Reverse engineering Go binaries can be difficult, especially using existing dynamic tools to interrogate program state at runtime. This talk explains how metadata in Go binaries can be used to recover data type definitions, then combined with a debugger at runtime to display the contents of complex data structures such as arrays and custom structs, even on stripped binaries.
These techniques are demonstrated in a recent release of LLEF, which is a free and open reverse engineering toolkit for LLDB developed by Foundry Zero.
