At C1b3rWall Academy 2021, Module 9 “Pentesting” has begun today. This course will be divided in two parts so that students can learn how to build scripts and tools for pentesting exercises through practical examples.

Pentesting is a type of cybersecurity audit that consists of performing a set of simulated attacks on a computer system to detect weaknesses or vulnerabilities so that they can be fixedç.

Carlos Azúa, Cybersecurity Consultant at Dreamlab Technologies specialized in pentesting and software development, explains why to use “GO” for pentesting.

Why use GO

GO is a multipurpose program with easy syntax and efficiency comparable to C. It has a large standard library and strong concurrency and multiprocessing from its conception, as well as cross-compilation.

When we are pentesting, at times we need to think big and have high. We are looking for a balance between scripting and larger applications, as well as cross-compiling. In addition, its standard library supports databases, network protocols, cryptography and data encoding (JSON, XML, hex, Base64…).

Reverse shell

The key points to analyze in this code are cross-compilation and expressive syntax. When compiling, the only thing to do is to add the target operating system.

In general terms, what we do is to establish a connection with a maximum timeout under the TCP protocol to a specific IP and port. You can get the code of this tool here.

Carlos gives us the following conclusions about his talk:

  • Go is easy to code and provides us with scalable solutions.
  • It is fast in its execution.
  • Many pentesting tools are being built in this language.

However, I invite you to watch his talk, in which he explains all the tools in detail. You can also read the full article on News-365. You can register at this link.

Posted by Juan M. Corchado

Juan Manuel Corchado (15 May 1971, Salamanca, Spain) is Professor at the University of Salamanca. He has been Vice-Rector for Research from 2013 to 2017 and Director of the Science Park of the University of Salamanca. Elected as Dean of the Faculty of Science twice, he holds a PhD in Computer Science from the University of Salamanca and a PhD in Artificial Intelligence from the University of the West of Scotland. He leads the renowned BISITE (Bioinformatics, Intelligent Systems and Educational Technology) Research Group, created in 2000. Director of the IoT Digital Innovation Hub and President of the AIR Institute, J. M. Corchado is also Visiting Professor at the Osaka Institute of Technology since January 2015, Visiting Professor at the Universiti Malaysia Kelantan and Member of the Advisory Group on Online Terrorist Propaganda of the European Counter Terrorism Centre (EUROPOL). J. M. Corchado has been president of the IEEE Systems, Man and Cybernetics Society, and academic coordinator of the University Institute for Research in Art and Animation Technology at the University of Salamanca, as well as researcher at the Universities of Paisley (UK), Vigo (Spain) and the Plymouth Marine Laboratory (UK). He currently combines all his activity with the direction of Master programmes in Security, Digital Animation, Mobile Telephony, Information Systems Management, Internet of Things, Social Media, 3D Design and Printing, Blockchain, Z System, Industry 4.0, Agile Project Management, and Smart Cities & Intelligent Buildings, at the University of Salamanca and his work as editor-in-chief of the journals ADCAIJ (Advances in Distributed Computing and Artificial Intelligence Journal), OJCST (Oriental Journal of Computer Science and Technology) or Electronics MDPI (Computer Science & Engineering section). J. M. Corchado mainly works on projects related to Artificial Intelligence, Machine Learning, Blockchain, IoT, Fog Computing, Edge Computing, Smart Cities, Smart Grids and Sentiment Analysis. He has recently been included in the board of trustees of the AstraZeneca Foundation, along with other health professionals and researchers recognised for bringing scientific knowledge closer to society.

Thanks for your comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.