GO Forth And Reverse

Presented at BSidesLV 2017, July 25, 2017, 11:30 a.m. (55 minutes)

GO may not longer be the "newest" language, however it is fairly new in terms of reverse engineering. Over the past few years there has been an uptick in malware and non-malicious binaries being distributed in the wild -- though there has been very little documentation provided on how to reverse engineer these things. In an effort to increase community knowledge we will go over how GO works, how to approach reversing it and demo the updated open source kit for reverse GO binaries. We will also tackle how people currently "harden" binaries and how we suggest people should further harden their binaries.

Presenters:

• Tim Strazzere - Security Engineer - Cloudflare
  Tim "diff" Strazzere is the Security Engineer at Cloudflare, specializing in mobile, MacOS and Linux security. Along with writing security automation software, he specializes in reverse engineering, malware analysis and vulnerability research. Some interesting past projects include having reversed the Android Market protocol, Dalvik decompilers and memory manipulation on mobile devices. Past speaking and training engagements have included DEFCON, BlackHat, SyScan, HiTCON, EICAR, QSPI and Android Security Symposium.

Links:

• https://bsideslv2017.sched.com/event/BNEs/go-forth-and-reverse
• https://infocon.org/cons/Security BSides/BSides Las Vegas/Bsides Las Vegas 2017/GO Forth And Reverse - Tim Strazzere.mp4
• https://infocon.org/cons/Security BSides/BSides Las Vegas/Bsides Las Vegas 2017/GO Forth And Reverse - Tim Strazzere.eng.srt (subtitles)
• https://www.youtube.com/watch?v=osiJV4rZIG4

Similar Presentations:

• BSidesSF 2019 / A Deep Dive into Go Malware: Using Metadata to Empower the Analyst
• REcon 2022 / Beyond AlphaGolang: Automated hunting based on reversing Go binaries
• Texas Cyber Summit 2019 / RE-1080 Intro to Reverse Engineering with Ghidra: Taming the Dragon