Go is becoming more and more prevalent in offensive security tooling. And while the analysis of most programs can be approached using the same methods, binaries generated by this language are different enough from what compilers generally produce that they require developing a special skillset.
Short, unscientific surveys conducted in my professional circle indicate that Go is reverse-engineers’ most dreaded language. It doesn’t have to be this way. In this workshop, I would like to share the knowledge I have built up reverse-engineering Go malware as well as the methodology I follow during my day-to-day work and useful disassembler plugins.
Participants should prepare by:
This workshop is intended for people who have experience with reverse-engineering and know their way around a disassembler and a debugger. They should already be familiar with x86 and x64 ASM and reversing C / C++ programs.
Participants must have the following equipment:
A laptop with all the necessary analysis tools: disassembler + debugger.