| | |  | Certification Central | Home » » Gray Hat Python: Python Programming for Hackers and Reverse Engineers | | | | | | | Description: | | Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore. Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools - and how to build your own when the pre-built ones won't cut it. You'll learn how to: - Automate tedious reversing and security tasks
- Design and program your own debugger
- Learn how to fuzz Windows drivers and create powerful fuzzers from scratch
- Have fun with code and library injection, soft and hard hooking techniques, and other software trickery
- Sniff secure traffic out of an encrypted web browser session
- Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more
The world's best hackers are using Python to do their handiwork. Shouldn't you?
| | | Features: | |
• ISBN13: 9781593271923
• Condition: NEW
• Notes: Brand New from Publisher. No Remainder Mark.
•
| | | Product Details: | | | Author:
| Justin Seitz | | Paperback:
| 232 pages | | Publisher:
| No Starch Press | | Publication Date:
| April 20, 2009 | | Language:
| English | | ISBN:
| 1593271921 | | Package Length:
| 9.2 inches | | Package Width:
| 7.0 inches | | Package Height:
| 0.7 inches | | Package Weight:
| 1.15 pounds | | Average Customer Rating:
|  based on 10 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
Write an online review and share your thoughts with other customers.
 Very very good book!Mar 08, 2010
Very good book.
I bought it before even learning to do "hello world" in python in order to follow the ideas of the book.
The book gave me a pretty solid idea where to go and went deep at it too.
I never thought debuggers would be THAT much interesting! :)
1 of 1 found the following review helpful:
AWESOME book with some great insight!Feb 04, 2010
I was also one of the people who was eagerly awaiting the release of this book, NOT so much because I am a "hacker by day trying to pentrate systems etc", but because Python is my language of choice and I love to play / hack / hobby around with it!!
The bottom line is the book is FUN to read, and opens up the minds of those programmers / hackers out their who have a PASSION this stuff ;-)
This book gave me some super insight into some of the lower level things "non hackers" have probably been missing all along. We all know the best programmers in the world are hackers and I think Justin has done a wonderful job showing just how cool, EASY and FUN hacking in Python can really be!
I must say I had numerous times in the book where I would smile and think "WOW, now that's cool" ;-)
I must also say I am well impressed with "Immunity Debugger", another superb product that unless I had read the book, I would have never heard about...
So keep up the great work Justin, and I really look forward to if you ever bring out a 2nd edition in years to come, that will be fun!
Rock on!
0 of 1 found the following review helpful:
 Decent Python Resource, but Windows?Jan 31, 2010
Python is an excellent language and computer security is part of my profession. I was really excited to get my hands on this book, but disappointed when I read the following line on page 2: "All of the chapters in this book are Windows-specific, and most examples will work only with a Windows operating system." What a let down. Overall it is a great Python resource, but it is much too specific to Windows. Most hackers, reverse engineers, and security professionals do not use Windows. All examples in this book are based on Windows Python environments (with side references to Linux).
Only 3 stars for being Windows centric. The author would have done so much better writing the book for multiple OSs.
3 of 3 found the following review helpful:
Airport Bookstore QualityOct 05, 2009
This book has some interesting insights for someone just starting out with python. For the newcomer to python learning how to call c code easily within python is always exciting and using c types is presented well in the start of this book. However on the whole, it is often sufficient to read through the code in this book and say 'aha'. Actually sitting down at a computer shows the flaws in this book. For one, there are several hangups if your operating system is 64 bit windows and even more if you are on any variant of Linux. Additionally some of the code is just wrong and requires reading the list of updates at the books website. However simply reading it as a book, it generally explains how a debugger works and convinces the user that python is a good language for doing this. Finally as a tutorial for using the existing upper tier python debuggers would at least merit this book useful to some.
15 of 16 found the following review helpful:
 Much Anticipation falls well short of expectationsJul 07, 2009
I was extremely disappointed in this book. I had been waiting almost a year for the book to be released and in that time had spent time looking at the different applications that were currently written in Python that could possible be included. With the time spent in writing this book and bringing it into publication the poor quality of the book does not compare to the higher standards that most No Starch Press books have achieved.
While there were a few merits in the book the majority of the book was a futile attempt to put outdated or useless information to paper. Many of my coworkers were very interested in the publication, but having read it and having spoken with my collegues that have read it we can all agree that it falls well short of anticipation.
The first five chapters were about Immunity Debugger. While reading them it seemed as if it were a sales pitch and then after reading that the author was employed by the same company that produces Immunity it was plainly obvious that he was influenced.
The author spent a chapter on hooking(6), DLL and code injection(7), fuzzing(8), Sulley(9), Fuzzing Windows Drivers(10), IDAPython(11), PyEMU(12) and obviously the Immunity Debugger chapters that were 1 through 5. But where was the rest? It was obviously lacking in many areas. There was very little mentioned on networks, packet reassembly or capture (pynids). No mention was made of Scapy, Pcapy, Impacket, Inguma, Volatility and so many more. Libraries that would be extremely helpful were never even brushed. IronPython, Win32, CryptoPy,
The examples given were poor to say the least. The author never mentioned which versions of python that the examples worked with and they were built using the older releases. The author goes through the installation of Python 2.5, but that version had issues with a few of the examples that I managed to get to work on 2.4. No mention was made for the the Python 3 version and version 2.6 had issues with most of the examples.
At 188 pages with 80+ pages used for debuggers that book was sorely lacking in any amount of substance. Most of my notes have more content then this book. To think that a book written regarding security minded use of python could only yield this little bit of information is absured.
I had preordered the book well in advance of publication. Each time the book was delayed for a few months I was extremely disappointed, but continued to hold onto the preorder. Once I received the book the writing and content were so poor that I spent much of my time reading a few pages only to put it down to find something of more interest or better content.
As I had said previously, No Starch Press is known for their quality products and excellent material, but this book falls well short of expectations. If someone would ask if I recommend this book I would whole heartedly tell them they are better off buying seperate books and piecing together that with internet content.
With all the uses Python has in security today I feel the community needs a better resource for Python tools in pentesting, forensics, incident response, intrusion detection, and so on. The potential content could fill volumes. A book about Python and Security would benefit the community greatly if it was a quality product, but this is not it.
| | |
|
