security

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 17, 2026 License: MIT Imports: 11 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func GenerateSecureToken 

func GenerateSecureToken(length int) (string, error)

GenerateSecureToken generates a cryptographically secure random token

Types

type CryptoValidator 

type CryptoValidator struct{}

CryptoValidator validates cryptographic implementations

func NewCryptoValidator 

func NewCryptoValidator() *CryptoValidator

NewCryptoValidator creates a new crypto validator

func (*CryptoValidator) ValidateRSAKeySize 

func (c *CryptoValidator) ValidateRSAKeySize(key *rsa.PrivateKey) error

ValidateRSAKeySize checks RSA key size

func (*CryptoValidator) ValidateRandomness 

func (c *CryptoValidator) ValidateRandomness(sampleSize int) error

ValidateRandomness tests random number generation

type InputValidator 

type InputValidator struct{}

InputValidator validates input for security issues

func NewInputValidator 

func NewInputValidator() *InputValidator

NewInputValidator creates a new input validator

func (*InputValidator) ValidateEmail 

func (v *InputValidator) ValidateEmail(email string) error

ValidateEmail validates email format

func (*InputValidator) ValidateNoPathTraversal 

func (v *InputValidator) ValidateNoPathTraversal(input string) error

ValidateNoPathTraversal checks for path traversal attempts.

Patterns require a separator (slash, backslash, or encoded variant) adjacent to the dot-dot — bare ".." matches natural prose (ellipsis, sentence joins, version strings) and produced a flood of false positives on user-recorded content. Path traversal needs a separator to actually traverse; without one, two dots in input are not a traversal attempt.

func (*InputValidator) ValidateNoSQLInjection 

func (v *InputValidator) ValidateNoSQLInjection(input string) error

ValidateNoSQLInjection checks for SQL injection patterns

func (*InputValidator) ValidateNoXSS 

func (v *InputValidator) ValidateNoXSS(input string) error

ValidateNoXSS checks for XSS patterns

func (*InputValidator) ValidateString 

func (v *InputValidator) ValidateString(input string, maxLength int) error

ValidateString checks a string for injection attacks

func (*InputValidator) ValidateUsername 

func (v *InputValidator) ValidateUsername(username string) error

ValidateUsername validates username format

type PasswordValidator 

type PasswordValidator struct {
	MinLength      int
	RequireUpper   bool
	RequireLower   bool
	RequireDigit   bool
	RequireSpecial bool
}

PasswordValidator validates password strength

func DefaultPasswordValidator 

func DefaultPasswordValidator() *PasswordValidator

DefaultPasswordValidator returns a validator with secure defaults

func (*PasswordValidator) CalculateStrength 

func (p *PasswordValidator) CalculateStrength(password string) int

CalculateStrength returns password strength score (0-100)

func (*PasswordValidator) Validate 

func (p *PasswordValidator) Validate(password string) error

Validate checks password strength

type PenetrationTestHelper 

type PenetrationTestHelper struct {
	// contains filtered or unexported fields
}

PenetrationTestHelper provides utilities for penetration testing

func NewPenetrationTestHelper 

func NewPenetrationTestHelper() *PenetrationTestHelper

NewPenetrationTestHelper creates a new penetration test helper

func (*PenetrationTestHelper) GetScanner 

func (p *PenetrationTestHelper) GetScanner() *SecurityScanner

GetScanner returns the security scanner

func (*PenetrationTestHelper) InjectionPayloads 

func (p *PenetrationTestHelper) InjectionPayloads() []string

InjectionPayloads returns common injection attack payloads

func (*PenetrationTestHelper) PathTraversalPayloads 

func (p *PenetrationTestHelper) PathTraversalPayloads() []string

PathTraversalPayloads returns common path traversal payloads

func (*PenetrationTestHelper) TestInjection 

func (p *PenetrationTestHelper) TestInjection(testFunc func(string) error) []string

TestInjection tests for injection vulnerabilities

func (*PenetrationTestHelper) TestPathTraversal 

func (p *PenetrationTestHelper) TestPathTraversal(testFunc func(string) error) []string

TestPathTraversal tests for path traversal vulnerabilities

func (*PenetrationTestHelper) TestXSS 

func (p *PenetrationTestHelper) TestXSS(testFunc func(string) error) []string

TestXSS tests for XSS vulnerabilities

func (*PenetrationTestHelper) XSSPayloads 

func (p *PenetrationTestHelper) XSSPayloads() []string

XSSPayloads returns common XSS attack payloads

type RateLimitTester 

type RateLimitTester struct {
	// contains filtered or unexported fields
}

RateLimitTester tests rate limiting

func NewRateLimitTester 

func NewRateLimitTester() *RateLimitTester

NewRateLimitTester creates a new rate limit tester

func (*RateLimitTester) TestRateLimit 

func (r *RateLimitTester) TestRateLimit(testFunc func() error, count int, duration time.Duration) (bool, int)

TestRateLimit tests if rate limiting is enforced

type SecurityScanner 

type SecurityScanner struct {
	// contains filtered or unexported fields
}

SecurityScanner performs security vulnerability scanning

func NewSecurityScanner 

func NewSecurityScanner() *SecurityScanner

NewSecurityScanner creates a new security scanner

func (*SecurityScanner) GetVulnerabilities 

func (s *SecurityScanner) GetVulnerabilities() []Vulnerability

GetVulnerabilities returns all detected vulnerabilities

func (*SecurityScanner) GetVulnerabilitiesBySeverity 

func (s *SecurityScanner) GetVulnerabilitiesBySeverity(severity Severity) []Vulnerability

GetVulnerabilitiesBySeverity returns vulnerabilities of a specific severity

type Severity 

type Severity string

Severity represents the severity of a vulnerability 

const (
	SeverityCritical Severity = "critical"
	SeverityHigh     Severity = "high"
	SeverityMedium   Severity = "medium"
	SeverityLow      Severity = "low"
	SeverityInfo     Severity = "info"
)

type TLSValidator 

type TLSValidator struct{}

TLSValidator validates TLS configuration

func NewTLSValidator 

func NewTLSValidator() *TLSValidator

NewTLSValidator creates a new TLS validator

func (*TLSValidator) ValidateTLSConfig 

func (t *TLSValidator) ValidateTLSConfig(config *tls.Config) []Vulnerability

ValidateTLSConfig checks TLS configuration security

func (*TLSValidator) ValidateTLSConnection 

func (t *TLSValidator) ValidateTLSConnection(address string, timeout time.Duration) error

ValidateTLSConnection tests a TLS connection

type Vulnerability 

type Vulnerability struct {
	Type        VulnerabilityType
	Severity    Severity
	Description string
	Location    string
	Remediation string
	CVE         string
	CVSS        float64
}

Vulnerability represents a detected security vulnerability

func ValidateCertificate 

func ValidateCertificate(cert *x509.Certificate) []Vulnerability

ValidateCertificate validates an X.509 certificate

type VulnerabilityType 

type VulnerabilityType string

VulnerabilityType represents the type of security vulnerability 

const (
	VulnInjection         VulnerabilityType = "injection"
	VulnPathTraversal     VulnerabilityType = "path_traversal"
	VulnWeakCrypto        VulnerabilityType = "weak_crypto"
	VulnWeakPassword      VulnerabilityType = "weak_password"
	VulnMissingAuth       VulnerabilityType = "missing_auth"
	VulnInsecureTransport VulnerabilityType = "insecure_transport"
	VulnXSS               VulnerabilityType = "xss"
	VulnCSRF              VulnerabilityType = "csrf"
	VulnRateLimit         VulnerabilityType = "rate_limit"
	VulnInfoDisclosure    VulnerabilityType = "info_disclosure"
)

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.