Security with Go
上QQ阅读APP看书,第一时间看更新

Why use Go for security?

I think we all understand that there is no such thing as the best programming language, but there are different tools for different jobs. Go excels in performance and concurrency. Some of its other benefits include the ability to compile down to a single executable and cross-compile easily. It also has a modern standard library well-suited for networked applications.

The ease of cross-compiling makes for some interesting use cases in the security field. Here are a couple of use cases for cross-compiling in security:

  • Penetration testers can use a Raspberry Pi to compile custom Go reverse shells for Windows, macOS, and Linux, and attempt to deploy them.
  • Network defenders can have one central database to store all honeypot information provided from honeypot servers, and then cross-compile the honeypot servers. This would allow them to easily deploy a consistent application across all platforms, including Windows, mac, and Linux.
  • Network defenders could deploy incredibly lightweight honeypots throughout their network in the form of a Docker container with a single statically linked binary. Containers would be quick to create and destroy, using minimal bandwidth and server resources.

When you ask yourself whether Go is a good language choice, it may help to compare Go with some of the other top language choices.