Gray Hat Python

Python Programming for Hackers and Reverse Engineers
by Justin Seitz

April 2009, 216 pp.
ISBN: 978-1-59327-192-3

Download Chapter 2: "Debuggers and Debugger Design" and Chapter 4: "PyDbg: A Pure Python Windows Debugger"

Download the code from the book: .zip

Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.

Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools - and how to build your own when the pre-built ones won't cut it.

You'll learn how to:

  • Automate tedious reversing and security tasks
  • Design and program your own debugger
  • Learn how to fuzz Windows drivers and create powerful fuzzers from scratch
  • Have fun with code and library injection, soft and hard hooking techniques, and other software trickery
  • Sniff secure traffic out of an encrypted web browser session
  • Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more

The world's best hackers are using Python to do their handiwork. Shouldn't you?


About the Author

Justin Seitz is a Senior Security Researcher for Immunity, Inc., where he spends a great deal of time bughunting, reverse engineering, and doing Python development and malware analysis.


Table of Contents

Introduction

Chapter 1: Setting Up Your Development Environment
Chapter 2: Debuggers and Debugger Design
Chapter 3: Building a Windows Debugger
Chapter 4: PYDBG: A Pure Python Windows Debugger
Chapter 5: Immunity Debugger: The Best of Both Worlds
Chapter 6: Hooking
Chapter 7: DLL and Code Injection
Chapter 8: Fuzzing
Chapter 9: Sulley
Chapter 10: Fuzzing Windows Drivers
Chapter 11: IDAPython—Scripting IDAPro
Chapter 12: Pyemu—The Scriptable Emulator

Index

View the detailed Table of Contents (PDF)

View the Index (PDF)

(top)

Reviews

"I can recommend Gray Hat Python to all people who want to get an overview of hacking tools and hacking techniques that make use of Python. It is a no-nonsense book which follows a simple recipe: give a brief overview of a hacking technique and then dive straight into a real-world example."
—The-Interweb.com (Read More)

"A headfirst dive into the day-to-day coding all app pentesters end up doing."
—Thomas Ptacek

Gray Hat Python "succeeded in showing me with relative ease how a trained security researcher or determined hacker could use relatively straightforward Python scripts to infiltrate the most prevalent consumer operating system today."
—Dr. Dobb's CodeTalk (Read More)

"Justin does a great job elaborating the code examples used throughout [Gray Hat Python]. . . Chapter 3 is just downright awesome."
—Carnal0wnage (Read More)

Gray Hat Python "is a must for all people who deal with security on a technical level."
—Geek at Large (Read More)

"This book was a joy to read."
—Kramses blog (Read More)

Gray Hat Python "is really well-written and has a nice structure which is common among No Starch Press books; that is, more code less talk."
—Xorl.wordpress.com (Read More)

"If you use python for your day-to-day scripting and perform some reverse engineering/debugging/fuzzing tasks, then this definitely a book that is bound to catch your attention."
—int 2Eh (Read More)

"I recommend the book. . . It's a good book to help security engineers use python to begin analyzing software vulnerabilities. Primarily it's a book about using python to debug and to a lesser degree fuzz. It's a good insight into how Immunity does things and will help you look at CANVAS code a little easier. For that alone it's definitely worth buying."
—cyberwart (Read More)

(top)

Updates

(show updates)(top)