Black-Hat-Go_Go-Programming-For-Hackers-and-Pentesters.pdf

(23456 KB) Pobierz
Contents in Detail
1.
Cover Page
2.
Title Page
3.
Copyright Page
4.
About the Authors
5.
BRIEF CONTENTS
6.
CONTENTS IN DETAIL
7.
FOREWORD
8.
ACKNOWLEDGMENTS
9.
INTRODUCTION
1.
Who This Book Is For
2.
What This Book Isn’t
3.
Why Use Go for Hacking?
4.
Why You Might Not Love Go
5.
Chapter Overview
10.
1 GO FUNDAMENTALS
1.
Setting Up a Development Environment
2.
Understanding Go Syntax
3.
Summary
11.
2 TCP, SCANNERS, AND PROXIES
1.
Understanding the TCP Handshake
2.
Bypassing Firewalls with Port Forwarding
3.
Writing a TCP Scanner
4.
Building a TCP Proxy
5.
Summary
12.
3 HTTP CLIENTS AND REMOTE INTERACTION WITH TOOLS
1.
HTTP Fundamentals with Go
2.
Building an HTTP Client That Interacts with Shodan
3.
Interacting with Metasploit
4.
Parsing Document Metadata with Bing Scraping
5.
Summary
HivaNetwork.Com
13.
4 HTTP SERVERS, ROUTING, AND MIDDLEWARE
1.
HTTP Server Basics
2.
Credential Harvesting
3.
Keylogging with the WebSocket API
4.
Multiplexing Command-and-Control
5.
Summary
14.
5 EXPLOITING DNS
1.
Writing DNS Clients
2.
Writing DNS Servers
3.
Summary
15.
6 INTERACTING WITH SMB AND NTLM
1.
The SMB Package
2.
Understanding SMB
3.
Guessing Passwords with SMB
4.
Reusing Passwords with the Pass-the-Hash Technique
5.
Recovering NTLM Passwords
6.
Summary
16.
7 ABUSING DATABASES AND FILESYSTEMS
1.
Setting Up Databases with Docker
2.
Connecting and Querying Databases in Go
3.
Building a Database Miner
4.
Pillaging a Filesystem
5.
Summary
17.
8 RAW PACKET PROCESSING
1.
Setting Up Your Environment
2.
Identifying Devices by Using the pcap Subpackage
3.
Live Capturing and Filtering Results
4.
Sniffing and Displaying Cleartext User Credentials
5.
Port Scanning Through SYN-flood Protections
6.
Summary
18.
9 WRITING AND PORTING EXPLOIT CODE
1.
Creating a Fuzzer
2.
Porting Exploits to Go
3.
Creating Shellcode in Go
4.
Summary
19.
10 GO PLUGINS AND EXTENDABLE TOOLS
1.
Using Go’s Native Plug-in System
2.
Building Plug-ins in Lua
3.
Summary
20.
11 IMPLEMENTING AND ATTACKING CRYPTOGRAPHY
1.
Reviewing Basic Cryptography Concepts
2.
Understanding the Standard Crypto Library
3.
Exploring Hashing
4.
Authenticating Messages
5.
Encrypting Data
6.
Brute-Forcing RC2
7.
Summary
21.
12 WINDOWS SYSTEM INTERACTION AND ANALYSIS
1.
The Windows API’s OpenProcess() Function
2.
The unsafe.Pointer and uintptr Types
3.
Performing Process Injection with the syscall Package
4.
The Portable Executable File
5.
Using C with Go
6.
Summary
22.
13 HIDING DATA WITH STEGANOGRAPHY
1.
Exploring the PNG Format
2.
Reading Image Byte Data
3.
Writing Image Byte Data to Implant a Payload
4.
Encoding and Decoding Image Byte Data by Using XOR
5.
Summary
6.
Additional Exercises
23.
14 BUILDING A COMMAND-AND-CONTROL RAT
1.
Getting Started
2.
Defining and Building the gRPC API
3.
Creating the Server
4.
Creating the Client Implant
5.
Building the Admin Component
6.
Running the RAT
7.
Improving the RAT
8.
Summary
24.
Index
1.
i
2.
ii
3.
iii
4.
iv
5.
v
6.
vi
7.
vii
8.
viii
9.
ix
10.
x
11.
xi
12.
xii
13.
xiii
14.
xiv
15.
xv
16.
xvi
17.
xvii
18.
xviii
19.
xix
20.
xx
21.
xxi
22.
xxii
23.
xxiii
24.
xxiv
25.
xxv
26.
xxvi
27.
1
28.
2
29.
3
30.
4
31.
5
32.
6
33.
7
34.
8
35.
9

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin