Sveriges mest populära poddar
Start / Hacker Talk / Ben kurtz golang malware part 2

Hacker Talk

Ben Kurtz - Golang Malware part 2

67 min • 19 april 2022

Ben Kurtz - Golang Malware part 2 


Topics covered:

Golang

Hells gate, direct system calls on windows

How system calls are normally done in windows, Windows Kernel

Evading anti malware detection on Windows with Banana Phone

How to get started writing c2's in golang.  

Sliver, Opensource golang command and control. 

Red team mindset   

Evolution of programmers, bad patterns   

CVE's, common vulnerability enumeration number  

Auditing source code   

Javascript frameworks  

Cross site scripting, SQL injection and XXE(Xml External Entity) for scanning internal networks and exfiltrating data.   

Building secure code bases   

Security Engineers    

Supervisory control and data acquisition (SCADA)   

log4j  

Remote of execution and directory traversal in Java, Java's file constructor, LDAP and DirContext     

Golang for micro services   

Python 

Common bad patterns 

LDAP injection  

Modern security nightmares    

Remote debug protocols    

String concatenation   

Resistance to current modern implementation and safer framework.  

Finding bugs in games that can be used to attack power-plants.     

Dependency management     

Backdoor factory  

Bettercap  

Man in the middle  

Spoofing BGP  

BGP hijacks



Links:  

https://github.com/Binject  

https://github.com/C-Sto/BananaPhone  

https://github.com/BishopFox/sliver    

https://cve.mitre.org/

https://owasp.org/www-community/vulnerabilities/XML_External_Entity_(XXE)_Processing   

https://www.youtube.com/watch?v=FkuUpg5FO2g    

https://en.wikipedia.org/wiki/SCADA  

https://en.wikipedia.org/wiki/Log4j   

https://www.coding-bootcamps.com/blog/build-containerized-applications-with-golang-on-kubernetes.html   

https://docs.oracle.com/javase/8/docs/api/index.html?javax/naming/directory/DirContext.html   

https://apache.org/foundation/foundation-projects.html  

https://docs.oracle.com/javase/8/docs/api/index.html?javax/management/JMX.html   

https://en.wikipedia.org/wiki/Java_Debug_Wire_Protocol   

https://www.freecodecamp.org/news/big-o-notation-why-it-matters-and-why-it-doesnt-1674cfa8a23c/  

https://github.com/bettercap/bettercap   

https://www.bettercap.org/  

https://bgpmon.net/   

https://en.wikipedia.org/wiki/BGP_hijacking  

https://labs.ripe.net/author/vastur/bgplay-integrated-in-ripestat/    

https://www.symbolcrash.com/podcast/   

https://www.youtube.com/symbolcrash   

 


Kategorier
PoddarTeknologi
Förekommer på
Teknik
00:00 -00:00
Hur lyssnar jag på podcast?

En liten tjänst av I'm With Friends. Finns även på engelska.