Book Image

Security with Go

By : John Daniel Leon
Book Image

Security with Go

By: John Daniel Leon

Overview of this book

Go is becoming more and more popular as a language for security experts. Its wide use in server and cloud environments, its speed and ease of use, and its evident capabilities for data analysis, have made it a prime choice for developers who need to think about security. Security with Go is the first Golang security book, and it is useful for both blue team and red team applications. With this book, you will learn how to write secure software, monitor your systems, secure your data, attack systems, and extract information. Defensive topics include cryptography, forensics, packet capturing, and building secure web applications. Offensive topics include brute force, port scanning, packet injection, web scraping, social engineering, and post exploitation techniques.
Table of Contents (15 chapters)

Post Exploitation

Post exploitation refers to the phase of a penetration test where a machine has already been exploited and code execution is available. The primary task is generally to maintain persistence so that you can keep a connection alive or leave a way to reconnect later. This chapter covers some common techniques for persistence; namely, bind shells, reverse bind shells, and web shells. We will also look at cross compiling, which is incredibly helpful when compiling shells for different operating systems from a single host.

Other objectives during the post exploit phase include finding sensitive data, making changes to files, and hiding your tracks so that forensic investigators will not be able to find evidence. You can cover your tracks by changing timestamps on files, modifying permissions, disabling shell history, and removing logs. This chapter covers some techniques...