pygosec

by gaurabb

0stars

0forks

0watchers

Updated about 9 years ago

About

Pygosec is a Python wrapper that consolidates results from various Go static security analyzers into a single interface.

Python Wrapper for GO static analyzers

Primary Use Case

This tool is designed for developers and security professionals who want to perform static analysis on Go codebases. By using pygosec, users can easily run multiple security analyzers and gather their results in one place, streamlining the vulnerability scanning process.

Key Features

Integrates multiple Go static analyzers
Consolidates scan results into a single output
Supports SafeSQL and GoASTScanner
Easy installation and usage via command line
Provides both terminal output and JSON results

Installation

git clone [email protected]:gaurabb/pygosec.git
CD into the pygosec directory
Run gochecker.py with the path to the code to scan

Usage

>_ python gochecker.py -p <path to code to scan>

Runs the static analysis on the specified Go code path.

>_ -h

Displays help/usage information.

Security Frameworks

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Usage Insights

Can be chained with Metasploit for automated exploitation
Useful for continuous security monitoring in CI/CD pipelines
Integrate with CI/CD tools for automated security checks on code commits
Encourage developers to use pygosec in local development environments to catch vulnerabilities early
Consider developing a dashboard for visualizing scan results over time to track security improvements