Explore the evolution of reverse engineering Golang binaries in this 28-minute conference talk from Recon 2022. Discover how AlphaGolang, a series of IDAPython scripts, revolutionizes the process of reconstructing IDBs and recovering information from Go malware. Learn about new hunting techniques based on AlphaGolang's programmatic derivations, including automated generation of code similarity rules, YARA rules with no false-positives, and profiling for development environments. Gain insights into the unique advantages of reversing Go and why it may be one of the most rewarding languages to reverse engineer. Presented by Juan Andres Guerrero-Saade, Principal Threat Researcher at SentinelOne and Adjunct Professor at Johns Hopkins SAIS, this talk challenges the notion that reversing Go is difficult and showcases its potential in malware analysis and cybersecurity research.
Overview
Syllabus
Recon 2022 - Beyond AlphaGolang
Taught by
Recon Conference