Black Hat Go first impressions

Filed under golang on March 03, 2020

I picked up my order of Black Hat Go last week, and after flicking through and reading (not necessarily doing), I have a few things to say based on my skim through.

Cover Art

Presentation

The layout is logical, and it steps through each technique quite thoroughly in a similar way to black hat python. It’s quite an easy read if you know what you’re looking at

Modern Solutions to Modern Problems

There’s a heavy emphasis on not reinventing the wheel, which I can appreciate. One section is dedicated to interfacing with Shodan, and there’s quite a few examples that use Metasploit quite prominently.

I quite appreciate that, though I haven’t played with MSF for years, nor have I ever really used Shodan. I’ll have to get back into it, which I’m starting tonight by doing a native Linux install onto my desktop rather than fighting with VMs.

Another thing that surprised me is that there were a fair few entries in the book talking about gRPC, though it’s becoming more common now so I really shouldn’t have been shocked.

Actual Golang Usage

While I’m still somewhat trying to decide on the “right” way of doing golang, this book has the same quick and dirty approach that annoyed me a little with Black Hat Python. While a lot of it isn’t really written in a “correct” fashion that would make it easier to test and extend, it’s clear enough and if I hadn’t seen the language before I’d be able to make sense of it.

All in all, it seems like a pretty solid book. While I’m going to defer working through everything until I bring myself up to date on Metasploit, I think I’ll be able to learn a fair bit both about networking in Go and about modern black hat techniques. All in all a decent purchase, in my humble opinion.


Stephen Gream

Written by Stephen Gream who lives and works in Melbourne, Australia. You should follow him on Minds