Go (golang) is a statically typed and compiled programming language designed by Google. Over the years, it has become a language of choice for developers to build concurrency backend applications while maintaining high performance at scale.
This course teaches you all the prerequisites to understand which kind of vulnerability can be found inside Go code. You will learn how to find low-hanging fruits bugs manually and automatically using different Go auditing tools. You will discover how to use existing Go fuzzing coverage-guided frameworks, triage/debug crashes, and improve your code coverage. Finally, you will discover how to build custom Go fuzzers and implement advanced fuzzing techniques to find in-depth bugs on popular Go packages.
Along this training, students will deal with a lot of hands-on exercises allowing them to internalize concepts and techniques taught in class.
Participants should have some basis with the Go language and Linux. This course is suitable for people that are new to Go. All the theory and concepts about Go security vulnerability research and Go fuzz testing will be explained during the course.
A working laptop capable of running virtual machines. 4GB RAM required, at a minimum. 40 GB free Hard disk space. Minimum software to install Virtualbox or VMware Player, VMware Workstation, VMware Fusion.