Top 23 Go Security Projects

• Caddy

  402 53,718 9.5 Go

  Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

  

Project mention: Why Does Windows Use Backslash as Path Separator? | news.ycombinator.com | 2024-04-24

No, look at the associated unit test: https://github.com/caddyserver/caddy/blob/c6eb186064091c79f4...

If that test fails we could serve PHP source code instead of having it be evaluated, a major security flaw.

• trivy

  82 21,388 9.8 Go

  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

  

Project mention: A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons | dev.to | 2024-04-16

Trivy Owner/Maintainer: Aqua Security Age: First released on GitHub on May 7th, 2019 License: Apache License 2.0 backward-compatible with tfsec

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• authelia

  174 19,578 9.9 Go

  The Single Sign-On Multi-Factor portal for web apps

  

Project mention: Keycloak SSO with Docker Compose and Nginx | news.ycombinator.com | 2024-02-11

It's me and two others though I'm definitely the most active. We put a lot of effort into security best practices and one of my co-developers is currently reviewing the 4.38.0 release. It's a fairly major release with a lot of important code paths that have been improved for the future.

Our official docs can be found at https://www.authelia.com and you can find docs for a particular PR in the relevant PR. We've also linked the pre-release docs in the pre-release discussions which can be found here: https://github.com/authelia/authelia/discussions/categories/...

• cilium

  24 18,572 10.0 Go

  eBPF-based Networking, Security, and Observability

  

Project mention: Cisco to Acquire Cloud Native Networking and Security Leader Isovalent | news.ycombinator.com | 2023-12-21

They would have had to add a few externals to get to Graduated but it's definitely a minority:

https://github.com/cilium/cilium/blob/main/MAINTAINERS.md

• Lean and Mean Docker containers

  38 18,194 9.0 Go

  Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

  

Project mention: Is updating software in Docker containers useful? | /r/selfhosted | 2023-12-06

And if you want to make the container quickly secure without bloats, maybe give this a try https://github.com/slimtoolkit/slim

• nuclei

  17 17,234 9.8 Go

  Fast and customizable vulnerability scanner based on simple YAML based DSL.

  

Project mention: The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research) | /r/SaaS | 2023-05-22

Nuclei

• Gravitational Teleport

  61 16,543 10.0 Go

  The easiest, and most secure way to access and protect all of your infrastructure.

  

Project mention: Apache Guacamole: a clientless remote desktop gateway | news.ycombinator.com | 2024-03-29

https://github.com/gravitational/teleport/blob/master/rfd/00...

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• bettercap

  28 15,681 1.0 Go

  The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

  

Project mention: bettercap VS petep - a user suggested alternative | libhunt.com/r/bettercap | 2023-10-03

• age

  214 15,298 4.9 Go

  A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

Project mention: keepsecret.py: a simple way to encrypt secret files in your repository | dev.to | 2024-04-28

age

• gitleaks

  35 15,225 8.2 Go

  Protect and discover secrets using Gitleaks 🔑

  

Project mention: How to use Lefthooks in your node project? | dev.to | 2024-04-11

install gitleaks in your machine gitleaks

• sops

  150 15,114 9.0 Go

  Simple and flexible tool for managing secrets

  

Project mention: Pico.sh – Hacker Labs | news.ycombinator.com | 2024-04-21

My script just sets up default .sops.yaml for https://github.com/getsops/sops

You can further edit .sops.yaml(eg have multiple of them) and decide how you split secrets in your directory tree to further customize who can decrypt the secrets.

It works pretty well for prod/dev splits, etc

• Ory Hydra

  37 15,068 9.1 Go

  OpenID Certified™ OpenID Connect and OAuth Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language. Works with Hardware Security Modules. Compatible with MITREid.

  

Project mention: Show HN: Open-source OAuth2 server Ory Hydra now 6x faster | news.ycombinator.com | 2024-02-13

• trufflehog

  25 13,907 9.9 Go

  Find and verify secrets

  

Project mention: Seeking help to identify vulnerabilities and secrets in a website backup file | /r/HowToHack | 2023-07-03

Trufflehog

• chezmoi

  59 11,689 9.7 Go

  Manage your dotfiles across multiple diverse machines, securely.

Project mention: Securely manage your dot files | news.ycombinator.com | 2024-04-11

• vuls

  3 10,671 8.8 Go

  Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

  

• gophish

  58 10,634 2.8 Go

  Open-Source Phishing Toolkit

  

Project mention: Any self-host FOSS suites for running phishing testing campaigns? | /r/selfhosted | 2023-05-21

• kubescape

  76 9,696 9.5 Go

  Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.

  

Project mention: CodiumAI PR-Agent Dominates the Dev World with Versatility and Open-Source Power | dev.to | 2023-12-03

CodiumAI PR-Agent’s influence extends deeply within open-source projects. An exemplary illustration is Kubespace, a Cloud Native Computing Foundation (CNCF) sandbox project. Since its adoption in August, Kubespace has been utilizing the PR-Agent service. They also recently had a public bug bounty collaboration with CodiumAI. This program added an extra layer of community-driven scrutiny, encouraging contributors to utilize simple commands like /describe for effective pull request messages. Here the contributor wanted to better describe the PR, so he used the /describe prompt.

• Netmaker

  165 8,952 9.6 Go

  Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.

  

Project mention: Netmaker: An open source WireGuard VPN | news.ycombinator.com | 2024-02-23

• crowdsec

  169 7,774 9.6 Go

  CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

  

Project mention: Disable notifications for one out of several machines | /r/CrowdSec | 2023-07-04

• grype

  56 7,649 9.5 Go

  A vulnerability scanner for container images and filesystems

  

Project mention: Introduction to the Kubernetes ecosystem | dev.to | 2024-04-25

Trivy Operator : A simple and comprehensive vulnerability scanner for containers and other artifacts. It detects vulnerabilities of OS packages (Alpine, Debian, CentOS, etc.) and application dependencies (pip, npm, yarn, composer, etc.) (Alternatives : Grype, Snyk, Clair, Anchore, Twistlock)

• gosec

  19 7,454 8.7 Go

  Go security checker

  

Project mention: Top 10 Snyk Alternatives for Code Security | dev.to | 2023-08-31

6. Gosec

• lego

  55 7,269 8.9 Go

  Let's Encrypt/ACME client and library written in Go

  

Project mention: Dehydrated: Letsencrypt/acme client implemented as a shell-script | news.ycombinator.com | 2024-04-19

Self contained but hardly a tiny supply chain attack surface: https://github.com/go-acme/lego/blob/master/go.sum

• authentik

  165 6,762 10.0 Go

  The authentication glue you need.

  

Project mention: Show HN: Stack, the open-source Clerk/Firebase Auth alternative | news.ycombinator.com | 2024-04-14

If you're looking for a system that has more features, is user friendly, a nice admin ui and easy deployments compared to Keycloak. Please give https://goauthentik.io/ a shot. Not affiliated in any way, just a very happy user.

It has

-an admin UI

- Supports (LDAP, SAML, OAUTH, social logins)

- MFA, Passkeys

- Application access based on user groups etc

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Go Security related posts

• keepsecret.py: a simple way to encrypt secret files in your repository
  2 projects | dev.to | 28 Apr 2024
• Software Supply Chain Security
  1 project | news.ycombinator.com | 27 Apr 2024
• Introduction to the Kubernetes ecosystem
  7 projects | dev.to | 25 Apr 2024
• Pico.sh – Hacker Labs
  5 projects | news.ycombinator.com | 21 Apr 2024
• A Deep Dive Into Terraform Static Code Analysis Tools: Features and Comparisons
  6 projects | dev.to | 16 Apr 2024
• Securely manage your dot files
  1 project | news.ycombinator.com | 11 Apr 2024
• Show HN: Clace – Nginx Unit alternative – app server for internal apps
  2 projects | news.ycombinator.com | 10 Apr 2024
• A note from our sponsor - SaaSHub
  www.saashub.com | 29 Apr 2024

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Do not miss the trending Go projects with our weekly report!