Open Source Go Security Software - Page 4
Sort By:
Go Security Software
View 5809 business solutionsBrowse free open source Go Security Software and projects below. Use the toggles on the left to filter open source Go Security Software by OS, license, language, programming language, and project status.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
ContractSafe: Contract Management SoftwareDitch those spreadsheets, shared drives & crazy-expensive solutions with too many bells & whistles. ContractSafe offers the simplest way to manage your contracts efficiently without breaking the bank.
-
1
GoSpider
Gospider - Fast web spider written in Go
GoSpider - Fast web spider written in Go. Fast web crawling. Brute force and parse sitemap.xml. Parse robots.txt. Generate and verify link from JavaScript files. Link Finder. Find AWS-S3 from response source. Find subdomains from the response source. Get URLs from Wayback Machine, Common Crawl, Virus Total, Alien Vault. Format output easy to Grep. Support Burp input. Crawl multiple sites in parallel. -
2
Horusec
Open source tool that improves identification of vulnerabilities
Horusec is an open source tool that performs a static code analysis to identify security flaws during the development process. Currently, the languages for analysis are C#, Java, Kotlin, Python, Ruby, Golang, Terraform, Javascript, Typescript, Kubernetes, PHP, C, HTML, JSON, Dart, Elixir, Shell, Nginx. The tool has options to search for key leaks and security flaws in all your project's files, as well as in Git history. Horusec can be used by the developer through the CLI and by the DevSecOps team on CI /CD mats. -
3
Kubeapps
A web-based UI for deploying and managing applications in Kubernetes
Kubeapps is an in-cluster web-based application that enables users with a one-time installation to deploy, manage, and upgrade applications on a Kubernetes cluster. Deploy and Manage your Favorite Kubernetes Packages. Browse and deploy packages from public and private registries. Perform day-two operations such as upgrades or rollbacks seamlessly. Create and manage different catalogs isolating them in different namespaces and clusters just using a single Kubeapps instance. Leverage RBAC and OAuth2/OIDC to authenticate and authorize users in Kubeapps. -
4
SLSA GitHub Generator
Language-agnostic SLSA provenance generation for Github Actions
This repository contains free tools to generate and verify SLSA Build Level 3 provenance for native GitHub projects using GitHub Actions. Developers can build their software using a secure process that protects against many supply chain attacks and tampering. Users of their software can verify a tamper-proof statement of the process to know how the software was created. -
Remotely access and manage devices to provide on-demand IT support.ISL Light is an easy-to-use remote desktop software for security-conscious users. It comes at a great price-performance. ISL Light is a powerful tool that helps IT staff and support technicians solve problems remotely, either through unattended access, remote support or even though screen-sharing on mobile devices. It works cross-platform and offers 256-bit encrypted sessions with all standard remote access features plus some important extras: session recording, live chat, videocall, multi-monitor support, file transfer, reporting and many more. Users can choose between cloud or on-premise service. ISL Online license does not limit the number of users, workstations and clients you support. It's a reliable and highly secure software used in all industry sectors including banks, hospitals, governmental institutions and insurances.
-
5
age
A simple, modern and secure encryption tool (and Go library)
age is a security-oriented tool and library by Filo Sottile. age is a simple, modern, secure encryption utility (and Go library) that emphasizes minimal configuration and strong defaults. It provides small explicit keys, no complex options, and is designed for UNIX-style composability; you can pipe into it, integrate it into scripts, etc. It supports a clearly defined format and promotes interoperability across implementations (there are Rust, TypeScript, etc). The project is well-suited for personal data encryption, backup use-cases, scripting encryption workflows, and embedding encryption in tools. Because of its design philosophy, it avoids the bloat of many older encryption utilities while maintaining strong cryptographic hygiene. It’s especially useful for developers or system administrators who want to adopt encryption without learning a multitude of options. -
6
kcp Kubernetes
Kubernetes-like control planes for form-factors
kcp can be a building block for SaaS service providers who need a massively multi-tenant platform to offer services to a large number of fully isolated tenants using Kubernetes-native APIs. The goal is to be useful to cloud providers as well as enterprise IT departments offering APIs within their company. kcp takes full advantage of Kubernetes API conventions, the glue that binds the cloud-native technology ecosystem together and imbues Kubernetes popular end-user experience, but kcp has unbound it from Kubernetes workload orchestration and clusters. kcp implements fully-isolated workspaces, each acting as its own Kubernetes-like cluster, with its own URL, its own set of APIs (e.g. different CRDs), its own RBAC, but as cheap and quick as a namespace. -
7
AWS IAM Authenticator for Kubernetes
Tool to use AWS IAM credentials to authenticate to Kubernetes clusters
A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. A tool to use AWS IAM credentials to authenticate to a Kubernetes cluster. The initial work on this tool was driven by Heptio. The project receives contributions from multiple community engineers and is currently maintained by Heptio and Amazon EKS OSS Engineers. If you are an administrator running a Kubernetes cluster on AWS, you already need to manage AWS IAM credentials to provision and update the cluster. By using AWS IAM Authenticator for Kubernetes, you avoid having to manage a separate credential for Kubernetes access. AWS IAM also provides a number of nice properties such as an out-of-band audit trail (via CloudTrail) and 2FA/MFA enforcement. -
8
Authorizer
Your data, your control. Fully open source, authentication, etc.
Your data, your control. Fully open source, authentication and authorization. No lock-ins. Deployment in Railway in 120 seconds || Spin a docker image as a micro-service in your infra. Built in login page and Admin panel out of the box. Authorizer is an open-source authentication and authorization solution for your applications. Bring your database and have complete control over the user information. You can self-host authorizer instances and connect to any database (Currently supports 11+ databases including Postgres, MySQL, SQLite, SQLServer, YugaByte, MariaDB, PlanetScale, CassandraDB, ScyllaDB, MongoDB, ArangoDB). This guide helps you practice using Authorizer to evaluate it before you use it in a production environment. It includes instructions for installing the Authorizer server in local or standalone mode. -
9
BoringSSL
Mirror of BoringSSL
BoringSSL is a Google-maintained fork of OpenSSL, designed specifically to meet the security, performance, and maintainability needs of Google’s infrastructure and products. While fully open source, BoringSSL is not intended for general public use — it serves as a streamlined, heavily modified SSL/TLS and cryptography library optimized for Google’s internal ecosystem, including Chrome/Chromium, Android, and other Google services. The project prioritizes security, simplicity, and maintainability over backward compatibility. Unlike OpenSSL, BoringSSL provides no guarantee of stable APIs or ABIs, meaning third-party projects depending on it may frequently break. Google products that use BoringSSL ship their own copies and update them as needed, enabling faster iteration without legacy constraints. BoringSSL includes comprehensive API documentation, build instructions, and guidance for porting code from OpenSSL. -
Contractor Foreman is the most affordable all-in-one construction management software for contractors and is trusted by contractors in more than 75 countries.Starting at $49/m for the WHOLE company, Contractor Foreman is the most affordable all-in-one construction management system for contractors. Our customers in 75+ countries and industry awards back it up. And it's all backed by a 100 day guarantee.
-
10
Casbin
An authorization library that supports access control models
An authorization library that supports access control models like ACL, RBAC, ABAC for Golang, Java, C/C++, Node.js, Javascript, PHP, Laravel, Python, .NET (C#), Delphi, Rust, Ruby, Swift (Objective-C), Lua (OpenResty), Dart (Flutter) and Elixir. In Casbin, an access control model is abstracted into a CONF file based on the PERM metamodel (Policy, Effect, Request, Matchers). So switching or upgrading the authorization mechanism for a project is just as simple as modifying a configuration. Besides memory and file, Casbin policy can be stored into lots of places. Currently, dozens of databases are supported, from MySQL, Postgres, Oracle to MongoDB, Redis, Cassandra, AWS S3. Check the full supported list at: adapters. Casbin is implemented in Golang, Java, PHP and Node.js. All implementations share the same API and behaviors. You can learn Casbin once and use it everywhere. In Casbin, the policy storage is implemented as an adapter(aka middleware for Casbin). -
11
GmSSL
Password toolbox that supports national secret
GmSSL is an open source library of domestic commercial ciphers independently developed by Peking University. It realizes comprehensive functional coverage of national secret algorithms, standards, and secure communication protocols. It supports mainstream operating systems and processors including mobile terminals, and supports cryptographic keys, Cipher cards and other typical domestic cryptographic hardware provide feature-rich command line tools and multiple compiled language programming interfaces. GmSSL 3.0 greatly reduces memory requirements and binary code volume, does not rely on dynamic memory, and can be used in low-power embedded environments (MCU, SOC, etc.) National secret algorithm and SSL protocol are embedded in existing projects. The default CMake build system can be easily used with default compilation tools such as Visual Studio and Android NDK. Developers can also manually write Makefiles to compile in special environments, tailoring. -
12
Open Source API Firewall by Wallarm
Fast and light-weight API proxy firewall for request and response
API Firewall is a high-performance proxy with API request and response validation based on OpenAPI/Swagger schema. It is designed to protect REST API endpoints in cloud-native environments. API Firewall provides API hardening with the use of a positive security model allowing calls that match a predefined API specification for requests and responses, while rejecting everything else. -
13
RBAC Manager
A Kubernetes operator that simplifies the management of Role Bindings
RBAC Manager is designed to simplify authorization in Kubernetes. This is an operator that supports declarative configuration for RBAC with new custom resources. Instead of managing role bindings or service accounts directly, you can specify a desired state and RBAC Manager will make the necessary changes to achieve that state. -
14
SafeLine
Serve as a reverse proxy to protect your web services from attacks
SafeLine is a self-hosted WAF(Web Application Firewall) to protect your web apps from attacks and exploits. A web application firewall helps protect web apps by filtering and monitoring HTTP traffic between a web application and the Internet. It typically protects web apps from attacks such as SQL injection, XSS, code injection, os command injection, CRLF injection, LDAP injection, XPath injection, RCE, XXE, SSRF, path traversal, backdoor, brute force, HTTP-flood, bot abuse, among others. By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine’s identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server. A WAF protects your web apps by filtering, monitoring, and blocking any malicious HTTP/S traffic traveling to the web application. -
15
Scope Sentry
Cyberspace asset mapping and vulnerability scanning platform
ScopeSentry is an open source cybersecurity tool designed for cyberspace asset mapping and automated security analysis. It helps security researchers and penetration testers discover, monitor, and analyze internet-facing assets belonging to a target scope. ScopeSentry combines multiple reconnaissance and vulnerability assessment capabilities such as subdomain enumeration, port scanning, directory scanning, and sensitive information detection. ScopeSentry can automatically identify assets and services, extract URLs, and crawl websites to collect useful security data for further analysis. It also includes vulnerability scanning and subdomain takeover detection to help identify common security weaknesses across web infrastructure. It supports distributed scanning with multiple nodes, allowing large scanning tasks to be performed efficiently across different systems. -
16
Stacklok Minder
Software Supply Chain Security Platform
Minder by Stacklok is an open source platform that helps development teams and open source communities build more secure software, and prove to others that what they’ve built is secure. Minder helps project owners proactively manage their security posture by providing a set of checks and policies to minimize risk along the software supply chain and attest their security practices to downstream consumers. Minder allows users to enroll repositories and define policies to ensure repositories and artifacts are configured consistently and securely. Policies can be set to alert only or autoremediate. Minder provides a predefined set of rules and can also be configured to apply custom rules. Minder can be deployed as a Helm chart and provides a CLI tool ‘minder’. Minder is designed to be extensible, allowing users to integrate with their existing tooling and processes. -
17
audit2rbac
Autogenerate RBAC policies based on Kubernetes audit logs
audit2rbac takes a Kubernetes audit log and username as input, and generates RBAC role and binding objects that cover all the API requests made by that user. -
18
goim
goim is a im server writen by golang
GOIM is a IM and push notification server cluster. Supports single push, multiple push and broadcasting. Supports one key to multiple subscribers (Configurable maximum subscribers count). Supports heartbeats (Application heartbeats, TCP, KeepAlive, HTTP long pulling). Supports authentication (Unauthenticated user can’t subscribe). Scalable architecture (Unlimited dynamic job and logic modules). You can view the comments in target/comet.toml,logic.toml,job.toml to understand the meaning of the config. Install comet/logic/job modules and use Supervisor management (You might need to change the configuration files based on your servers). -
19
horcrux
Split your file into encrypted fragments
Horcrux is a command-line tool built in Go that enables you to split a file into encrypted fragments (“horcruxes”) so you don’t need to remember a pass-code for later decryption. It uses the Shamir Secret Sharing scheme to break an encryption key into multiple pieces, such that only a threshold of them can reconstruct the original file. You select the number of fragments to create and the minimum number required to recover the file, then scatter the fragments (e.g., on USBs or cloud locations). The tool provides a “split” command to create the fragments and a “bind” command to recombine them to the original file. It’s especially aimed at people who want strong security for sensitive large files and want to avoid remembering complex pass-codes, and also those who may distribute fragments across multiple locations. The logic is built on Go’s crypto libraries and the underlying Shamir implementation, with an emphasis on simplicity and security rather than password-based keying. -
20
kube2iam
Provides different AWS IAM roles for pods running on Kubernetes
Provide IAM credentials to containers running inside a Kubernetes cluster based on annotations. Traditionally in AWS, service level isolation is done using IAM roles. IAM roles are attributed through instance profiles and are accessible by services through the transparent usage by the aws-sdk of the ec2 metadata API. When using the aws-sdk, a call is made to the EC2 metadata API which provides temporary credentials that are then used to make calls to the AWS service. The problem is that in a multi-tenanted containers based world, multiple containers will be sharing the underlying nodes. Given containers will share the same underlying nodes, providing access to AWS resources via IAM roles would mean that one needs to create an IAM role which is a union of all IAM roles. This is not acceptable from a security perspective. -
21
rudderstack
Privacy and Security focused Segment-alternative, in Golang
Quickly deploy flexible, powerful customer data pipelines, then send the data to your entire stack—without the engineering headache. Our complete toolset makes it easy to level-up your customer data stack. Spare your data engineers the headache. Our 180+ integrations, along with custom webhook sources and destinations, save data teams hundred of hours. Say goodbye to different versions of the truth. Our SDKs track anonymous and known users at the source and reconcile users in your warehouse and SaaS tools. Go beyond event streaming and control all of your customer data on your own terms. Learn how we can help you build a customer data platform. RudderStack treats your data warehouse as a first-class citizen among destinations, with advanced features and configurable, near real-time sync. RudderStack is built API-first. It integrates seamlessly with the tools that the developers already use and love. -
22
Amazon EC2 Spot Interrupter
CLI tool that triggers Amazon EC2 Spot Interruption Notifications
Amazon EC2 Spot Instances let you run flexible, fault-tolerant, or stateless applications in the AWS Cloud at up to a 90% discount from On-Demand prices. Spot instances are regular EC2 capacity that can be reclaimed by AWS with a 2-minute notification called the Interruption Notification. Applications that are able to gracefully handle this notification and respond by check pointing or draining work can leverage Spot for deeply discounted compute resources! In addition to Interruption Notifications, Rebalance Recommendation Events are sent to spot instances that are at higher risk of being interrupted. Handling Rebalance Recommendations can potentially give your application even more time to gracefully shutdown than the 2 minutes an Interruption Notification would give you. It can be challenging to test your application's handling of Spot Interruption Notifications and Rebalance Recommendations. -
23
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
Coraza is an open-source, enterprise-grade, high-performance Web Application Firewall (WAF) ready to protect your beloved applications. It is written in Go, supports ModSecurity SecLang rulesets and is 100% compatible with the OWASP Core Rule Set. Coraza is a drop-in alternative to replace the soon-to-be abandoned Trustwave ModSecurity Engine and supports industry-standard SecLang rule sets. Coraza runs the OWASP Core Rule Set (CRS) to protect your web applications from a wide range of attacks, including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
24
Exposure Notifications Server
Exposure Notification Reference Server | Covid19 Exposure Notification
Exposure Notifications Server is an open source reference implementation developed by Google to support the COVID-19 Exposure Notifications API, designed for use by public health authorities around the world. The server provides a secure and privacy-preserving backend system that enables governments and organizations to deploy exposure notification applications for Android and iOS devices. It handles essential backend functions, including receiving and validating temporary exposure keys from users who have tested positive, storing those keys, and generating downloadable key files for mobile devices to check for potential exposure matches. The system integrates cryptographic signing for authenticity, supports configurable data retention policies, and ensures user privacy by design—no personally identifiable information is stored or transmitted. Built to be platform-agnostic, it can be deployed on any infrastructure or cloud service. -
25
File system notifications for Go
Cross-platform file system notifications for Go
fsnotify utilizes golang.org/x/sys rather than syscall from the standard library. Ensure you have the latest version installed. fsnotify is a fork of howeyc/fsnotify with a new API as of v1.0. The API is based on this design document. All releases are tagged based on Semantic Versioning. Further API changes are planned, and will be tagged with a new major revision number. Go 1.6 supports dependencies located in the vendor/ folder. Unless you are creating a library, it is recommended that you copy fsnotify into vendor/github.com/fsnotify/fsnotify within your project, and likewise for golang.org/x/sys. fsnotify requires support from underlying OS to work. The current NFS protocol does not provide network level support for file notifications.
