This video explores the landscape of Golang malware, focusing on how analysis and obfuscation tools are used to understand, hide, and reverse engineer Golang binaries. It covers techniques such as binary analysis, deobfuscation, and the latest research tools like go string ungarbler, and #Golang #Malware #CyberSecurity
Keypoints :
- Golang is popular for building cross-platform, portable, and memory-safe applications, including malware.
- Malware written in Golang often contains identifiable strings and symbols that can be analyzed with tools like Binary Ninja, IDA, and Gedra.
- Obfuscation tools like Garble help hide sensitive strings and code structures but can sometimes be analyzed with specialized tools.
- Recent developments include Garbleβs support for Go 1.24 and tools like go string ungarbler that decrypt obfuscated strings in Golang binaries.
- Analysis of stripped Golang binaries can be performed using tools like Redress, go re sim, and other symbol recovery utilities to extract metadata.
- Obfuscation techniques such as Garble or Garble-based compilation increase difficulty for reverse engineering, but tools like go string ungarbler help overcome these barriers.
- The cybersecurity community is actively developing new tools and plugins for analysis platforms like Binary Ninja and IDA to combat Golang obfuscation methods.
- Youtube Video: https://www.youtube.com/watch?v=gewnAzaZXQo
- Youtube Channel: https://www.youtube.com/channel/UCVeW9qkBjo3zosnqUbG7CFw
- Youtube Published: Mon, 19 May 2025 13:01:13 +0000