Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.
Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools - and how to build your own when the pre-built ones won't cut it.
You'll learn how to:
Automate tedious reversing and security tasks
Design and program your own debugger
Learn how to fuzz Windows drivers and create powerful fuzzers from scratch
Have fun with code and library injection, soft and hard hooking techniques, and other software trickery
Sniff secure traffic out of an encrypted web browser session
Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more
The world's best hackers are using Python to do their handiwork. Shouldn't you?
Chapter 1 SETTING UP YOUR DEVELOPMENT ENVIRONMENT
Operating System Requirements
Obtaining and Installing Python 2.5
Setting Up Eclipse and PyDev
Chapter 2 DEBUGGERS AND DEBUGGER DESIGN
General-Purpose CPU Registers
The Stack
Debug Events
Breakpoints
Chapter 3 BUILDING A WINDOWS DEBUGGER
Debuggee, Where Art Thou?
Obtaining CPU Register State
Implementing Debug Event Handlers
The Almighty Breakpoint
Conclusion
Chapter 4 PYDBG—A PURE PYTHON WINDOWS DEBUGGER
Extending Breakpoint Handlers
Process Snapshots
Chapter 5 IMMUNITY DEBUGGER—THE BEST OF BOTH WORLDS
Justin Seitz is a Senior Security Researcher for Immunity, Inc., where he spends his time bug hunting, reverse engineering, writing exploits, and coding Python.
Great book, a lot of very interesting topics and in my favourite programming language, Python. It would be a good idea a 2nd edition using python 3.
9/19/2009
(3 of 3 customers found this review helpful)
5.0
Excellent For Students and Programmers
By jdruin
from Kentucky
About Me Developer
Pros
Accurate
Easy to understand
Helpful examples
Well-written
Cons
Best Uses
Expert
Intermediate
Student
Comments about No Starch Press Gray Hat Python:
In general the book explains how to watch live programs run and reverse engineer how they work by observing the programs behavior in real time. The author does an excellent job of showing how to do this via Python PyDbg and the Immunity Debugger.
The topics covered include hooking with PyDbg and Immunity, DLL and code injection, fuzzing common bugs, and working with drivers. All of these are covered well with lots of explanation and example.
The best part of the book is the first area though. Step by step a simple, working debugger is built. At each step the author explains how the CPU allows for program debugging, how debuggers can intercept the currently running code, and how to perform three types of debugging. Because the reader gets to build the debugger line by line, it is easy to see how the debuggers work internally. The amount of information learned in this part of the book makes it worth getting just in the first four chapters.
For the next two thirds of the book, the reader is shown how to use the PyDbg and Immunity. Since the basic operation of debuggers has already been covered, it is much easier to understand what the debuggers are doing and how they are able to interact with the running executables.
This book is excellent for students and programmers alike. A definite must have for Computer Science students.
