Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.
Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools - and how to build your own when the pre-built ones won't cut it.
You'll learn how to:
Automate tedious reversing and security tasks
Design and program your own debugger
Learn how to fuzz Windows drivers and create powerful fuzzers from scratch
Have fun with code and library injection, soft and hard hooking techniques, and other software trickery
Sniff secure traffic out of an encrypted web browser session
Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more
The world's best hackers are using Python to do their handiwork. Shouldn't you?
Chapter 1 SETTING UP YOUR DEVELOPMENT ENVIRONMENT
Operating System Requirements
Obtaining and Installing Python 2.5
Setting Up Eclipse and PyDev
Chapter 2 DEBUGGERS AND DEBUGGER DESIGN
General-Purpose CPU Registers
Chapter 3 BUILDING A WINDOWS DEBUGGER
Debuggee, Where Art Thou?
Obtaining CPU Register State
Implementing Debug Event Handlers
The Almighty Breakpoint
Chapter 4 PYDBG—A PURE PYTHON WINDOWS DEBUGGER
Extending Breakpoint Handlers
Chapter 5 IMMUNITY DEBUGGER—THE BEST OF BOTH WORLDS
When you write computer books for a living, you should be required to specify that by the time the book hits shelves, the version of the programming language detailed within will already be out. when doing the first python program in python 3.2.3 (the book written in 2012 uses 2.5) it throws an error. you cannot print echo a quoted string without additional parenthases. "Hello World" becomes ("Hello World"). Now I have a 40 dollar coffeetable book. Not a happy customer at all.
Bottom Line No, I would not recommend this to a friend
In general the book explains how to watch live programs run and reverse engineer how they work by observing the programs behavior in real time. The author does an excellent job of showing how to do this via Python PyDbg and the Immunity Debugger.
The topics covered include hooking with PyDbg and Immunity, DLL and code injection, fuzzing common bugs, and working with drivers. All of these are covered well with lots of explanation and example.
The best part of the book is the first area though. Step by step a simple, working debugger is built. At each step the author explains how the CPU allows for program debugging, how debuggers can intercept the currently running code, and how to perform three types of debugging. Because the reader gets to build the debugger line by line, it is easy to see how the debuggers work internally. The amount of information learned in this part of the book makes it worth getting just in the first four chapters.
For the next two thirds of the book, the reader is shown how to use the PyDbg and Immunity. Since the basic operation of debuggers has already been covered, it is much easier to understand what the debuggers are doing and how they are able to interact with the running executables.
This book is excellent for students and programmers alike. A definite must have for Computer Science students.
Bottom Line Yes, I would recommend this to a friend