Golang is getting a lot of traction lately.
Leveraging awesome security tools to code securely with Go is becoming increasingly important.
For this reason, I've compiled a curated list of awesome-golang-security resources here:
A curated list of awesome golang Security related resources.
List inspired by the awesome list thing.
Supported by: GuardRails.io
Web Framework Hardening
- nosurf - CSRF protection middleware for Go.
- gorilla/csrf - Provides Cross Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
- gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
- secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.
unindexed - A drop-in replacement for
http.Dirwhich disables directory indexing.
- beego-security-headers - beego framework filter for easy security headers management.
- paseto - Platform-Agnostic Security Tokens implementation in GO (Golang)
- hsts - Go HTTP Strict Transport Security library
- jwt-go - Golang implementation of JSON Web Tokens (JWT)
Static Code Analysis
- safesql - Static analysis tool for Golang that protects against SQL injections. It does not seem to be actively…
Did I miss anything? Let me know in the comments.
And, please leave a like (or ⭐ the repo) if you find it useful.