Go Security

Open-source Go projects categorized as Security

Top 23 Go Security Projects

  • Caddy

    Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

    Project mention: Automatic SSL Solution for SaaS/MicroSaaS Applications with Caddy, Node.js and Docker | dev.to | 2024-02-29

    So I dug a little deeper and came across this gem: Caddy. Caddy is this fantastic, extensible, cross-platform, open-source web server that's written in Go. The best part? It comes with automatic HTTPS. It basically condenses all the work our scripts and manual maintenance were doing into just 4-5 lines of config. So, stick around and I'll walk you through how to set up an automatic SSL solution with Caddy, Docker and a Node.js server.

  • trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    Project mention: General Docker Troubleshooting, Best Practices & Where to Go From Here | dev.to | 2024-01-19

    Trivy. A Simple and Comprehensive Vulnerability Scanner for Containers.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  • authelia

    The Single Sign-On Multi-Factor portal for web apps

    Project mention: Keycloak SSO with Docker Compose and Nginx | news.ycombinator.com | 2024-02-11

    It's me and two others though I'm definitely the most active. We put a lot of effort into security best practices and one of my co-developers is currently reviewing the 4.38.0 release. It's a fairly major release with a lot of important code paths that have been improved for the future.

    Our official docs can be found at https://www.authelia.com and you can find docs for a particular PR in the relevant PR. We've also linked the pre-release docs in the pre-release discussions which can be found here: https://github.com/authelia/authelia/discussions/categories/...

  • cilium

    eBPF-based Networking, Security, and Observability

    Project mention: Cisco to Acquire Cloud Native Networking and Security Leader Isovalent | news.ycombinator.com | 2023-12-21

    They would have had to add a few externals to get to Graduated but it's definitely a minority:

    https://github.com/cilium/cilium/blob/main/MAINTAINERS.md

  • Lean and Mean Docker containers

    Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

    Project mention: Is updating software in Docker containers useful? | /r/selfhosted | 2023-12-06

    And if you want to make the container quickly secure without bloats, maybe give this a try https://github.com/slimtoolkit/slim

  • nuclei

    Fast and customizable vulnerability scanner based on simple YAML based DSL.

    Project mention: The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research) | /r/SaaS | 2023-05-22

    Nuclei

  • Gravitational Teleport

    Protect access to all of your infrastructure

    Project mention: OpenBao – FOSS Fork of HashiCorp Vault | news.ycombinator.com | 2023-12-08

    In case you didn't see it: https://goteleport.com/blog/teleport-oss-switches-to-agpl-v3... and https://github.com/gravitational/teleport/pull/35259

    I readily admit it's not the same amount of :fu: as BuSL or whatever the fuck is going on over at Sentry but still :-( as compared to their much friendlier Apache 2

  • LearnThisRepo.com

    Learn 300+ open source libraries for free using AI. LearnThisRepo lets you learn 300+ open source repos including Postgres, Langchain, VS Code, and more by chatting with them using AI!

  • bettercap

    The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

    Project mention: bettercap VS petep - a user suggested alternative | libhunt.com/r/bettercap | 2023-10-03
  • Ory Hydra

    OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.

    Project mention: Show HN: Open-source OAuth2 server Ory Hydra now 6x faster | news.ycombinator.com | 2024-02-13
  • age

    A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

    Project mention: Age: A simple, modern and secure encryption tool | news.ycombinator.com | 2024-02-25
  • gitleaks

    Protect and discover secrets using Gitleaks 🔑

    Project mention: I Analyzed StackOverflow for Secrets | news.ycombinator.com | 2023-11-17

    > gitleaks : fatal error: runtime: out of memory

    Should be fixed now: https://github.com/gitleaks/gitleaks/pull/1292. Thanks for highlighting this simple change I've been putting off :)

  • sops

    Simple and flexible tool for managing secrets

    Project mention: Encrypting your secrets with Mozilla SOPS using two AWS KMS Keys | dev.to | 2024-01-16

    Mozilla SOPS (Secrets OPerationS) is an open-source command-line tool for managing and storing secrets. It uses secure encryption methods to encrypt secrets at rest and decrypt them at runtime. SOPS supports a variety of key management systems, including AWS KMS, GCP KMS, Azure Key Vault, and PGP. It's particularly useful in a DevOps context where sensitive data like API keys, passwords, or certificates need to be securely managed and seamlessly integrated into application workflows.

  • trufflehog

    Find and verify credentials

    Project mention: Seeking help to identify vulnerabilities and secrets in a website backup file | /r/HowToHack | 2023-07-03

    Trufflehog

  • chezmoi

    Manage your dotfiles across multiple diverse machines, securely.

    Project mention: Ask HN: Did macOS Sonoma break your iCloud setup? | news.ycombinator.com | 2024-01-03

    > A warning, not an admonishment: Use Apple services in a novel or unsupported manner and you're asking for trouble.

    +1

    I've always had sync issues with iCloud Drive when storing developer projects and related things there. It ends up stuck or confused or conflicted but tries to resolve the merge conflicts opaquely and it's hard to know there's a problem in real time vs until later when you find something broken. I keep all dev things out of iCloud after getting burned by this enough times over the years.

    To OP: Consider a repo dotfiles setup like using Chezmoi or similar. Transitioning to it was less friction than I expected and the only downside really is having to remember to commit changes across devices.

    https://github.com/twpayne/chezmoi

  • vuls

    Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

  • gophish

    Open-Source Phishing Toolkit

    Project mention: Any self-host FOSS suites for running phishing testing campaigns? | /r/selfhosted | 2023-05-21
  • kubescape

    Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

    Project mention: CodiumAI PR-Agent Dominates the Dev World with Versatility and Open-Source Power | dev.to | 2023-12-03

    CodiumAI PR-Agent’s influence extends deeply within open-source projects. An exemplary illustration is Kubespace, a Cloud Native Computing Foundation (CNCF) sandbox project. Since its adoption in August, Kubespace has been utilizing the PR-Agent service. They also recently had a public bug bounty collaboration with CodiumAI. This program added an extra layer of community-driven scrutiny, encouraging contributors to utilize simple commands like /describe for effective pull request messages. Here the contributor wanted to better describe the PR, so he used the /describe prompt.

  • Netmaker

    Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.

    Project mention: Netmaker: An open source WireGuard VPN | news.ycombinator.com | 2024-02-23
  • crowdsec

    CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

    Project mention: Disable notifications for one out of several machines | /r/CrowdSec | 2023-07-04
  • gosec

    Go security checker

    Project mention: Top 10 Snyk Alternatives for Code Security | dev.to | 2023-08-31

    6. Gosec

  • grype

    A vulnerability scanner for container images and filesystems

    Project mention: I looked through attacks in my access logs. Here's what I found | news.ycombinator.com | 2024-01-28

    Besides pointing pentester tools like metasploit at yourself, there are some nice scanners out there.

    https://github.com/quay/clair

    https://github.com/anchore/grype/

  • lego

    Let's Encrypt/ACME client and library written in Go

    Project mention: Running one’s own root Certificate Authority in 2023 | news.ycombinator.com | 2023-09-16

    This ACME client looks promising, but I haven’t tried it yet: https://github.com/go-acme/lego

  • Blackbox

    Safely store secrets in Git/Mercurial/Subversion

  • WorkOS

    The modern API for authentication & user identity. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2024-02-29.

Go Security related posts

Index

What are some of the best open-source Security projects in Go? This list will help you:

Project Stars
1 Caddy 52,426
2 trivy 20,558
3 authelia 18,898
4 cilium 17,970
5 Lean and Mean Docker containers 17,921
6 nuclei 16,521
7 Gravitational Teleport 15,881
8 bettercap 15,388
9 Ory Hydra 14,902
10 age 14,902
11 gitleaks 14,803
12 sops 14,707
13 trufflehog 13,488
14 chezmoi 11,060
15 vuls 10,572
16 gophish 10,283
17 kubescape 9,553
18 Netmaker 8,749
19 crowdsec 7,578
20 gosec 7,337
21 grype 7,295
22 lego 7,126
23 Blackbox 6,596
The modern API for authentication & user identity.
The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
workos.com