Ever think "how do I find this FUD #golang #malware the #redteam use if EDR can't?" find / -size +5M -type f -executable -exec grep -Erl '\.go$' {} \; 2>/dev/null Finds docker, minio, a lot of benign, but important binaries. Also finds all those slivers and gscripts.
2
10
33
For BSD: find / -size +5M -type f -perm +111 -exec grep -Erl '\.go$' {} \; 2>/dev/null

Aug 21, 2021 · 8:44 PM UTC

1
3
I'll throw in windows native, or PS native commands if someone really wants. I don't care as much about that domain.