Reversing GO Binaries With Ghidra

Explore the intricacies of reversing Golang binaries using Ghidra in this conference talk from the Hack In The Box Security Conference. Delve into the world of IoT malware written in Go, understanding its growing prevalence and the challenges it presents to reverse engineers. Learn about the unique features of Go binaries that complicate analysis, such as static linking and debug information retention. Discover custom Ghidra scripts developed to automate and streamline the reverse engineering process. Examine recent trends in Golang obfuscation techniques and the emergence of Linux crypters like Ezuri. Gain insights from experienced malware researchers Albert Zsigovits and Dorka Palotay as they share their expertise on tackling common problems in Go malware analysis and provide practical tools for more effective threat detection and mitigation.

#HITBCW2021 D1 - Reversing GO Binaries With Ghidra - Albert Zsigovits and Dorka Palotay