023-05-21
Project mention: CodiumAI PR-Agent Dominates the Dev World with Versatility and Open-Source Power | dev.to | 2023-12-03CodiumAI PR-Agent’s influence extends deeply within open-source projects. An exemplary illustration is Kubespace, a Cloud Native Computing Foundation (CNCF) sandbox project. Since its adoption in August, Kubespace has been utilizing the PR-Agent service. They also recently had a public bug bounty collaboration with CodiumAI. This program added an extra layer of community-driven scrutiny, encouraging contributors to utilize simple commands like /describe for effective pull request messages. Here the contributor wanted to better describe the PR, so he used the /describe prompt.
6. Gosec
Project mention: Dehydrated: Letsencrypt/acme client implemented as a shell-script | news.ycombinator.com | 2024-04-19Self contained but hardly a tiny supply chain attack surface: https://github.com/go-acme/lego/blob/master/go.sum
Project mention: Show HN: Stack, the open-source Clerk/Firebase Auth alternative | news.ycombinator.com | 2024-04-14If you're looking for a system that has more features, is user friendly, a nice admin ui and easy deployments compared to Keycloak. Please give https://goauthentik.io/ a shot. Not affiliated in any way, just a very happy user.
It has
-an admin UI
- Supports (LDAP, SAML, OAUTH, social logins)
- MFA, Passkeys
- Application access based on user groups etc
Go Security related posts
- Pico.sh – Hacker Labs
- A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons
- Securely manage your dot files
- Show HN: Clace – Nginx Unit alternative – app server for internal apps
- Install RKE2 with Cilium and Metallb
- How and why we built our expense tracker with CRDTs
- Show HN: Clace – Platform for hypermedia driven internal web tools
-
A note from our sponsor - InfluxDB
www.influxdata.com | 24 Apr 2024
Index
What are some of the best open-source Security projects in Go? This list will help you:
Project | Stars | |
---|---|---|
1 | Caddy | 53,568 |
2 | trivy | 21,316 |
3 | authelia | 19,523 |
4 | cilium | 18,510 |
5 | Lean and Mean Docker containers | 18,165 |
6 | nuclei | 17,148 |
7 | Gravitational Teleport | 16,505 |
8 | bettercap | 15,655 |
9 | age | 15,264 |
10 | gitleaks | 15,197 |
11 | sops | 15,069 |
12 | Ory Hydra | 15,043 |
13 | trufflehog | 13,863 |
14 | chezmoi | 11,639 |
15 | vuls | 10,659 |
16 | gophish | 10,607 |
17 | kubescape | 9,686 |
18 | Netmaker | 8,928 |
19 | crowdsec | 7,774 |
20 | grype | 7,623 |
21 | gosec | 7,441 |
22 | lego | 7,241 |
23 | authentik | 6,685 |
Sponsored