Security with Go
John Daniel Leon
- 340 páginas
- English
- ePUB (apto para móviles)
- Disponible en iOS y Android
Security with Go
John Daniel Leon
Información del libro
The first stop for your security needs when using Go, covering host, network, and cloud security for ethical hackers and defense against intrusionAbout This Book• First introduction to Security with Golang• Adopting a Blue Team/Red Team approach• Take advantage of speed and inherent safety of Golang• Works as an introduction to security for Golang developers• Works as a guide to Golang security packages for recent Golang beginnersWho This Book Is ForSecurity with Go is aimed at developers with basics in Go to the level that they can write their own scripts and small programs without difficulty. Readers should be familiar with security concepts, and familiarity with Python security applications and libraries is an advantage, but not a necessity. What You Will Learn• Learn the basic concepts and principles of secure programming• Write secure Golang programs and applications• Understand classic patterns of attack• Write Golang scripts to defend against network-level attacks• Learn how to use Golang security packages• Apply and explore cryptographic methods and packages• Learn the art of defending against brute force attacks• Secure web and cloud applicationsIn DetailGo is becoming more and more popular as a language for security experts. Its wide use in server and cloud environments, its speed and ease of use, and its evident capabilities for data analysis, have made it a prime choice for developers who need to think about security.Security with Go is the first Golang security book, and it is useful for both blue team and red team applications. With this book, you will learn how to write secure software, monitor your systems, secure your data, attack systems, and extract information.Defensive topics include cryptography, forensics, packet capturing, and building secure web applications.Offensive topics include brute force, port scanning, packet injection, web scraping, social engineering, and post exploitation techniques.Style and approachJohn Leon has divided the book into two parts which present the team playing defense against anyone breaking into servers and the team playing (ethical!) offense to perform said attacks. All Go scripts and programs are workable solutions that can be easily understood and expanded upon by anyone with a system administrator's level view of networking and cloud-based systems. Golang developers will profit from a swift and incisive approach to security.
Preguntas frecuentes
Información
Cryptography
- Symmetric and asymmetric encryption
- Signing and verifying messages
- Hashing
- Storing passwords securely
- Generating secure random numbers
- Creating and using TLS/SSL certificates
Hashing
Hashing small files
package main
import (
"crypto/md5"
"crypto/sha1"
"crypto/sha256"
"crypto/sha512"
"fmt"
"io/ioutil"
"log"
"os"
)
func printUsage() {
fmt.Println("Usage: " + os.Args[0] + " <filepath>")
fmt.Println("Example: " + os.Args[0] + " document.txt")
}
func checkArgs() string {
if len(os.Args) < 2 {
printUsage()
os.Exit(1)
}
return os.Args[1]
}
func main() {
filename := checkArgs()
// Get bytes from file
data, err := ioutil.ReadFile(filename)
if err != nil {
log.Fatal(err)
}
// Hash the file and output results
fmt.Printf("Md5: %x\n\n", md5.Sum(data))
fmt.Printf("Sha1: %x\n\n", sha1.Sum(data))
fmt.Printf("Sha256: %x\n\n", sha256.Sum256(data))
fmt.Printf("Sha512: %x\n\n", sha512.Sum512(data))
}
Hashing large files
package main
import (
"crypto/md5"
"fmt"
"io"
"log"
"os"
)
func printUsage() {
fmt.Println("Usage: " + os.Args[0] + " <filename>")
fmt.Println("Example: " + os.Args[0] + " diskimage.iso")
}
func checkArgs() string {
if len(os.Args) < 2 {
printUsage()
os.Exit(1)
}
return os.Args[1]
}
func main() {
filename := checkArgs()
// Open file for reading
file, err := os.Open(filename)
if err != nil {
log.Fatal(err)
}
defer file.Close()
// Create new hasher, which is a writer interface
hasher := md5.New()
// Default buffer size for copying is 32*1024 or 32kb per copy
// Use io.CopyBuffer() if you want to specify the buffer to use
// It will write 32kb at a time to the digest/hash until EOF
// The hasher implements a Write() function making it satisfy
// the writer interface. The Write() function performs the digest
// at the time the data is copied/written to it. It digests
// and processes the hash one chunk at a time as it is received.
_, err = io.Copy(hasher, file)
if err != nil {
log.Fatal(err)
}
// Now get the final sum or checksum.
// We pass nil to the Sum() function because
// we already copied the bytes via the Copy to the
// writer interface and don't need to pass any new bytes
checksum := hasher.Sum(nil)
fmt.Printf("Md5 checksum: %x\n", checksum)
}
Storing passwords securely
package main
import (
"crypto/hmac"
"crypto/rand"
"crypto/sha256"
"encoding/base64"
"encoding/hex"
"fmt"
"io"
"os"
)
func printUsage() {
fmt.Println("Usage: " + os.Args[0] + " <password>")
fmt.Println("Example: " + os.Args[0] + " Password1!")
}
func checkArgs() string {
if len(os.Args) < 2 {
printUsage()
os.Exit(1)
}
return os.Args[1]
}
// secretKey should be unique, protected, private,
// and not hard-coded like this. Store in environment var
// or in a ...