SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

Golang Secure Coding Practices guide

An OOB interaction gathering server and client library

The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @openziti

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Datadog Go Library including APM tracing, profiling, and security monitoring.

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

💀 Don't fear the Reaper 👻

Ziti SDK for Golang

A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.

Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git

Application-embedded connectivity and zero-trust components

oauth-labs: an intentionally vulnerable set of OAuth 2.0 labs for security training and learning

The BOAST Outpost for AppSec Testing: a server designed to receive and report Out-of-Band Application Security Testing (OAST) reactions.

A modular bug hunting and web application pentesting framework written in Go

subfalcon is a subdomain enumeration tool that allows you to discover and monitor subdomains for a given list of domains or a single domain. It fetches subdomains from various sources, checks for potential subdomain takeover vulnerabilities, saves findings to a SQLite database, and can notify updates via Discord.

Secure image creator with wolfi packages.

AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetViz provides intuitive insights into domain structures for informed decision-making.

This is a go-protobuf-mutator library for random value mutations. This is a Go equivalent of libprotobuf-mutator, which is implemented in C++.

💣 Dockerized penetration-testing/bugbounty/app-sec testing environment