Black Hat Go

It took me a month but this morning I finally made my way through Black Hat Go by Tom Steele, Chris Patten, and Dan Kottmann. Let this long time not be any indication on the quality of the writing, though! I quite enjoyed the writing style and also the content but I was simply not the target audience as Iโ€™m a software developer with an interest in security while the book is probably mostly aimed at security professionals you might want to use Go to implement parts of the toolbox.

If that sounds interesting to you, this book will teach you skills around working with Go in protocols like DNS, SMB, or gRPC in order to circumvent security restrictions or running exploitations on target systems. That was pretty much what Iโ€™ve been looking for: A new perspective on tools I work with every day but mostly as a user! The authors also spent some time parsing and generating binary protocols & data which I appreciate as I havenโ€™t done that in a really long time now (but always enjoyed it). There is even a chapter near the end where you learn how to do steganography in PNG images byte by byte ๐Ÿ˜

In the end, though, I mostly resorted to reading only the introductory sections of each chapter where protocols and data formats as well as the techniques are explained in detail while skipping the implementation sections. But I now know where to look for implementation examples in case I need them!

Over the years I've written quite a few reviews ๐Ÿ™‚ You can find them at /reviews/.

You can also find this post linked to from the following pages: