Security with Go
John Daniel Leon
- 340 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
Security with Go
John Daniel Leon
About This Book
The first stop for your security needs when using Go, covering host, network, and cloud security for ethical hackers and defense against intrusionAbout This Bookā¢ First introduction to Security with Golangā¢ Adopting a Blue Team/Red Team approachā¢ Take advantage of speed and inherent safety of Golangā¢ Works as an introduction to security for Golang developersā¢ Works as a guide to Golang security packages for recent Golang beginnersWho This Book Is ForSecurity with Go is aimed at developers with basics in Go to the level that they can write their own scripts and small programs without difficulty. Readers should be familiar with security concepts, and familiarity with Python security applications and libraries is an advantage, but not a necessity. What You Will Learnā¢ Learn the basic concepts and principles of secure programmingā¢ Write secure Golang programs and applicationsā¢ Understand classic patterns of attackā¢ Write Golang scripts to defend against network-level attacksā¢ Learn how to use Golang security packagesā¢ Apply and explore cryptographic methods and packagesā¢ Learn the art of defending against brute force attacksā¢ Secure web and cloud applicationsIn DetailGo is becoming more and more popular as a language for security experts. Its wide use in server and cloud environments, its speed and ease of use, and its evident capabilities for data analysis, have made it a prime choice for developers who need to think about security.Security with Go is the first Golang security book, and it is useful for both blue team and red team applications. With this book, you will learn how to write secure software, monitor your systems, secure your data, attack systems, and extract information.Defensive topics include cryptography, forensics, packet capturing, and building secure web applications.Offensive topics include brute force, port scanning, packet injection, web scraping, social engineering, and post exploitation techniques.Style and approachJohn Leon has divided the book into two parts which present the team playing defense against anyone breaking into servers and the team playing (ethical!) offense to perform said attacks. All Go scripts and programs are workable solutions that can be easily understood and expanded upon by anyone with a system administrator's level view of networking and cloud-based systems. Golang developers will profit from a swift and incisive approach to security.
Frequently asked questions
Information
Cryptography
- Symmetric and asymmetric encryption
- Signing and verifying messages
- Hashing
- Storing passwords securely
- Generating secure random numbers
- Creating and using TLS/SSL certificates
Hashing
Hashing small files
package main
import (
"crypto/md5"
"crypto/sha1"
"crypto/sha256"
"crypto/sha512"
"fmt"
"io/ioutil"
"log"
"os"
)
func printUsage() {
fmt.Println("Usage: " + os.Args[0] + " <filepath>")
fmt.Println("Example: " + os.Args[0] + " document.txt")
}
func checkArgs() string {
if len(os.Args) < 2 {
printUsage()
os.Exit(1)
}
return os.Args[1]
}
func main() {
filename := checkArgs()
// Get bytes from file
data, err := ioutil.ReadFile(filename)
if err != nil {
log.Fatal(err)
}
// Hash the file and output results
fmt.Printf("Md5: %x\n\n", md5.Sum(data))
fmt.Printf("Sha1: %x\n\n", sha1.Sum(data))
fmt.Printf("Sha256: %x\n\n", sha256.Sum256(data))
fmt.Printf("Sha512: %x\n\n", sha512.Sum512(data))
}
Hashing large files
package main
import (
"crypto/md5"
"fmt"
"io"
"log"
"os"
)
func printUsage() {
fmt.Println("Usage: " + os.Args[0] + " <filename>")
fmt.Println("Example: " + os.Args[0] + " diskimage.iso")
}
func checkArgs() string {
if len(os.Args) < 2 {
printUsage()
os.Exit(1)
}
return os.Args[1]
}
func main() {
filename := checkArgs()
// Open file for reading
file, err := os.Open(filename)
if err != nil {
log.Fatal(err)
}
defer file.Close()
// Create new hasher, which is a writer interface
hasher := md5.New()
// Default buffer size for copying is 32*1024 or 32kb per copy
// Use io.CopyBuffer() if you want to specify the buffer to use
// It will write 32kb at a time to the digest/hash until EOF
// The hasher implements a Write() function making it satisfy
// the writer interface. The Write() function performs the digest
// at the time the data is copied/written to it. It digests
// and processes the hash one chunk at a time as it is received.
_, err = io.Copy(hasher, file)
if err != nil {
log.Fatal(err)
}
// Now get the final sum or checksum.
// We pass nil to the Sum() function because
// we already copied the bytes via the Copy to the
// writer interface and don't need to pass any new bytes
checksum := hasher.Sum(nil)
fmt.Printf("Md5 checksum: %x\n", checksum)
}
Storing passwords securely
package main
import (
"crypto/hmac"
"crypto/rand"
"crypto/sha256"
"encoding/base64"
"encoding/hex"
"fmt"
"io"
"os"
)
func printUsage() {
fmt.Println("Usage: " + os.Args[0] + " <password>")
fmt.Println("Example: " + os.Args[0] + " Password1!")
}
func checkArgs() string {
if len(os.Args) < 2 {
printUsage()
os.Exit(1)
}
return os.Args[1]
}
// secretKey should be unique, protected, private,
// and not hard-coded like this. Store in environment var
// or in a ...