Przejdź do trybu offline z Player FM !
Golang Malware with Ben Kurtz Part 1
Manage episode 334221763 series 3370924
Ben Kurtz, is an interesting hacker that has been involved in the infosec space for over 20 years. He has done a large chunk of research into writing malware and post-exploitation tools in the Golang programming language.
Tune into this episode of Hacker Talk as we are joined by Ben Kurtz and deep dive into Golang Malware.
In this episode of Hacker Talk, we cover the following topics:
Getting into programming, apple 2, hacking, bulletin board systems,
pirating apple 2 software
unix security, shadow and files in the /etc/ folder
evolution of network security since 1994
first talk at DEFCON,
life as a developer
LISP
Dan Kaminsky, recruited as a professional hacker
Learning different programming languages
Learning pascal in a basement
Functional programming, constraint solver
Getting into the Golang flow.
Plan-9 redoing C++
Getting into Golang malware
encrypted mesh network
Ratnet
Iran shutting down tls connections
Internet Censorship
Code audits
Writing malware in different languages
V programming language
Nym programming language
dild, dynamic loading library in OSX
parsing memory in golang
process execution block
loading windows syscall's
evading anti-malware systems
hells gate, direct windows system calls
Network traffic obfuscation
online communities that have been running for a long time, Second Life
Offline mesh network
Red team penetration
Write your own malware implant as a penetration tester.
Obfuscating malware traffic
writing malware
Sliver, opensource version of cobalt strike, Command and Control Server
testing malware
setting up a test environment
Penetration testing as a Red Team.
Golang Antivirus/EDR evasion
Enterprise network monitoring
Shellcode loaders in pure golang
Rewriting the backdoor factory in golang.
Obfuscating binaries with the custom golang debug library
Parsing executables from memory(RAM)
universal system binary loader without touching disk
Links:
https://www.hack-the-planet.net/
https://github.com/awgh
https://github.com/Binject
https://github.com/Binject/go-donut
https://github.com/C-Sto/BananaPhone/
https://www.symbolcrash.com/wp-content/uploads/2019/02/Authenticode_PE-1.pdf
https://www.cyberbit.com/blog/endpoint-security/malware-mitigation-when-direct-system-calls-are-used/
https://github.com/boku7/HellsGatePPID
https://teamhydra.blog/2020/09/18/implementing-direct-syscalls-using-hells-gate/
https://vxug.fakedoma.in/papers/VXUG/Exclusive/HellsGate.pdf
https://2600.com/
https://en.wikipedia.org/wiki/Bulletin_board_system
https://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs
https://go.dev/
https://go.dev/doc/effective_go
https://github.com/awgh/ratnet
https://github.com/BishopFox/sliver
https://www.youtube.com/watch?v=3RQb05ITSyk | Golang Malware defcon talk
https://vlang.io/
https://vlang.io/compare
https://en.wikipedia.org/wiki/Nim_(programming_language)
https://github.com/vyrus001/go-mimikatz
https://github.com/vyrus001/go-mimikatz/blob/master/packer/packer.go
19 odcinków
Manage episode 334221763 series 3370924
Ben Kurtz, is an interesting hacker that has been involved in the infosec space for over 20 years. He has done a large chunk of research into writing malware and post-exploitation tools in the Golang programming language.
Tune into this episode of Hacker Talk as we are joined by Ben Kurtz and deep dive into Golang Malware.
In this episode of Hacker Talk, we cover the following topics:
Getting into programming, apple 2, hacking, bulletin board systems,
pirating apple 2 software
unix security, shadow and files in the /etc/ folder
evolution of network security since 1994
first talk at DEFCON,
life as a developer
LISP
Dan Kaminsky, recruited as a professional hacker
Learning different programming languages
Learning pascal in a basement
Functional programming, constraint solver
Getting into the Golang flow.
Plan-9 redoing C++
Getting into Golang malware
encrypted mesh network
Ratnet
Iran shutting down tls connections
Internet Censorship
Code audits
Writing malware in different languages
V programming language
Nym programming language
dild, dynamic loading library in OSX
parsing memory in golang
process execution block
loading windows syscall's
evading anti-malware systems
hells gate, direct windows system calls
Network traffic obfuscation
online communities that have been running for a long time, Second Life
Offline mesh network
Red team penetration
Write your own malware implant as a penetration tester.
Obfuscating malware traffic
writing malware
Sliver, opensource version of cobalt strike, Command and Control Server
testing malware
setting up a test environment
Penetration testing as a Red Team.
Golang Antivirus/EDR evasion
Enterprise network monitoring
Shellcode loaders in pure golang
Rewriting the backdoor factory in golang.
Obfuscating binaries with the custom golang debug library
Parsing executables from memory(RAM)
universal system binary loader without touching disk
Links:
https://www.hack-the-planet.net/
https://github.com/awgh
https://github.com/Binject
https://github.com/Binject/go-donut
https://github.com/C-Sto/BananaPhone/
https://www.symbolcrash.com/wp-content/uploads/2019/02/Authenticode_PE-1.pdf
https://www.cyberbit.com/blog/endpoint-security/malware-mitigation-when-direct-system-calls-are-used/
https://github.com/boku7/HellsGatePPID
https://teamhydra.blog/2020/09/18/implementing-direct-syscalls-using-hells-gate/
https://vxug.fakedoma.in/papers/VXUG/Exclusive/HellsGate.pdf
https://2600.com/
https://en.wikipedia.org/wiki/Bulletin_board_system
https://en.wikipedia.org/wiki/Plan_9_from_Bell_Labs
https://go.dev/
https://go.dev/doc/effective_go
https://github.com/awgh/ratnet
https://github.com/BishopFox/sliver
https://www.youtube.com/watch?v=3RQb05ITSyk | Golang Malware defcon talk
https://vlang.io/
https://vlang.io/compare
https://en.wikipedia.org/wiki/Nim_(programming_language)
https://github.com/vyrus001/go-mimikatz
https://github.com/vyrus001/go-mimikatz/blob/master/packer/packer.go
19 odcinków
Tüm bölümler
×Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.