Like the best-selling Black Hat Python , Black Hat Go explores the darker side of the popular Go programming language. This collection of short scripts will help you test your systems, build and automate tools to fit your needs, and improve your offensive security skillset. Black Hat Go explores the darker side of Go, the popular programming language revered by hackers for its simplicity, efficiency, and reliability. It provides an arsenal of practical tactics from the perspective of security practitioners and hackers to help you test your systems, build and automate tools to fit your needs, and improve your offensive security skillset, all using the power of Go. You'll begin your journey with a basic overview of Go's syntax and philosophy and then start to explore examples that you can leverage for tool development, including common network protocols like HTTP, DNS, and SMB. You'll then dig into various tactics and problems that penetration testers encounter, addressing things like data pilfering, packet sniffing, and exploit development. You'll create dynamic, pluggable tools before diving into cryptography, attacking Microsoft Windows, and implementing steganography. You'll learn how to: ;; • ;;Make performant tools that can be used for your own security projects ;; • ;;Create usable tools that interact with remote APIs ;; • ;;Scrape arbitrary HTML data ;; • ;;Use Go's standard package, net/http, for building HTTP servers ;; • ;;Write your own DNS server and proxy ;; • ;;Use DNS tunneling to establish a C2 channel out of a restrictive network ;; • ;;Create a vulnerability fuzzer to discover an application's security weaknesses ;; • ;;Use plug-ins and extensions to future-proof productsBuild an RC2 symmetric-key brute-forcer ;; • ;;Implant data within a Portable Network Graphics (PNG) image. Are you ready to add to your arsenal of security tools? Then let's Go!...

"It’s been incredibly fun having these kinds of projects, where you’re not just learning syntax, you’re not just learning the mechanics of Go, but you have things to build that are kind of fun." —Johnny Boursiquot, Go Time Podcast 

Auteur

Tom Steele, Chris Patten, and Dan Kottman

Texte du rabat

Black Hat Go explores the darker side of Go, the popular programming language revered by hackers for its simplicity, efficiency, and reliability. It provides an arsenal of practical tactics from the perspective of security practitioners and hackers to help you test your systems, build and automate tools to fit your needs, and improve your offensive security skillset, all using the power of Go.

You'll begin your journey with a basic overview of Go's syntax and philosophy and then start to explore examples that you can leverage for tool development, including common network protocols like HTTP, DNS, and SMB. You'll then dig into various tactics and problems that penetration testers encounter, addressing things like data pilfering, packet sniffing, and exploit development. You'll create dynamic, pluggable tools before diving into cryptography, attacking Microsoft Windows, and implementing steganography.

You'll learn how to:
• Make performant tools that can be used for your own security projects
• Create usable tools that interact with remote APIs
• Scrape arbitrary HTML data
• Use Go's standard package, net/http, for building HTTP servers
• Write your own DNS server and proxy
• Use DNS tunneling to establish a C2 channel out of a restrictive network
• Create a vulnerability fuzzer to discover an application's security weaknesses
• Use plug-ins and extensions to future-proof productsBuild an RC2 symmetric-key brute-forcer
• Implant data within a Portable Network Graphics (PNG) image.

Are you ready to add to your arsenal of security tools? Then let's Go!

Résumé
Like the best-selling Black Hat Python, Black Hat Go explores the darker side of the popular Go programming language. This collection of short scripts will help you test your systems, build and automate tools to fit your needs, and improve your offensive security skillset.

Black Hat Go explores the darker side of Go, the popular programming language revered by hackers for its simplicity, efficiency, and reliability. It provides an arsenal of practical tactics from the perspective of security practitioners and hackers to help you test your systems, build and automate tools to fit your needs, and improve your offensive security skillset, all using the power of Go.

You'll learn how to:
Make performant tools that can be used for your own security projectsCreate usable tools that interact with remote APIsScrape arbitrary HTML dataUse Go's standard package, net/http, for building HTTP serversWrite your own DNS server and proxyUse DNS tunneling to establish a C2 channel out of a restrictive networkCreate a vulnerability fuzzer to discover an application's security weaknessesUse plug-ins and extensions to future-proof productsBuild an RC2 symmetric-key brute-forcerImplant data within a Portable Network Graphics (PNG) image.
Are you ready to add to your arsenal of security tools? Then let's Go!

Contenu
Chapter 1: Go Fundamentals and Concepts
Chapter 2: TCP and Go: Scanners and Proxies
Chapter 3: HTTP Clients: Remote Interaction with Tools
Chapter 4: HTTP Servers: Routing and Middleware
Chapter 5: Exploiting DNS: Recon and More
Chapter 6: SMB and NTLM: A Peek Down the Rabbit Hole
Chapter 7: Databases and Filesystems: Pilfering and Abusing
Chapter 8: Packet Processing: Living on the Wire
Chapter 9: Exploit Code: Writing and Porting
Chapter 10: Extendable Tools: Using Go Plugins and LUA
Chapter 11: Cryptography: Implementing and Attacking
Chapter 12: Windows: System Interaction and Analysis
Chapter 13: Steganography: Hiding Data
Chapter 14: Command and Control: Building a RAT