Go Security Audit and Fuzzing

go golang security fuzzing audit fuzz gofuzz go-fuzz

Go (golang) is a statically typed and compiled programming language designed by Google. Over the years, it has become a language of choice for developers to build concurrency backend applications while maintaining high performance at scale.

This course teaches you all the prerequisites to understand which kind of vulnerability can be found inside Go code. You will learn how to find low-hanging fruits bugs manually and automatically using different Go auditing tools. You will discover how to use existing Go fuzzing coverage-guided frameworks, triage/debug crashes, and improve your code coverage. Finally, you will discover how to build custom Go fuzzers and implement advanced fuzzing techniques to find in-depth bugs on popular Go packages.

Along this training, students will deal with a lot of hands-on exercises allowing them to internalize concepts and techniques taught in class.

Topics Covered during this Course

  • Introduction to Golang and its Ecosystem
  • Golang Security concepts
    • Concurrency, Garbage collector, etc.
  • Golang vulnerabilities
    • Error handling, panics, nil pointer dereference
    • Index out of bound, Stack overflow, resource exhaustion (OOM)
    • Advanced vulnerabilities
  • Attack surface discovery & Auditing tools
  • Introduction to Golang Fuzzing
  • Coverage-guided Fuzzing
    • go-fuzz / libfuzzer
  • Go Fuzz testing workflow and Corpus selection
  • Code coverage, Corpus minimization
  • Crashes Triaging and Debugging
  • Other Advanced Fuzz Testing techniques
  • Differential Go Fuzzing
  • Writing Custom Go Fuzzers

CLASS REQUIREMENTS

Participants should have some basis with the Go language and Linux. This course is suitable for people that are new to Go. All the theory and concepts about Go security vulnerability research and Go fuzz testing will be explained during the course.

Hardware Requirements

A working laptop capable of running virtual machines. 4GB RAM required, at a minimum. 40 GB free Hard disk space. Minimum software to install Virtualbox or VMware Player, VMware Workstation, VMware Fusion.

FREE Courses & Training

Enter your email and we'll send you a bundle of awesome resources. 100% free - 100% awesome.

Any questions about our services and trainings ?

Get in touch today with any questions that you might have.