API Insights API Insights is a tool to enable organizations to manage versioned API specifications (Swagger 2.0/OpenAPI Spec 3.x) for services. It als
Github Analyzer Audits a GitHub organization for potential security issues. The tool is currently in pre-alpha stage and only supports limited functio
Laizy Shell An interactive shell environment with an enhanced AI assistant. All the power of laizy.dev in a handy commandline tool. Features Natural l
Topaz - cloud-native authorization for modern applications and APIs Topaz is an open-source authorization service providing fine-grained, real-time, p
cr4gg Crack WPA keys via recorded 4-Way Handshake. This version requires that the 4-Way Handshake is in an isolated pcap file, you can use Wireshark f
This is gup the guppy gup gup (go-up) is meant to be a go replacement for python3 -m http.server with features that I find useful when practicing on H
Riverside What is this tool meant to do? Riverside provides a web-based, dynamic network security visualization of real-time network flow data. Users
什么是 Easywaf? Easywaf是开源的WEB应用防火墙,基于openresty开发,适用于中小型企业,可以保护WEB应用或API接口,阻断常见的web攻击。同时Easywaf提供友好的后台管控界面,支持IP、URL、Referer、User-Agent等HTTP常见字段的自定义访问规则。
🦊 CloudFox 🦊 CloudFox helps you gain situational awareness in unfamiliar cloud environments. It’s an open source command line tool created to help p
Nuclei And Subfinder API Web API for nuclei and subfinder will help you automate your entire security testing workflow since you can host it anywhere
Always Encrypted Kubernetes Constellation is a Kubernetes engine that aims to provide the best possible data security. It wraps your K8s cluster into
Cloud Security Icons These icons are published under the extremely permissive Creative Commons Zero v1.0 Universal license. Downloads We provide all i
Indra Lightning powered distributed virtual private network with Bitcoin and Lightning integration. About White Paper The ubiquitous use of encryption
ipmap ipmap is an open source, cross-platform and powerful network analysis tool. Installation Download the latest version from the release page. Extr
Noirgate ꩜ NoirGate provides on-demand ephemeral anonymous shells secured by TOTP. Try Me! - Text HOW to 1-337-561-1337 There are often times while co
Kubernetes-Sec-Alert - Track Kubernetes CVEs by native GitHub notifications! How it works Scheduled script every hour fetches the cves list from the O
Search and clean up unused AWS access keys A cloud security tool to search and clean up unused AWS access keys, written in Go. Features Find unused ac
😀 DOS TOOL 😀 ported to Go language from Python. The main difference from Python version layed in Golang architecture for concurrency: the goroutines
Indranet Lightning powered distributed virtual private network with Bitcoin and Lightning integration. About White Paper The ubiquitous use of encrypt
Zinc Search Engine Zinc is a search engine that does full text indexing. It is a lightweight alternative to Elasticsearch and runs using a fraction of
What is scan4all: integrated vscan, nuclei, ksubdomain, subfinder, etc., fully automated and intelligent
Ratchet Ratchet is a tool for improving the security of CI/CD workflows by automating the process of pinning and unpinning upstream versions. It's lik
📖 Documentation Chain-bench is an open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software
Reposaur Reposaur is the open source compliance tool for development platforms. Audit, verify and report on your data and configurations easily with p
Kubernetes-native security toolkit. (Documentation) Introduction There are lots of security tools in the cloud native world, created by Aqua and by ot
Generation of SLSA3+ provenance for native GitHub projects This repository contains tools for generating non-forgeable SLSA provenance on GitHub that
"Power of Two" LCG Cracker This program can accurately predict the output of java.util.Random's nextInt(int bound) method, when bound is a power of tw
Frogbot Table of contents What is Frogbot? Scanning pull requests after they are opened Scanning repositories after pull requests are merged Installin
lazytrivy Note It's functional and not too ugly, but I'd stay away from the code till I've refactored it :-D lazytrivy is a wrapper for Trivy that all
YATAS Yet Another Testing & Auditing Solution The goal of YATAS is to help you create a secure AWS environment without too much hassle. It won't check
cnfuzz - Cloud Native Web API Fuzzer "Breaking Cloud Native Web APIs in their natural habitat." Fuzzing web APIs in their fully converged Cloud Native
Threatest Threatest is a Go framework for testing threat detection end-to-end. Threatest allows you to detonate an attack technique, and verify that t
Practice yourself, for heaven's sake, in little things; and thence proceed to greater. -- Epictetus (Discourses IV.i) Go katas Katas (形) are practiced
The KYVE Chain v0.6.3 The chain nodes are the backbone of KYVE. The chain layer is a completely sovereign Proof of Stake blockchain build with Cosmos
Beelzebub A secure honeypot framework, extremely easy to configure by yaml 🚀 Examples: mariocandela/beelzebub-example Quick Start Using docker-compos
🧬 fusion Generate secure by default cloud infrastructure configuration with Go and Terraform. Install 📥 Install the fusion cli Go If you have Go set
Envsec: Securely store environment variables in your cloud Envsec is a tool that securely stores environment variables in the cloud of your choice. En
hijagger - check package registries for hijackable packages This tool checks every maintainer from every package in the NPM and Python Pypi registry f
pretender Your MitM sidekick for relaying attacks featuring DHCPv6 DNS takeover as well as mDNS, LLMNR and NetBIOS-NS spoofing pretender is a tool dev
PSFuzz - ProvieSec Fuzz Scanner - Web path discovery Introduction ⭐ Star us on GitHub — it motivates a lot! ⭐ Web path discovery Discover with ProSecF
Paralus Paralus is a free, open source tool that enables controlled, audited access to Kubernetes infrastructure for your users, user groups, and serv
Viper Remote control software using gRPC and Go. Components Agent: Runs on the endpoint. Controller: The server that the agents connect to. Agent Mana
Curzor Curzor is a basic vulnerable web application written in Golang, part of the Shadowspace cyber range. The application itself is intended for edu
gitlab-ci-image-scanner (gcis) Scrapes all GitLab gitlab-ci.yml files in all Groups where your API token has access to Identifies Docker images in use
Rönd Rönd is a ligthweight container that allows you to distribute security policy enforcing throughout your application. Rönd is based on OpenPolicy
slowloris - Golang distributed Slowloris attack How it works Read the article 🦷 How to protect from it TBD Installation Run go install github.com/its
OpenFGA A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA is designed to m
What is Gomologin Gomologin is an easy to setup professional login manager for Go web applications. It helps you protect your application resources fr
Repo Audit A GitHub Action to audit all your organization's repositories using Reposaur. Features Automatically audit every repository in a GitHub Org
Traefik Nova Plugin Traefik plugin to proxy requests to Snapt Nova for evaluation against the WAF. Usage (Kubernetes) See examples/k8s for a full Kube
LND whitelist A RPC daemon for LND that listens in the background and allows (whitelist) or denies (blacklist) incoming channels from a list of node p
lock_free_priority_queue Lock-free priority queue, using CAS to ensure concurrency security test func main() { q := lockfreepriorityqueue.NewLKQueue
Terraform Provider Scaffolding (Terraform Plugin Framework) This template repository is built on the Terraform Plugin Framework. The template reposito
rbac-police Retrieve the RBAC permissions of serviceAccounts, pods and nodes in a Kubernetes cluster, and evaluate them using policies written in Rego
Live: https://guarded-wildwood-57389.herokuapp.com/ This assignment is for GoSchool module Go In Action 2. It is a continuation of earlier assignments
PAN-OS Plugin for Steampipe Use SQL to query firewalls, security policies and more from PAN-OS. Get started → Documentation: Table definitions & examp
Encrypted-Content-Encoding for HTTP This a Go implementation of RFC 8188, specifically the draft published on June 2017. ECE for HTTP defines a way to
Secure Remote Password Package srp is a Go implementation of Secure Remote Password protocol as defined by RFC 2945 and RFC 5054. SRP is an authentica
YubiKey A Golang library that provides PIV smart card interface for YubiKey security keys. Usage See yubikey_test.go, slot_test.go. Test # Test everyt
STUNNER Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers. TURN is a protocol mostly used in videoconferencing and audio chat
Implementing JWT Authentication in Golang In this article, we will learn about implementing JWT Authentication in Golang REST APIs and securing it wit
CetusGuard CetusGuard is a tool that allows to protect the Docker daemon socket by filtering the calls to its API endpoints. Some highlights: It is wr
Xpid It's like nmap but for pids. 🤓 xpid [flags] -o [output] Investigate pid 123 and write the report to out.txt xpid 123 out.txt Find all pos
Open Source API Firewall API Firewall is a high-performance proxy with API request and response validation based on OpenAPI/Swagger schema. It is desi
PacketStreamer Deepfence PacketStreamer is a high-performance remote packet capture and collection tool. It is used by Deepfence's ThreatStryker secur
sig-716i A CLI tool written in Go that can be used to disrupt wireless connectivity in the area accessible to your wireless interface. This tool scans
FREE Reverse Engineering Self-Study Course HERE turbo-attack A turbo traffic generator pentesting tool to generate random traffic with random mac and
Gopherscript Gopherscript is a secure scripting/configuration language written in Go. It features a fined-grain permission system and enforces a stron
cfuzz The same thing as wfuzz but for command line fuzzing. This enables to fuzz any command line execution and filter results. Also a good friend for
Simwigo : a cross-platform tool, written in Go, to simplify the deployment of a web service. It is easy to use and user-friendly. It also implements f
RIP This is a HTTP load testing and UDP flood attack tool that run requests concurrently. Note: I am using this project as a Go learning project. Refa
Granted The easiest way to access your cloud. 🚀 Get Started What is Granted? Granted is a command line interface (CLI) application which simplifies a
A port scanner and service detection tool that uses 1000 goroutines at once to scan any hosts's ip or fqdn with the sole purpose of testing your own network to ensure there are no malicious services running.
DevSecOps Quick Start This artefact helps development teams to quickly set up a ready to use environment integrated with a multi-account CI/CD pipelin
Zanshin ⚠️ This project is work in progress. A centralized keylogger application. Monitor and track the keystrokes of all your devices in real-time at
Sample use package main import ( "fmt" "log" "github.com/jreisinger/nmapser
sgCheckup - Check your Security Groups for Unexpected Open Ports & Generate nmap Output sgCheckup is a tool to scan your AWS Security Groups for a com
page ====== password manager using age (https://age-encryption.org/) for encryption. encrypted secrets are files in the $PAGE_SECRETS/ directory that
