“Everything necessary to get started with Go development in the security space”
— HD Moore, Founder of the Metasploit Project and the Critical Research Corporation
Black Hat Go explores the darker side of Go, the popular programming language revered by hackers for its simplicity, efficiency, and reliability. It provides an arsenal of practical tactics from the perspective of security practitioners and hackers to help you test your systems, build and automate tools to fit your needs, and improve your offensive security skillset, all using the power of Go.
You’ll begin your journey with a basic overview of Go’s syntax and philosophy and start to explore examples that you can leverage for tool development, including common network protocols like HTTP, DNS, and SMB. You’ll then dig into various tactics and problems that penetration testers encounter, addressing things like data pilfering, packet sniffing, and exploit development. You’ll create dynamic, pluggable tools before diving into cryptography, attacking Microsoft Windows, and implementing steganography.
You’ll learn how to:
Make performant tools that can be used for your own security projects
Create usable tools that interact with remote APIs
Scrape arbitrary HTML data
Use Go’s standard package, net/http, for building HTTP servers
Write your own DNS server and proxy
Use DNS tunneling to establish a C2 channel out of a restrictive network
Create a vulnerability fuzzer to discover an application’s security weaknesses
Use plug-ins and extensions to future-proof products
Build an RC2 symmetric-key brute-forcer
Implant data within a Portable Network Graphics (PNG) image.
Are you ready to add to your arsenal of security tools? Then let’s Go!
About the Authors
Tom Steele, Chris Patten, and Dan Kottmann share over 30 years in penetration testing and offensive security experience, and have delivered multiple Go training and development sessions. (See inside for more details.)
THE FINEST IN GEEK ENTERTAINMENT™