Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge. Learn more →
Top 23 Go security-tool Projects
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Project mention: Friends - needs help choosing solution for SBOM vulnerability | /r/devops | 2023-06-01 -
zincsearch
ZincSearch . A lightweight alternative to elasticsearch that requires minimal resources, written in Go.
Project mention: OpenObserve: Elasticsearch/Datadog alternative in Rust.. 140x lower storage cost | news.ycombinator.com | 2023-06-11Please give the benefit of the doubt on HN.
This company created ZincSearch:
https://github.com/zincsearch/zincsearch
Prabhat is one of the core contributors/maintainers:
https://github.com/zincsearch/zincsearch/graphs/contributors
https://github.com/prabhatsharma
Also the negative insinuation of using “cheap” labor out of India to build the product is unnecessary. If you’re concerned about code quality, look at the code.
Assuming everyone working with devs in India is doing so cynically is not charitable.
I dont know why the headquarters was set as india versus SF but does it actually even matter?
-
Mergify
Updating dependencies is time-consuming.. Solutions like Dependabot or Renovate update but don't merge dependencies. You need to do it manually while it could be fully automated! Add a Merge Queue to your workflow and stop caring about PR management & merging. Try Mergify for free.
-
Cool. What features/capabilities are different compared to gitleaks?
-
Project mention: Seeking help to identify vulnerabilities and secrets in a website backup file | /r/HowToHack | 2023-07-03
Trufflehog
-
vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
-
6. Gosec
-
Project mention: With VPN's such as Twin Gate and TailScale, why open ports to expose services to the internet? | /r/selfhosted | 2023-07-05
IDK if you are too young to remember the fallout from Snowden, but the Kremlin threw out entire rooms computers and for a time used actual typewriters. Because those computers had, more or less, twingate connectors on them. That's a bit of a rich example, but you're essentially installing what sliver calls an implant, what meterpreter calls a payload, and what Cobalt Strike calls a beacon. It's cool if you want to, but there's no need when you can just open a port with the same technology a Fortune 50 does.
-
InfluxDB
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
-
traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
Project mention: Traitor – Automatic Linux privesc via exploitation of low-hanging fruits | news.ycombinator.com | 2023-06-12 -
certificates
🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.
Project mention: Running one’s own root Certificate Authority in 2023 | news.ycombinator.com | 2023-09-16 -
Project mention: Fuzz Testing Is the Best Thing to Happen to Our Application Tests | news.ycombinator.com | 2023-08-17
The key to modern fuzzing is feedback, usually some kind of coverage testing of the program under test. This allows the fuzzer to be much smarter about how it finds new code paths, and makes fuzzing find bugs a lot quicker.
Google have a project to do fuzzing on Linux system calls using coverage feedback: https://github.com/google/syzkaller
-
-
-
terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
Terrascan could also be useful : https://github.com/tenable/terrascan
-
scan4all
Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
-
Project mention: How do you manage transactions in Go? Do we really need to use one transaction for each request? | /r/golang | 2023-06-02
Have you taken a look at SpiceDB? The Authzed blog has a few posts that are useful to improving your understanding -- I can think of two: New Enemies and Writing relationships to SpiceDB.
-
You might want to try this tool https://github.com/Ullaakut/cameradar , as most of the webcams are based on RTSP( Real-Time Streaming Protocol ) protocol.
-
cli
🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc. (by smallstep)
Project mention: Running one’s own root Certificate Authority in 2023 | news.ycombinator.com | 2023-09-16 -
SecretScanner
:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:
SecretScanner
-
dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
-
Project mention: Ask HN: Tell us about your project that's not done yet but you want feedback on | news.ycombinator.com | 2023-08-16
- Build your own honeypot with ContainerSSH (DevConf CZ 2021) [4]
-
-
-
-
SonarLint
Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2023-09-16.
Go security-tools related posts
- With VPN's such as Twin Gate and TailScale, why open ports to expose services to the internet?
- Distributing ACME Let'sEncrypt certs for homelab
- Safety in Go
- Any Way To See The Dockerfile Used To Make An Image On Dockerhub?
- Sliver Release v1.5.40 - This release fixes a vulnerability (CVE-2023-34758) in the Sliver Key Encapsulation Mechanism (KEM), where improper use of Nacl Box (libsodium) could allow a MitM attacker with a copy of the implant binary to recover the session key and arbitrarily encrypt/decrypt C2 message
- Web application to manage self-signed certificate authorities/certificates/keys
- Go Security Scanner
-
A note from our sponsor - InfluxDB
www.influxdata.com | 28 Sep 2023
Index
What are some of the best open-source security-tool projects in Go? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | trivy | 18,706 |
| 2 | zincsearch | 15,443 |
| 3 | gitleaks | 13,848 |
| 4 | trufflehog | 12,059 |
| 5 | vuls | 10,258 |
| 6 | gosec | 7,093 |
| 7 | sliver | 6,540 |
| 8 | traitor | 6,201 |
| 9 | certificates | 5,608 |
| 10 | syzkaller | 4,842 |
| 11 | osmedeus | 4,683 |
| 12 | Modlishka | 4,419 |
| 13 | terrascan | 4,218 |
| 14 | scan4all | 4,000 |
| 15 | spicedb | 3,850 |
| 16 | Cameradar | 3,495 |
| 17 | cli | 3,242 |
| 18 | SecretScanner | 2,825 |
| 19 | dockle | 2,478 |
| 20 | ContainerSSH | 2,410 |
| 21 | Stowaway | 2,165 |
| 22 | gokart | 2,119 |
| 23 | ksubdomain | 1,976 |
Clean code begins in your IDE with SonarLint
Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
www.sonarlint.org