Explore the evolution of reverse engineering Golang binaries in this 28-minute conference talk from Recon 2022. Discover how AlphaGolang, a series of IDAPython scripts, revolutionizes the process of reconstructing IDBs and recovering information from Go malware. Learn about new hunting techniques based on AlphaGolang's programmatic derivations, including automated generation of code similarity rules, YARA rules with no false-positives, and profiling for development environments. Gain insights into the unique advantages of reversing Go and why it may be one of the most rewarding languages to reverse engineer. Presented by Juan Andres Guerrero-Saade, Principal Threat Researcher at SentinelOne and Adjunct Professor at Johns Hopkins SAIS, this talk challenges the notion that reversing Go is difficult and showcases its potential in malware analysis and cybersecurity research.
Overview
Syllabus
Recon 2022 - Beyond AlphaGolang
Taught by
Recon Conference
Related Courses
-
Malware Analysis and Introduction to Assembly Language
-
Under the Hood of Wslink Multilayered Virtual Machine
-
Under the Hood of Wslink Multilayered Virtual Machine
-
GRAP - Define and Match Graph Patterns Within Binaries
-
Reversing GO Binaries With Ghidra
-
Malware Analysis and Automation using Binary Ninja
