Cyber Shelf

// Comparison

Black Hat Go vs Silence on the Wire: Which Should You Read?

Two cybersecurity books on Networking, compared honestly: who each is for, what each does best, and which to read first.

Intermediate
4/52020
Black Hat Go

Go Programming For Hackers and Pentesters

Tom Steele, Chris Patten, Dan Kottmann

Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.

Advanced
5/52005
Silence on the Wire

A Field Guide to Passive Reconnaissance and Indirect Attacks

Michal Zalewski

Michal Zalewski's classic on the indirect attack surface: timing channels, protocol-stack fingerprinting, and the often-overlooked side data leaked by every layer of a stack.

Read this if

Offensive practitioners who already know Python (or Bash) and want a compiled-language alternative for tools that need to run as a single binary on locked-down endpoints. Go's cross-compilation and tiny runtime make it the right choice for many implant-style tools.
Curious defenders, reverse engineers, and protocol auditors who want to think about the side data every layer leaks. Zalewski is the field's most original networking thinker, and the book is twenty years old and somehow still ahead of most people's models.

Skip this if

Beginners with no programming background. The book assumes Go familiarity at the syntax level; for the language itself, read The Go Programming Language (Donovan/Kernighan) first.
Readers wanting recipes or playbooks. The book is conceptual essays on side channels, network metadata, and indirect inference; each chapter is a thought experiment with practical implications, not a step-by-step guide.

Key takeaways

  • Go binaries cross-compile to Windows, Linux, macOS, and ARM with no toolchain pain; for offensive tools that need to land on a target, Go saves hours.
  • Concurrency in Go is simple enough that scanners, brute forcers, and watchdog tools become trivial to write; the book's networking chapters lean on this.
  • Modern offensive tooling (Cobalt Strike alternatives, Mythic agents, Sliver) is increasingly Go-native; reading this book is reading the language those projects share.
  • Every protocol layer leaks information that wasn't in the payload (TCP/IP fingerprinting, DNS cache hints, browser timing, terminal echo); the book's premise is that adversaries can read all of it.
  • Passive reconnaissance is dramatically underrated as both a threat and a research tool; Zalewski makes the case better than anyone before or since.
  • The chapters on phantom-data leakage (idle scanning, timing oracles, blind side channels) are the conceptual root of attack classes that keep getting rediscovered every few years.

How they compare

We rate Silence on the Wire higher (5/5 against 4/5 for Black Hat Go). For most readers, that means Silence on the Wire is the primary pick and Black Hat Go is a useful follow-up.

Black Hat Go is pitched at intermediate level. Silence on the Wire is pitched at advanced level. Read the easier one first if you're not yet comfortable with the topic.

Black Hat Go and Silence on the Wire both cover Networking, so reading them in sequence reinforces the same material from different angles.

Keep reading

Black Hat Go

Alternatives to Black Hat GoWhat to read after Black Hat Go

Silence on the Wire

Alternatives to Silence on the WireWhat to read after Silence on the Wire

Related topics

Networking