Black Hat Go: Go Programming for Hackers and Pentesters (Paperback)

Steele, Tom, Patten, Chris, Kottmann, Dan

買這商品的人也買了...

商品描述

Like the best-selling Black Hat Python, Black Hat Go explores the darker side of the popular Go programming language. This collection of short scripts will help you test your systems, build and automate tools to fit your needs, and improve your offensive security skillset.

Black Hat Go explores the darker side of Go, the popular programming language revered by hackers for its simplicity, efficiency, and reliability. It provides an arsenal of practical tactics from the perspective of security practitioners and hackers to help you test your systems, build and automate tools to fit your needs, and improve your offensive security skillset, all using the power of Go.

You'll begin your journey with a basic overview of Go's syntax and philosophy and then start to explore examples that you can leverage for tool development, including common network protocols like HTTP, DNS, and SMB. You'll then dig into various tactics and problems that penetration testers encounter, addressing things like data pilfering, packet sniffing, and exploit development. You'll create dynamic, pluggable tools before diving into cryptography, attacking Microsoft Windows, and implementing steganography.

You'll learn how to:
- Make performant tools that can be used for your own security projects
- Create usable tools that interact with remote APIs
- Scrape arbitrary HTML data
- Use Go's standard package, net/http, for building HTTP servers
- Write your own DNS server and proxy
- Use DNS tunneling to establish a C2 channel out of a restrictive network
- Create a vulnerability fuzzer to discover an application's security weaknesses
- Use plug-ins and extensions to future-proof productsBuild an RC2 symmetric-key brute-forcer
- Implant data within a Portable Network Graphics (PNG) image.

Are you ready to add to your arsenal of security tools? Then let's Go

商品描述(中文翻譯)

《黑帽Go》是一本探索流行的Go程式語言的黑暗面的書籍,就像暢銷書《黑帽Python》一樣。這本書收錄了一系列短腳本,可以幫助您測試系統、建立和自動化工具以滿足您的需求,並提升您的攻擊性安全技能。

《黑帽Go》從安全從業人員和駭客的角度提供了一系列實用策略,幫助您測試系統、建立和自動化工具以滿足您的需求,並提升您的攻擊性安全技能,所有這些都是利用Go的強大功能。

您將從基本概述Go的語法和哲學開始,然後開始探索一些您可以用於工具開發的示例,包括常見的網絡協議,如HTTP、DNS和SMB。然後,您將深入研究滲透測試人員遇到的各種策略和問題,解決數據竊取、封包嗅探和漏洞開發等問題。您將在構建動態可插拔工具之前,深入研究密碼學、攻擊Microsoft Windows和實現隱寫術。

您將學習如何:
- 創建可用於自己的安全項目的高效工具
- 創建與遠程API交互的可用工具
- 爬取任意HTML數據
- 使用Go的標準套件net/http構建HTTP服務器
- 編寫自己的DNS服務器和代理
- 使用DNS隧道在受限網絡中建立C2通道
- 創建漏洞模糊器以發現應用程序的安全弱點
- 使用插件和擴展來未來證明產品
- 構建RC2對稱密鑰暴力破解器
- 在可攜式網絡圖形(PNG)圖像中嵌入數據

您準備好增加您的安全工具庫了嗎?那就開始吧!

作者簡介

Tom Steele, Dan Kottmann, and Chris Patten share over 30 years in penetration testing and offensive security experience, and have delivered multiple Go training and development sessions.

作者簡介(中文翻譯)

Tom Steele、Dan Kottmann和Chris Patten擁有超過30年的滲透測試和攻擊性安全經驗,並且已經提供過多次Go培訓和開發課程。