// Comparison

Black Hat Go vs Hacking: The Art of Exploitation: Which Should You Read?

Two cybersecurity books on Offensive, compared honestly: who each is for, what each does best, and which to read first.

Intermediate

4/52020

Go Programming For Hackers and Pentesters

Tom Steele, Chris Patten, Dan Kottmann

Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.

Intermediate

5/52008

Hacking: The Art of Exploitation

Jon Erickson

A from-first-principles tour of low-level exploitation that still teaches the mindset two decades later.

Read this if

Offensive practitioners who already know Python (or Bash) and want a compiled-language alternative for tools that need to run as a single binary on locked-down endpoints. Go's cross-compilation and tiny runtime make it the right choice for many implant-style tools.

Self-taught hackers who want to understand what a stack overflow actually is, not just how to invoke msfconsole.

Skip this if

Beginners with no programming background. The book assumes Go familiarity at the syntax level; for the language itself, read The Go Programming Language (Donovan/Kernighan) first.

Readers looking for modern exploitation (ASLR, CFI, browser sandboxes). The defenses Erickson covers are now baseline, not frontiers.

Key takeaways

Go binaries cross-compile to Windows, Linux, macOS, and ARM with no toolchain pain; for offensive tools that need to land on a target, Go saves hours.
Concurrency in Go is simple enough that scanners, brute forcers, and watchdog tools become trivial to write; the book's networking chapters lean on this.
Modern offensive tooling (Cobalt Strike alternatives, Mythic agents, Sliver) is increasingly Go-native; reading this book is reading the language those projects share.

Exploitation is a way of seeing programs, not a list of techniques.
Memory corruption is best learned with a debugger open beside the book.
The first half on C/assembly is worth the price even if you skip the exploits.

How they compare

We rate Hacking: The Art of Exploitation higher (5/5 against 4/5 for Black Hat Go). For most readers, that means Hacking: The Art of Exploitation is the primary pick and Black Hat Go is a useful follow-up.

Both books target intermediate-level readers, so the choice is about topic, not difficulty.

Black Hat Go and Hacking: The Art of Exploitation both cover Offensive, Networking, so reading them in sequence reinforces the same material from different angles.

Keep reading

Black Hat Go

→ Alternatives to Black Hat Go → What to read after Black Hat Go