c0c0n 2019

Talk: Golang for Pentesters / RedTeamers

Abstract

Pentesters and redteamers alike are nowadays faced with multiple challenges where conventional tools fail or just doesn’t work and you need to whip up a tool of your own may be just for this one task or may be as a new tool entirely. With that in mind This talk will explore using Golang as a language of choice in such scenarios. Golang is a recent entry in the world of modern languages. This language has bought the capabilities of compiled languages as well as interpreted languages in a single place and as cherry on top it has brilliant cross platform capabilities. This talk will explore how Golang can be used by a professionals to automate routine task’s and how a single codebase can be leveraged to craft binaries for multiple platform.
In the current world preferred choices are python / bash however we would like to leverage Go for its inherent capabilities such as low level I/O handling or handling high volume of incoming data (web requests / large file content) and in-build concurrency capabilities which allows golang to perform magnitudes faster then python or bash or any other typed or interpreted language.
The talk will guide from starting to write a basic hello world program in Golang to leveraging the brilliant modules available in the language to perform routine tasks like,

  1. port scanning,
  2. network query,
  3. web requests,
  4. user input handling,
  5. network monitoring
  6. Log parsing

This talk will provide the necessary boilerplates to get started with writing your own next gen tool in golang and take the next step in evolving information security.

Slides

Resources