Interview with Malware Unicorn

In this episode of the Hack the Planet Podcast:

We dive into reverse engineering and malware development with Malware Unicorn, red teamer and author of some of the best the malware development training on the internet. We discuss why MacOS is an interesting environment for malware, tips for building your own reverse engineering lab, and future trainings in the works. We recorded this episode before the latest training was released, but you can find Malware Unicorn’s portable executable injection study on her website linked below.

Links:

Malware Unicorn Workshops – https://malwareunicorn.org/#/workshops

Xori – https://i.blackhat.com/us-18/Wed-August-8/us-18-Rousseau-Finding-Xori-Malware-Analysis-Triage-With-Automated-Disassembly.pdf

Writing Bad @$$ Malware for OS X – https://www.slideshare.net/Synack/writing-bad-malware-for-os-x

lena151 Tutorials – https://archive.org/details/lena151

Flare-On Challenges – https://flare-on.com/

Joe Sandbox – https://www.joesandbox.com/

Universal Loader – https://github.com/Binject/universal
https://www.symbolcrash.com/2021/03/04/the-universal-loader-for-go/

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.

Golang Offensive Tools with C-Sto and capnspacehook

In this episode of the Hack the Planet Podcast:

We talk with some of the most prolific developers of Golang offensive tools, from opposite points on the globe, about why they use Go, what they’ve been working on, how to work around some of Go’s challenges for red teams, and where things are going in the near future with Go malware. Featuring C-Sto (bananaphone/goWMIexec) and capnspacehook (pandorasbox/garble).

List of Golang Security Tools:
https://github.com/Binject/awesome-go-security

C-Sto:
https://github.com/c-sto/goWMIExec
https://github.com/C-Sto/BananaPhone
https://github.com/C-Sto/gosecretsdump

capnspacehook:
https://github.com/capnspacehook/pandorasbox
https://github.com/capnspacehook/taskmaster

Misc:
https://github.com/moonD4rk/HackBrowserData
https://github.com/emperorcow/go-netscan
https://github.com/CUCyber/ja3transport
https://github.com/EgeBalci/sgn
https://github.com/sassoftware/relic
https://github.com/swarley7/padoracle
https://github.com/gen0cide/gscript

Command and Control:
https://github.com/BishopFox/sliver
https://github.com/DeimosC2/DeimosC2
https://github.com/t94j0/satellite

Obfuscation/RE:
https://github.com/goretk/redress
https://github.com/unixpickle/gobfuscate
https://github.com/mvdan/garble

Of interest, but breaks Docker & Terraform:
https://github.com/unsecureio/gokiller

Be a guest on the show! We want your hacker rants! Give us a call on the Hacker Helpline: PSTN 206-486-NARC (6272) and leave a message, or send an audio email to podcast@symbolcrash.com.

Original music produced by Symbol Crash. Warning: Some explicit language and adult themes.