Black Hat Python

Python Programming for Hackers and Pentesters
by Justin Seitz

December 2014, 192 pp.
ISBN: 978-1-59327-590-7
Contents | Reviews | Updates

“The difference between script kiddies and professionals is the difference between merely using other people's tools and writing your own.”
—Charlie Miller, from the Foreword

When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. But just how does the magic happen?

In Black Hat Python, the latest from Justin Seitz (author of the best-selling Gray Hat Python), you’ll explore the darker side of Python’s capabilities—writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. You’ll learn how to:

  • Create a trojan command-and-control using GitHub
  • Detect sandboxing and automate com­mon malware tasks, like keylogging and screenshotting
  • Escalate Windows privileges with creative process control
  • Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine
  • Extend the popular Burp Suite web-hacking tool
  • Abuse Windows COM automation to perform a man-in-the-browser attack
  • Exfiltrate data from a network most sneakily

Insider techniques and creative challenges throughout show you how to extend the hacks and how to write your own exploits.

When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how in Black Hat Python.


About the Author

Justin Seitz is a senior security researcher for Immunity, Inc., where he spends his time bug hunting, reverse engineering, writing exploits, and coding Python. He is the author of Gray Hat Python (No Starch Press), the first book to cover Python for security analysis.


Table of Contents

Introduction

Chapter 1: Setting Up Your Python Environment
Chapter 2: The Network: Basics
Chapter 3: The Network: Raw Sockets and Sniffing
Chapter 4: Owning the Network with Scapy
Chapter 5: Web Hackery
Chapter 6: Extending Burp Proxy
Chapter 7: GitHub Command and Control
Chapter 8: Common Trojaning Tasks on Windows
Chapter 9: Fun With Internet Explorer
Chapter 10: Windows Privilege Escalation
Chapter 11: Automating Offensive Forensics

Index

View the detailed Table of Contents (PDF)

View the Index (PDF)

(top)