12WINDOWS SYSTEM INTERACTION AND ANALYSIS

Image

There are countless ways of developing Microsoft Windows attacks—too many to cover in this chapter. Instead of discussing them all, we’ll introduce and investigate a few techniques that can help you attack Windows, whether initially or during your post-exploitation adventures.

After discussing the Microsoft API documentation and some safety concerns, we’ll cover three topics. First, we’ll use Go’s core syscall package to interact with various system-level Windows APIs by performing a process injection. Second, we’ll explore Go’s core package for the Windows Portable Executable (PE) format and write a PE ...

Get Black Hat Go now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.