Artwork

Treść dostarczona przez Firo Solutions LTD. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Firo Solutions LTD lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !

Golang Malware with Ben Kurtz Part 1

1:06:07
 
Udostępnij
 

Manage episode 334221763 series 3370924
Treść dostarczona przez Firo Solutions LTD. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Firo Solutions LTD lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.

Ben Kurtz, is an interesting hacker that has been involved in the infosec space for over 20 years. He has done a large chunk of research into writing malware and post-exploitation tools in the Golang programming language.

Tune into this episode of Hacker Talk as we are joined by Ben Kurtz and deep dive into Golang Malware.

In this episode of Hacker Talk, we cover the following topics:

Getting into programming, apple 2, hacking, bulletin board systems,

pirating apple 2 software

unix security, shadow and files in the /etc/ folder

evolution of network security since 1994

first talk at DEFCON,

life as a developer

LISP

Dan Kaminsky, recruited as a professional hacker

Learning different programming languages

Learning pascal in a basement

Functional programming, constraint solver

Getting into the Golang flow.

Plan-9 redoing C++

Getting into Golang malware

encrypted mesh network

Ratnet

Iran shutting down tls connections

Internet Censorship

Code audits

Writing malware in different languages

V programming language

Nym programming language

dild, dynamic loading library in OSX

parsing memory in golang

process execution block

loading windows syscall's

evading anti-malware systems

hells gate, direct windows system calls

Network traffic obfuscation

online communities that have been running for a long time, Second Life

Offline mesh network

Red team penetration

Write your own malware implant as a penetration tester.

Obfuscating malware traffic

writing malware

Sliver, opensource version of cobalt strike, Command and Control Server

testing malware

setting up a test environment

Penetration testing as a Red Team.

Golang Antivirus/EDR evasion

Enterprise network monitoring

Shellcode loaders in pure golang

Rewriting the backdoor factory in golang.

Obfuscating binaries with the custom golang debug library

Parsing executables from memory(RAM)

universal system binary loader without touching disk

Links:

https://www.hack-the-planet.net/

https://github.com/awgh

https://github.com/Binject

https://github.com/Binject/go-donut

https://github.com/C-Sto/BananaPhone/

https://www.symbolcrash.com/wp-content/uploads/2019/02/Authenticode_PE-1.pdf

https://www.cyberbit.com/blog/endpoint-security/malware-mitigation-when-direct-system-calls-are-used/

https://github.com/boku7/HellsGatePPID

https://teamhydra.blog/2020/09/18/implementing-direct-syscalls-using-hells-gate/

https://vxug.fakedoma.in/papers/VXUG/Exclusive/HellsGate.pdf

https://2600.com/

https://en.wikipedia.org/wiki/Bulletin_board_system

https://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs

https://go.dev/

https://go.dev/doc/effective_go

https://github.com/awgh/ratnet

https://github.com/BishopFox/sliver

https://www.youtube.com/watch?v=3RQb05ITSyk | Golang Malware defcon talk

https://vlang.io/

https://vlang.io/compare

https://en.wikipedia.org/wiki/Nim_(programming_language)

https://github.com/vyrus001/go-mimikatz

https://github.com/vyrus001/go-mimikatz/blob/master/packer/packer.go

  continue reading

19 odcinków

Artwork

Golang Malware with Ben Kurtz Part 1

Hacker Talk

17 subscribers

published

iconUdostępnij
 
Manage episode 334221763 series 3370924
Treść dostarczona przez Firo Solutions LTD. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Firo Solutions LTD lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.

Ben Kurtz, is an interesting hacker that has been involved in the infosec space for over 20 years. He has done a large chunk of research into writing malware and post-exploitation tools in the Golang programming language.

Tune into this episode of Hacker Talk as we are joined by Ben Kurtz and deep dive into Golang Malware.

In this episode of Hacker Talk, we cover the following topics:

Getting into programming, apple 2, hacking, bulletin board systems,

pirating apple 2 software

unix security, shadow and files in the /etc/ folder

evolution of network security since 1994

first talk at DEFCON,

life as a developer

LISP

Dan Kaminsky, recruited as a professional hacker

Learning different programming languages

Learning pascal in a basement

Functional programming, constraint solver

Getting into the Golang flow.

Plan-9 redoing C++

Getting into Golang malware

encrypted mesh network

Ratnet

Iran shutting down tls connections

Internet Censorship

Code audits

Writing malware in different languages

V programming language

Nym programming language

dild, dynamic loading library in OSX

parsing memory in golang

process execution block

loading windows syscall's

evading anti-malware systems

hells gate, direct windows system calls

Network traffic obfuscation

online communities that have been running for a long time, Second Life

Offline mesh network

Red team penetration

Write your own malware implant as a penetration tester.

Obfuscating malware traffic

writing malware

Sliver, opensource version of cobalt strike, Command and Control Server

testing malware

setting up a test environment

Penetration testing as a Red Team.

Golang Antivirus/EDR evasion

Enterprise network monitoring

Shellcode loaders in pure golang

Rewriting the backdoor factory in golang.

Obfuscating binaries with the custom golang debug library

Parsing executables from memory(RAM)

universal system binary loader without touching disk

Links:

https://www.hack-the-planet.net/

https://github.com/awgh

https://github.com/Binject

https://github.com/Binject/go-donut

https://github.com/C-Sto/BananaPhone/

https://www.symbolcrash.com/wp-content/uploads/2019/02/Authenticode_PE-1.pdf

https://www.cyberbit.com/blog/endpoint-security/malware-mitigation-when-direct-system-calls-are-used/

https://github.com/boku7/HellsGatePPID

https://teamhydra.blog/2020/09/18/implementing-direct-syscalls-using-hells-gate/

https://vxug.fakedoma.in/papers/VXUG/Exclusive/HellsGate.pdf

https://2600.com/

https://en.wikipedia.org/wiki/Bulletin_board_system

https://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs

https://go.dev/

https://go.dev/doc/effective_go

https://github.com/awgh/ratnet

https://github.com/BishopFox/sliver

https://www.youtube.com/watch?v=3RQb05ITSyk | Golang Malware defcon talk

https://vlang.io/

https://vlang.io/compare

https://en.wikipedia.org/wiki/Nim_(programming_language)

https://github.com/vyrus001/go-mimikatz

https://github.com/vyrus001/go-mimikatz/blob/master/packer/packer.go

  continue reading

19 odcinków

Tüm bölümler

×
 
Loading …

Zapraszamy w Player FM

Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.

 

Skrócona instrukcja obsługi