When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. But just how does the magic happen?
In Black Hat Python, the latest from Justin Seitz (author of the best-selling Gray Hat Python), you'll explore the darker side of Python's capabilities—writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. You'll learn how to:
Create a trojan command-and-control using GitHub
Detect sandboxing and automate common malware tasks, like keylogging and screenshotting
Escalate Windows privileges with creative process control
Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine
Extend the popular Burp Suite web-hacking tool
Abuse Windows COM automation to perform a man-in-the-browser attack
Exfiltrate data from a network most sneakily
Insider techniques and creative challenges throughout show you how to extend the hacks and how to write your own exploits.
When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how in Black Hat Python.
Justin Seitz is a Senior Security Researcher for Immunity, Inc., where he spends his time bug hunting, reverse engineering, writing exploits, and coding Python. He is the author of Gray Hat Python, the first book to cover the use of Python for security analysis.
This is an excellent book for anyone who wants to understand how to use Python for hacking and penetration testing. It includes lots of sample code and great introductions. You can learn to write your own sniffer, inject shellcode, and do lots of other "dark" tricks using Python. The author starts with setting up your environment and shows you what to do. An invaluable security book, though you should have some experience with scripting if not Python itself.
Bottom Line Yes, I would recommend this to a friend