serve as a reverse proxy to protect your web services from attacks and exploits.

Golang Secure Coding Practices guide

An OOB interaction gathering server and client library

The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @openziti

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Datadog Go Library including APM tracing, profiling, and security monitoring.

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

💀 Don't fear the Reaper 👻

Ziti SDK for Golang

A Server Side Request Forgery (SSRF) protection library. Made with 🖤 by Doyensec LLC.

Too many secrets (2MS) helps people protect their secrets on any file or on systems like CMS, chats and git

Application-embedded connectivity and zero-trust components

The BOAST Outpost for AppSec Testing: a server designed to receive and report Out-of-Band Application Security Testing (OAST) reactions.

A modular bug hunting and web application pentesting framework written in Go

subfalcon is a subdomain enumeration tool that allows you to discover and monitor subdomains for a given list of domains. It fetches subdomains from various sources [crtsh, hackertargetapi, anubis, alienvault, rappiddns, urlscan ] , saves them to a SQLite database, and can notify updates via Discord.

Secure image creator with wolfi packages.

💣 Dockerized penetration-testing/bugbounty/app-sec testing environment

AssetViz simplifies the visualization of subdomains from input files, presenting them as a coherent mind map. Ideal for penetration testers and bug bounty hunters conducting reconnaissance, AssetViz provides intuitive insights into domain structures for informed decision-making.

urlyzer is a URL parsing analysis tool.

A CLI tool to scan and fix your project's open-source vulnerabilities using Seal packages.