Golang is getting a lot of traction lately.
Leveraging awesome security tools to code securely with Go is becoming increasingly important.
For this reason, I've compiled a curated list of awesome-golang-security resources here:
A curated list of awesome golang Security related resources.
List inspired by the awesome list thing.
Supported by: GuardRails.io
Web Framework Hardening
- nosurf - CSRF protection middleware for Go.
- gorilla/csrf - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
- gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
- secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.
unindexed - A drop-in replacement for
http.Dirwhich disables directory indexing.
- beego-security-headers - beego framework filter for easy security headers management.
- paseto - Platform-Agnostic Security Tokens implementation in GO (Golang).
- hsts - Go HTTP Strict Transport Security library.
- jwt-go - Golang implementation of JSON Web Tokens (JWT).
- httprobe - Take a list of domains and probe for working HTTP and HTTPS servers.
Static Code Analysis
Did I miss anything? Let me know in the comments.
And, please leave a like (or ⭐ the repo) if you find it useful.