DEV Community

loading...
Cover image for Awesome Golang Security πŸ•ΆπŸ”

Awesome Golang Security πŸ•ΆπŸ”

streichsbaer profile image Stefan Streichsbier ・Updated on ・1 min read

Golang is getting a lot of traction lately.

Leveraging awesome security tools to code securely with Go is becoming increasingly important.

For this reason, I've compiled a curated list of awesome-golang-security resources here:

GitHub logo guardrailsio / awesome-golang-security

Awesome Golang Security resources πŸ•ΆπŸ”


A curated list of awesome golang Security related resources.

Awesome

List inspired by the awesome list thing.

Supported by: GuardRails.io


Contents

Tools

Web Framework Hardening

  • nosurf - CSRF protection middleware for Go.
  • gorilla/csrf - Provides Cross-Site Request Forgery (CSRF) prevention middleware for Go web applications & services.
  • gorilla/securecookie - Encodes and decodes authenticated and optionally encrypted cookie values for Go web applications.
  • secure - Secure is an HTTP middleware for Go that facilitates most of your security needs for web applications.
  • unindexed - A drop-in replacement for http.Dir which disables directory indexing.
  • beego-security-headers - beego framework filter for easy security headers management.

Libraries

  • paseto - Platform-Agnostic Security Tokens implementation in GO (Golang)
  • hsts - Go HTTP Strict Transport Security library
  • jwt-go - Golang implementation of JSON Web Tokens (JWT)

Static Code Analysis

  • safesql - Static analysis tool for Golang that protects against SQL injections. It does…

Did I miss anything? Let me know in the comments.

And, please leave a like (or ⭐ the repo) if you find it useful.

Discussion (7)

pic
Editor guide
Collapse
krusenas profile image
Karolis

Maybe add JWT library: github.com/dgrijalva/jwt-go, really solid and easy to use :)

Collapse
streichsbaer profile image
Collapse
david_j_eddy profile image
David J Eddy

Thank you for this! The awesome lists have saved me days of effort so far.

Collapse
pbnj profile image
Peter Benjamin

Awesome list indeed. Thank you.

Looking forward to awesome-nodejs-security 😝

Let me know if you need a collaborator on it.

Collapse
streichsbaer profile image
Collapse
pbnj profile image
Peter Benjamin

Awesome. Thanks. I looked under Guardrails' GitHub org and under all articles published by you on this platform, hence why I didn't see it.

Would it be possible to consolidate all of them under the same GH org?

Thread Thread
streichsbaer profile image
Stefan Streichsbier Author

That was originally the plan, but some others have done some great lists already.

So what we’ll do is create a section on the original awesome list where we’ll link them all.