Talkin' About [Infosec] News, Powered by Black Hills Information Security
Webcast: Shellcode Execution with GoLang
In this Black Hills Information Security (BHIS) webcast, we explore using GoLang to author malware with embedded shellcode.
GoLang is a Google-authored modern successor language to C/C++. It is multi-platform, high performance, multi-threaded, and unlike C/C++ includes garbage collection! It has the advantage of compiling to native machine code, unlike .NET C# which is dependent on the common language runtime, and easily reversible. We explore how to execute Windows shellcode with GoLang in the same process thread space, and then also explore one process injection method.
If you are a penetration tester looking to expand your malware authoring skills, a little Go(lang) will take you far!
Recorded • 2021-05-20
Join the BHIS Community Discord: https://discord.gg/bhis
00:00 – FEATURE PRESENTATION BEGINS: Shellcode Execution with GoLang
01:39 – Meet Joff Thyer
02:16 – What is GoLang?
04:14 – Aspects of GoLang
07:43 – C# or Go?
09:24 – Go Command Line
10:57 – Golang Type Safety
11:31 – What is Shellcode?
12:51 – Sources of Shellcode
14:50 – Executing Shellcode on Windows
16:08 – GoLang “unsafe” Package
16:55 – Go “syscall” package is becoming per platform
17:50 – GoLang “windows” Package
18:22 – “x/sys/windows” package
20:29 – Looking deeper into Syscall
22:26 – Calling Functions out of Kernel32.dll