by Justin Seitz
April 2009, 216 pp.
Download Chapter 2: "Debuggers and Debugger Design" and Chapter 4: "PyDbg: A Pure Python Windows Debugger"
Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.
Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools - and how to build your own when the pre-built ones won't cut it.
You'll learn how to:
The world's best hackers are using Python to do their handiwork. Shouldn't you?
About the Author
Justin Seitz is a Senior Security Researcher for Immunity, Inc., where he spends a great deal of time bughunting, reverse engineering, and doing Python development and malware analysis.
Table of Contents
Chapter 1: Setting Up Your Development Environment
View the detailed Table of Contents (PDF)
View the Index (PDF)(top)
"I can recommend Gray Hat Python to all people who want to get an overview of hacking tools and hacking techniques that make use of Python. It is a no-nonsense book which follows a simple recipe: give a brief overview of a hacking technique and then dive straight into a real-world example."
"A headfirst dive into the day-to-day coding all app pentesters end up doing."
Gray Hat Python "succeeded in showing me with relative ease how a trained security researcher or determined hacker could use relatively straightforward Python scripts to infiltrate the most prevalent consumer operating system today."
"This book was a joy to read."
"If you use python for your day-to-day scripting and perform some reverse engineering/debugging/fuzzing tasks, then this definitely a book that is bound to catch your attention."
"I recommend the book. . . It's a good book to help security engineers use python to begin analyzing software vulnerabilities. Primarily it's a book about using python to debug and to a lesser degree fuzz. It's a good insight into how Immunity does things and will help you look at CANVAS code a little easier. For that alone it's definitely worth buying."