Black Hat Go: Go Programming For Hackers and Pentesters

The lessons are easy to understand it's extremely informative and an enjoyable read. The lessons are broken up into nice chunks and it gives you lots of insight just get it it's no starch press and you know it's going to rock!

Black Hat Go is absolutely top-notch. The book was written in such a fashion that you go from ground zero to performing advanced tasks. If you're new to penetration testing or just looking to level up your game, do yourself a favor and grab a copy. Not only did I purchase a copy for myself, but I also purchased several copies for my employees.As a career penetration testing and a senior leader of multiple penetration testing practices, I can attest to the quality and expertise that went into developing Black Hat Go. The industry is growing at a rapid pace and it's getting harder for firms to identify hire the diamonds in the rough. If you want to make yourself stand out amongst the crowd, curb the use of commonly used and deprecated tools and start building your own.

The practices in the book are great. You learn Go by doing, and are encouraged to experiment.The examples are concise, and explanations are well done. Each exercise generally has a numbered walk-through, where you're looking over the code, and you can see the references points that the authors describe in the text following the code.I've recommended this to a few people already. I'm having a great time, the projects are small enough that dedicating an hour or so give me enough time to run through one or two, with a bit of time to experiment with it, and keep it in my noggin.

Initially the book seemed decent. Yet, as I progressed further and skimmed through several chapters I was a bit appalled at the horrendous examples portrayed in a few chapters.For example, Chapter 13 has no complete code or structure, just the author advising you to write some code that doe not tie together what so ever leaving a reader confused and left with a shell of a program at best.At a base it is fine to run through quickly if you want a few ideas, other than that, I would say turn elsewhere to obtain any valuable, applicable knowledge.

Overall the book is an easy read, but doesn't provide much information that isn't found in beginner resources.It uses the $GOPATH and the old way to go get. This is outdated by at least a year as go modules are now in place.The MySQL "querying" code must not have been tested. The 2nd note explains the "_" import, but it's not in the code itself. This is going to leave someone baffled while their code doesn't work. Did the authors test the code?Page 189: "...Go has no such construct to conveniently build strings of arbitrary length." This is not true and I expect basic language knowledge to be in a book about Go. strings.Repeat is in the standard library.

I like the content of the book and its interesting, but when it comes to the quality of the book, so poor feels bad, personally i hate it already to touch. Wish the publisher make it better.

this book is a joke

Covers getting Go installed and set up and immediately throws you into some practical applications of with offensive security in mind. Great setup for people who learn by doing rather than rote memorization. If you are interested in learning Go or are in the security space and want to automate away some of your workload, check this out.

A mix of Go learning and hacking tech.

Logre entenderlo perfectamente

L'introduzione al linguaggio Go, doverosa nelle prime pagine di un libro come questo, è molto sintetica. E' tuttavia uno dei migliori tutorial che io abbia mai trovato per persone che conoscano già altri linguaggi di programmazione.

Great Content

IPアドレスとかポート番号とか，ネットワークが絡むと面倒臭いので，敢えて第13章ステガノグラフィ（pp.295-313, ここではキーとなる文字列とのXORでデータを暗号化してからPNG画像ファイルに隠す/解読する）を読んでみました。コードが多いのが好いし，コード中に所々番号が振ってあって，今ここの説明をしている，と説明文中の番号とリンクしてて分かり易い。逆に，コードを読んでて，ん？と思った所に番号が振ってあると，そこの説明文へ直ぐに辿り着く。ただ残念ながら，内容を大まかには掴めるものの，細部でミスが目立つのが歯痒く，理解の妨げなのは残念。例えば：○p.299 Listing 13-5: 未定義の変数chkはmcのミスプリ？そもMetaChunkの定義は？○p.306 Listing 13-15: チャンクタイプrNDmは，どこから来た？コマンドラインの--injectが謎。○p.308 Listing 13-16 (4) bArr[i] += は = では？bArr[]は，今make()で作ったばっかだし。序でに幾度も参照するlen(input)やlen(key)は，変数に取った方が効率良いんじゃ？○p.310 Listing 13-21: コマンドライン中のValid以降は出力だから（p.299, Listing 13-4の終り頃を参照）そこで切ってnon-boldにして改行。○コマンドラインに現れる様々オプションを捌くのがflagパッケージなれど，across all of our code examplesでflagパッケージは使わぬと言ってる（p.107, しかしp.95で使ってる）ので，ここでの--inject等オプションの処理は又別の事をしてるんだろうが，少なくとも何か説明があればと思う。まぁ，ネット経由でコードを参照可みたいでも書籍ならば，他を見る事なく其処に凡てが有って完結して欲しい（値段との兼ね合い？）。その他，第13章以外でペラペラ捲っててたまたま気付いた：○p.35 Listing 2-10 (1) ポインタレシーバにするからio.Copy(&writer, &reader)と不格好になる。必然性が有る？○p.50 Listing 3-6: import宣言に中括弧{}は，間違ってる。○p.122: tarのオプションに'-'があって違和感（僕が爺さん？）と，'v'指定ならファイル名等一杯出てくるでしょというお約束の指摘を○p.176 Listing 8-3 (3)とp.183 Listing 8-6: デバイスを探すループ，見つかった時点でbreakせんの？○以前とほぼ同じコードの時，同じ部分を薄く印刷する工夫（pp.178-9, Listing 8-5: が，importの"bytes"は濃く）。○p.160 Listing 7-7 (2) MySQL関連のパッケージをブランクインポートする件で，import宣言の先頭に別名（匿名）を表す'_'の失念を指摘する書評を見た。○同書評でp.190 Listing 9-1 (5)がuser := strings.Repeat("A", i+1)でイケる旨の示唆もあった。○内容は面白いけどqualityがpoorなる書評もあった。実際，手元に来て未だ僅かながら，表面をコーティングしとるビニールが『LONGMAN DOCE』や『ディジタル作法』等と同様に端からめくれてきた。○p.316, 319で，プロンプトが'$'ではなく'>'なのが疑問○索引が少々しょぼいかな。flag.Parse() 95, 108, 116とかnet.Conn 35, 183とかsort.Ints() 31とかstrings.Split() 324とかsync.WaitGroup 27-30, 255-60とかtime.Sleep() 183, 324等々あって欲しかった。最後に，p.117のYodaって，スターウォーズの登場人物？観てないから分かんないんだよなぁ。Now, go forth and conquer! (p.130)ってのもそれっぽい。