DEV Community

Cover image for Awesome Golang Security ๐Ÿ•ถ๐Ÿ”
Stefan Streichsbier
Stefan Streichsbier

Posted on โ€ข Edited on

Awesome Golang Security ๐Ÿ•ถ๐Ÿ”

#showdev #go #security #githunt

Golang is getting a lot of traction lately.

Leveraging awesome security tools to code securely with Go is becoming increasingly important.

For this reason, I've compiled a curated list of awesome-golang-security resources here:

GitHub logo guardrailsio / awesome-golang-security

Awesome Golang Security resources ๐Ÿ•ถ๐Ÿ”


A curated list of awesome golang Security related resources.

Awesome

List inspired by the awesome list thing.

Supported by: GuardRails.io


Contents

Tools

Web Framework Hardening

  • nosurf - CSRF protection middleware for Go.
  • gorilla/csrf - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
  • gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
  • secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.
  • unindexed - A drop-in replacement for http.Dir which disables directory indexing.
  • beego-security-headers - beego framework filter for easy security headers management.

Libraries

  • paseto - Platform-Agnostic Security Tokens implementation in GO (Golang).
  • hsts - Go HTTP Strict Transport Security library.
  • jwt-go - Golang implementation of JSON Web Tokens (JWT).
  • httprobe - Take a list of domains and probe for working HTTP and HTTPS servers.

Static Code Analysis

โ€ฆ
View on GitHub

Did I miss anything? Let me know in the comments.

And, please leave a like (or โญ the repo) if you find it useful.

Top comments (7)

Collapse
ย 
krusenas profile image
Karolis โ€ข

Maybe add JWT library: github.com/dgrijalva/jwt-go, really solid and easy to use :)

Collapse
ย 
streichsbaer profile image
Stefan Streichsbier โ€ข

Thanks, will do!

Collapse
ย 
pbnj profile image
Peter Benjamin (they/them) โ€ข

Awesome list indeed. Thank you.

Looking forward to awesome-nodejs-security ๐Ÿ˜

Let me know if you need a collaborator on it.

Collapse
ย 
streichsbaer profile image
Stefan Streichsbier โ€ข

That has been done already.

github.com/lirantal/awesome-nodejs...

Collapse
ย 
pbnj profile image
Peter Benjamin (they/them) โ€ข

Awesome. Thanks. I looked under Guardrails' GitHub org and under all articles published by you on this platform, hence why I didn't see it.

Would it be possible to consolidate all of them under the same GH org?

Thread Thread
ย 
streichsbaer profile image
Stefan Streichsbier โ€ข

That was originally the plan, but some others have done some great lists already.

So what weโ€™ll do is create a section on the original awesome list where weโ€™ll link them all.

Collapse
ย 
david_j_eddy profile image
David J Eddy โ€ข

Thank you for this! The awesome lists have saved me days of effort so far.