Know Where to Go: Using Go for Cyber Security

Since its rise in popularity in the 1980s, C has been the primary language of choice for systems programmers due to its ability to interact with the operating system via system calls, its fine-grained memory control and the speed of its binaries. However, C is often criticized because it lacks memory safety guarantees and cross-compiling for different operating systems and architectures is non-trivial.

Contemporary languages have attempted to address some of C’s limitations by providing memory-safe systems with modern, easy-to-use compilers and build chains. The Go build chain, by design, simplifies the cross-compilation process and enables the same code to run on different operating systems and architectures with minimal (if any) modification to the source code. Additionally, the Go standard library and package system provide a simple way to leverage preexisting code.

This talk expands upon an exercise described in chapter 14 of “Black Hat Go” and presents a minimal post-exploitation command-and-control (C2) framework. This framework was written as an educational exercise and demonstrates the simplicity and robustness of the Go programming language and its tool chain as well as its applicability in cyber security.

Leo is an Army Captain with a BS in computer science from West Point and a MS in computer science from Northeastern University. He has been working as a capability developer for the past two years. His fields of interests are program analysis and systems security. He has presented research in academic conferences, such as the international conference on Security, Privacy, Applied Cryptography, and Engineering (SPACE) and the Accumulo Summit, as well as delivered numerous presentations for the D Co, 781st MI BN weekly tech talks.