I recently read an excellent blog post by Scott Piper about a tool he has released called Serene. The tool analyzes a binary to see if it has been compiled with security mitigation techniques - essentially a sanity check for best practices. As I was reading the post I came across this quote: Anything compiled with Golang will not have ASLR/PIE. This is a decision by the language creators as Golang