Authors: Joe Sylve, Ph.D. (BlackBag Technologies), Vico Marziale, Ph.D. (BlackBag Technologies)

DFRWS EU 2017

Abstract

In this hands-on workshop attendees will learn how to develop forensics tools in Google’s Go programming language. We will first-present an overview of the Go programming language, focused on those parts that are most useful for developing forensics tools, and then present a simple parser for a commonly encountered forensic artifact. Lastly, attendees will develop a simple parser for another common forensics artifact, with the assistance of the presenters. This workshop is intended for forensics tool developers. Some programming experience is a must, preferably in a C-like language, but no experience with Go specifically is required. Participants will be provided with handouts of a Go “cheat sheet” and a copy of the presentation slides. Participants will also need to have Go installed (on their platform of choice – all common OSes are supported).

Downloads