Skip to content
master
Switch branches/tags
Code

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 

A curated list of awesome golang Security related resources.

Awesome

List inspired by the awesome list thing.

Supported by: GuardRails.io


Contents

Tools

Web Framework Hardening

  • nosurf - CSRF protection middleware for Go.
  • gorilla/csrf - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
  • gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
  • secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.
  • unindexed - A drop-in replacement for http.Dir which disables directory indexing.
  • beego-security-headers - beego framework filter for easy security headers management.

Libraries

  • paseto - Platform-Agnostic Security Tokens implementation in GO (Golang)
  • hsts - Go HTTP Strict Transport Security library
  • jwt-go - Golang implementation of JSON Web Tokens (JWT)

Static Code Analysis

  • safesql - Static analysis tool for Golang that protects against SQL injections. It does not seem to be actively maintained at the moment.
  • gosec - Inspects source code for security problems by scanning the Go AST and matching it with a set of rules. Comes bundled in a Docker container securego/gosec
  • gometalinter - Concurrently runs most of the existing go linters and normalizes their output.

Vulnerabilities and Security Advisories

Private Key Infrastructure

  • CloudFlare SSL - CFSSL is CloudFlare's PKI/TLS swiss army knife. It is both a command line tool and an HTTP API server for signing, verifying, and bundling TLS certificates.

Educational

Hacking Playground

  • govwa - A vulnerable golang application including the most common vulnerabilities found in web applications today
  • Lambhack - A very vulnerable serverless application in AWS Lambda

Articles, Guides & Talks

Other

Reporting Bugs

Contributing

Found an awesome project, package, article, or another type of resources related to golang Security? Submit a pull request! Just follow the guidelines. Thank you!

License

CC0

About

Awesome Golang Security resources πŸ•ΆπŸ”

Topics

Resources

Releases

No releases published

Packages

No packages published