Top Go Security repositories on GitHub

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

• go
• web-server
• caddyfile
• http
• http-server
• reverse-proxy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

• security
• security-tools
• docker
• containers
• vulnerability-scanners
• vulnerability-detection

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

• cve-scanner
• subdomain-takeover
• nuclei-engine
• vulnerability-detection
• vulnerability-assessment
• vulnerability-scanner

The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™

• totp
• ldap
• sso-authentication
• yubikey
• two-factor-authentication
• docker

Find secrets with Gitleaks 🔑

• security
• security-tools
• git
• golang
• go
• secret

Find, verify, and analyze leaked credentials

• secret
• trufflehog
• credentials
• security
• devsecops
• dynamic-analysis

eBPF-based Networking, Security, and Observability

• containers
• bpf
• security
• kubernetes
• kubernetes-networking
• cni

Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

• docker
• containers
• security
• seccomp
• apparmor
• minify-images

Simple and flexible tool for managing secrets

• security
• secret-distribution
• devops
• aws
• pgp
• gcp

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

• firewall
• http-flood
• security
• sql-injection
• waf
• web-application-firewall

The easiest, and most secure way to access and protect all of your infrastructure.

• ssh
• go
• bastion
• teleport-binaries
• certificate
• golang

Manage your dotfiles across multiple diverse machines, securely.

• dotfiles
• configuration
• security
• macos
• linux
• windows

Weighs the soul of incoming HTTP requests to stop AI crawlers

• defense
• security

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

• password-sniffer
• mitm
• rogue-ap
• wifi
• hacking
• security

Internet-scale OpenID Certified™ OpenID Connect and OAuth2.1 provider that integrates with your user management through headless APIs. Solve OIDC/OAuth2 user cases over night. Consume as a service on Ory Network or self-host. Trusted by OpenAI and many others for scale and security. Written in Go.

• hydra
• oauth2
• openid-connect
• docker
• server
• security

World's most advanced database DevSecOps solution for Developer, Security, DBA and Platform Engineering teams. The GitHub/GitLab for database DevSecOps.

• mysql
• tidb
• postgresql
• snowflake
• cicd
• sql-client

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。(An intranet comprehensive scanning tool, enabling one-click automated, all-round vulnerability scanning)

• fscan
• scanner
• scanning
• sec
• security-tools
• security

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

• security
• linux
• protection
• detection
• attacks-prevention
• ids

Open-Source Phishing Toolkit

• gophish
• phishing
• golang
• security

A vulnerability scanner for container images and filesystems

• containers
• security
• vulnerability
• docker
• golang
• go

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

• vuls
• vulnerability-scanners
• golang
• go
• linux
• freebsd

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.

• wireguard
• vpn
• mesh
• zero-trust
• devsecops
• k8s

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

• kubernetes
• security
• nsa
• mitre-attack
• devops
• best-practice

Let's Encrypt/ACME client and library written in Go

• letsencrypt
• acme
• certificate
• tls
• security
• acme-client

Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store

• ios
• appstore
• apple
• ipa
• itunes
• cli