BLACK HAT GO
Go Programming for Hackers and Pentesters
by Tom Steele, Chris Patten, and Dan Kottmann
San Francisco
BLACK HAT GO. Copyright 2020 by Tom Steele, Chris Patten, and Dan Kottmann.
All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or by any information storage or retrieval system, without the prior written permission of the copyright owner and the publisher.
ISBN-10: 1-59327-865-9
ISBN-13: 978-1-59327-865-6
Publisher: William Pollock
Production Editor: Laurel Chun
Cover Illustration: Jonny Thomas
Interior Design: Octopod Studios
Developmental Editors: Frances Saux and Zach Lebowski
Technical Reviewer: Alex Harvey
Copyeditor: Sharon Wilkey
Compositor: Danielle Foster
Proofreader: Brooke Littrel
Indexer: Beth Nauman-Montana
For information on distribution, translations, or bulk sales, please contact No Starch Press, Inc. directly:
No Starch Press, Inc.
245 8th Street, San Francisco, CA 94103
phone: 1.415.863.9900;
www.nostarch.com
Library of Congress Cataloging-in-Publication Data
Names: Steele, Tom (Security Consultant), author. | Patten, Chris, author.
| Kottmann, Dan, author.
Title: Black Hat Go : Go programming for hackers and pentesters / Tom
Steele, Chris Patten, and Dan Kottmann.
Description: San Francisco : No Starch Press, 2020. | Includes
bibliographical references and index. | Summary: "A guide to Go that
begins by introducing fundamentals like data types, control structures,
and error handling. Provides instruction on how to use Go for tasks such
as sniffing and processing packets, creating HTTP clients, and writing
exploits."-- Provided by publisher.
Identifiers: LCCN 2019041864 (print) | LCCN 2019041865 (ebook) | ISBN
9781593278656 | ISBN 9781593278663 (ebook)
Subjects: LCSH: Penetration testing (Computer security) | Go (Computer
program language)
Classification: LCC QA76.9.A25 S739 2020 (print) | LCC QA76.9.A25 (ebook)
| DDC 005.8--dc23
LC record available at https://lccn.loc.gov/2019041864
LC ebook record available at https://lccn.loc.gov/2019041865
No Starch Press and the No Starch Press logo are registered trademarks of No Starch Press, Inc. Other product and company names mentioned herein may be the trademarks of their respective owners. Rather than use a trademark symbol with every occurrence of a trademarked name, we are using the names only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark.
The information in this book is distributed on an As Is basis, without warranty. While every precaution has been taken in the preparation of this work, neither the authors nor No Starch Press, Inc. shall have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the information contained in it.
About the Authors
Tom Steele has been using Go since the version 1 release in 2012 and was one of the first in his field to leverage the language for offensive tooling. He is a managing principal research consultant at Atredis Partners with over 10 years of experience performing adversarial and research-based security assessments. Tom has presented and conducted training courses at numerous conferences, including Defcon, Black Hat, DerbyCon, and BSides. Outside of tech, Tom is also a Black Belt in Brazilian jiujitsu who competes regularly, both regionally and nationally. He owns and operates his own jiujitsu academy in Idaho.
Chris Patten is the founding partner and lead consultant of STACKTITAN, a specialized adversarial services security consultancy. Chris has been practicing in the security industry for more than 25 years in various capacities. He spent the last decade consulting for a number of commercial and government organizations on diverse security issues, including adversarial offensive techniques, threat hunting capabilities, and mitigation strategies. Chris spent his latest tenure leading one of North Americas largest advanced adversarial teams.
Prior to formal consulting, Chris honorably served in the US Air Force, supporting the war-fighting effort. He actively served within the Department of Defense Special Operations Intelligence community at USSOCOM, consulting for Special Operations Groups on sensitive cyber warfare initiatives. Following Chriss military service, he held lead architect positions at numerous Fortune 500 telecommunication companies, working with partners in a research capacity.
Dan Kottmann is a founding partner and lead consultant of STACKTITAN. He has played an integral role in the growth and development of the largest North American adversarial consultancy, directly influencing technical tradecraft, process efficiency, customer experience, and delivery quality. With 15 years of experience, Dan has dedicated nearly the entirety of his professional career to cross-industry, customer-direct consulting and consultancy development, primarily focused on information security and application delivery.
Dan has presented at various national and regional security conferences, including Defcon, BlackHat Arsenal, DerbyCon, BSides, and more. He has a passion for software development and has created various open-source and proprietary applications, from simple command line tools to complex, three-tier, and cloud-based web applications.
About the Technical Reviewer
Alex Harvey has been working with technology his whole life and got his start with embedded systems, robotics, and programming. He moved into information security about 15 years ago, focusing on security testing and research. Never one to shy away from making a tool for the job, he started using the Go programming language and has not looked back.
BRIEF CONTENTS
FOREWORD
Programming languages have always had an impact on information security. The design constraints, standard libraries, and protocol implementations available within each language end up defining the attack surface of any application built on them. Security tooling is no different; the right language can simplify complex tasks and make the incredibly difficult ones trivial. Gos cross-platform support, single-binary output, concurrency features, and massive ecosystem make it an amazing choice for security tool development. Go is rewriting the rules for both secure application development and the creation of security tools, enabling faster, safer, and more portable tooling.
Over the 15 years that I worked on the Metasploit Framework, the project went through two full rewrites, changed languages from Perl to Ruby, and now supports a range of multilingual modules, extensions, and payloads. These changes reflect the constantly evolving nature of software development; in order to keep up in security, your tools need to adapt, and using the right language can save an enormous amount of time. But just like Ruby, Go didnt become ubiquitous overnight. It takes a leap of faith to build anything of value using a new language, given the uncertainties of the ecosystem and the sheer amount of effort needed to accomplish common tasks before the standard libraries catch up.