Professional penetration testing and offensive security development for companies in Germany. Zola 2026-03-31T00:00:00+00:00 https://wisp-security.eu/en/atom.xml 2026-03-31T00:00:00+00:00 2026-03-31T00:00:00+00:00 Ben Stuart https://wisp-security.eu/en/blog/2026-03-botconf-ghidra-workshop/ <p>We are pleased to attend <a href="https://www.botconf.eu/">Botconf 2026</a> in Reims, France. The main conference runs from 15 to 17 April 2026; workshops take place on 14 April 2026. The conference focuses on botnets and malware ecosystems.</p> <p>Alongside the programme we will join the workshop “Malware symbol recovery with Ghidra using Golang examples”. It covers how to work faster when unnamed functions pile up: restoring function symbols and automating rename steps when hundreds or thousands of unknown symbols get in the way. Examples use Golang because statically linked Go binaries illustrate the ideas well.</p> <p>In the four-hour workshop we work through two malware families seen in the wild: how symbol recovery works in theory and how to apply it in Ghidra. That includes building your own symbol databases and using privately analysed samples as a starting point for further research into family evolution. The relationship between source and compiled code (especially with Go) is also clarified.</p> <p>The techniques apply to any binary Ghidra supports and can be adapted for other tools with minor changes.</p> <p><em>Note: We will extend this post with impressions and follow-up notes after the visit.</em></p>