• Complain

Frisch Dan - Black Hat Python : Python programming for hackers and pentesters

Here you can read online Frisch Dan - Black Hat Python : Python programming for hackers and pentesters full text of the book (entire story) in english for free. Download pdf and epub, get meaning, cover and reviews about this ebook. year: 2015, publisher: No Starch Press, genre: Home and family. Description of the work, (preface) as well as reviews are available. Best literature library LitArk.com created for fans of good reading and offers a wide selection of genres:

Romance novel Science fiction Adventure Detective Science History Home and family Prose Art Politics Computer Non-fiction Religion Business Children Humor

Choose a favorite category and find really read worthwhile books. Enjoy immersion in the world of imagination, feel the emotions of the characters or learn something new for yourself, make an fascinating discovery.

Frisch Dan Black Hat Python : Python programming for hackers and pentesters

Black Hat Python : Python programming for hackers and pentesters: summary, description and annotation

We offer to read an annotation, description, summary or preface (depends on what the author of the book "Black Hat Python : Python programming for hackers and pentesters" wrote himself). If you haven't found the necessary information about the book — write in the comments, we will try to find it.

When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. Seitz explores the darker side of Pythons capabilities--writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. Readers will learn how to: create a trojan command-and-control using GitHub; detect sandboxing and automate common malware tasks, like keylogging and screenshotting; escalate Windows privileges with creative process control; use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine; extend the popular Burp Suite Web-hacking tool; abuse Windows COM automation to perform a man-in-the-browser attack; and exfiltrate data from a network most sneakily. Insider techniques and creative challenges throughout show readers how to extend the hacks and how to write their own exploits. -- Read more...
Abstract: When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. Seitz explores the darker side of Pythons capabilities--writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. Readers will learn how to: create a trojan command-and-control using GitHub; detect sandboxing and automate common malware tasks, like keylogging and screenshotting; escalate Windows privileges with creative process control; use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine; extend the popular Burp Suite Web-hacking tool; abuse Windows COM automation to perform a man-in-the-browser attack; and exfiltrate data from a network most sneakily. Insider techniques and creative challenges throughout show readers how to extend the hacks and how to write their own exploits

Frisch Dan: author's other books


Who wrote Black Hat Python : Python programming for hackers and pentesters? Find out the surname, the name of the author of the book and a list of all author's works by series.

Black Hat Python : Python programming for hackers and pentesters — read online for free the complete book (whole text) full work

Below is the text of the book, divided by pages. System saving the place of the last page read, allows you to conveniently read the book "Black Hat Python : Python programming for hackers and pentesters" online for free, without having to search again every time where you left off. Put a bookmark, and you can go to the page where you finished reading at any time.

Light

Font size:

Reset

Interval:

Bookmark:

Make
Black Hat Python: Python Programming for Hackers and Pentesters
Justin Seitz
Published by No Starch Press

To Pat

Although we never met, I am forever grateful for every member of your wonderful family you gave me.

Canadian Cancer Society www.cancer.ca

About the Author

Justin Seitz is a senior security researcher for Immunity, Inc., where he spends his time bug hunting, reverse engineering, writing exploits, and coding Python. He is the author of Gray Hat Python , the first book to cover Python for security analysis.

About the Technical Reviewers

Dan Frisch has over ten years of experience in information security. Currently, he is a senior security analyst in a Canadian law enforcement agency. Prior to that role, he worked as a consultant providing security assessments to financial and technology firms in North America. Because he is obsessed with technology and holds a 3rd degree black belt, you can assume (correctly) that his entire life is based around The Matrix .

Since the early days of Commodore PET and VIC-20, technology has been a constant companion (and sometimes an obsession!) to Cliff Janzen. Cliff discovered his career passion when he moved to information security in 2008 after a decade of IT operations. For the past few years Cliff has been happily employed as a security consultant, doing everything from policy review to penetration tests, and he feels lucky to have a career that is also his favorite hobby.

Foreword

Python is still the dominant language in the world of information security, even if the conversation about your language of choice sometimes looks more like a religious war. Python-based tools include all manner of fuzzers, proxies, and even the occasional exploit. Exploit frameworks like CANVAS are written in Python as are more obscure tools like PyEmu or Sulley.

Just about every fuzzer or exploit I have written has been in Python. In fact, the automotive hacking research that Chris Valasek and I recently performed contained a library to inject CAN messages onto your automotive network using Python!

If you are interested in tinkering with information security tasks, Python is a great language to learn because of the large number of reverse engineering and exploitation libraries available for your use. Now if only the Metasploit developers would come to their senses and switch from Ruby to Python, our community would be united.

In this new book, Justin covers a large range of topics that an enterprising young hacker would need to get off the ground. He includes walkthroughs of how to read and write network packets, how to sniff the network, as well as anything you might need for web application auditing and attacking. He then spends significant time diving into how to write code to address specifics with attacking Windows systems. In general, Black Hat Python is a fun read, and while it might not turn you into a super stunt hacker like myself, it can certainly get you started down the path. Remember, the difference between script kiddies and professionals is the difference between merely using other peoples tools and writing your own.

Charlie Miller

St. Louis, Missouri

September 2014

Preface

Python hacker. Those are two words you really could use to describe me. At Immunity, I am lucky enough to work with people who actually, really, know how to code Python. I am not one of those people. I spend a great deal of my time penetration testing, and that requires rapid Python tool development, with a focus on execution and delivering results (not necessarily on prettiness, optimization, or even stability). Throughout this book you will learn that this is how I code, but I also feel as though it is part of what makes me a strong pentester. I hope that this philosophy and style helps you as well.

As you progress through the book, you will also realize that I dont take deep dives on any single topic. This is by design. I want to give you the bare minimum, with a little flavor, so that you have some foundational knowledge. With that in mind, Ive sprinkled ideas and homework assignments throughout the book to kickstart you in your own direction. I encourage you to explore these ideas, and I would love to hear back any of your own implementations, tooling, or homework assignments that you have done.

As with any technical book, readers at different skill levels with Python (or information security in general) will experience this book differently. Some of you may simply grab it and nab chapters that are pertinent to a consulting gig you are on, while others may read it cover to cover. I would recommend that if you are a novice to intermediate Python programmer that you start at the beginning of the book and read it straight through in order. You will pick up some good building blocks along the way.

To start, I lay down some networking fundamentals in where we will cover some Windows privilege escalation tricks. The final chapter is about using Volatility for automating some offensive memory forensics techniques.

I try to keep the code samples short and to the point, and the same goes for the explanations. If you are relatively new to Python I encourage you to punch out every line to get that coding muscle memory going. All of the source code examples from this book are available at http://nostarch.com/blackhatpython/ .

Here we go!

Acknowledgments

I would like to thank my familymy beautiful wife, Clare, and my five children, Emily, Carter, Cohen, Brady, and Masonfor all of the encouragement and tolerance while I spent a year and a half of my life writing this book. My brothers, sister, Mom, Dad, and Paulette have also given me a lot of motivation to keep pushing through no matter what. I love you all.

To all my folks at Immunity (I would list each of you here if I had the room): thanks for tolerating me on a day-to-day basis. You are truly an amazing crew to work with. To the team at No StarchTyler, Bill, Serena, and Leighthanks so much for all of the hard work you put into this book and the rest in your collection. We all appreciate it.

I would also like to thank my technical reviewers, Dan Frisch and Cliff Janzen. These guys typed out and critiqued every single line of code, wrote supporting code, made edits, and provided absolutely amazing support throughout the whole process. Anyone who is writing an infosec book should really get these guys on board; they were amazing and then some.

For the rest of you ruffians that share drinks, laughs and GChats: thanks for letting me piss and moan to you about writing this book.

Chapter 1. Setting Up Your Python Environment

This is the least funbut nevertheless criticalpart of the book, where we walk through setting up an environment in which to write and test Python. We are going to do a crash course in setting up a Kali Linux virtual machine (VM) and installing a nice IDE so that you have everything you need to develop code. By the end of this chapter, you should be ready to tackle the exercises and code examples in the remainder of the book.

Before you get started, go ahead and download and install VMWare Player.[] I also recommend that you have some Windows VMs at the ready as well, including Windows XP and Windows 7, preferably 32-bit in both cases.

Installing Kali Linux

Kali is the successor to the BackTrack Linux distribution, designed by Offensive Security from the ground up as a penetration testing operating system. It comes with a number of tools preinstalled and is based on Debian Linux, so youll also be able to install a wide variety of additional tools and libraries beyond whats on the OS to start.

Next page
Light

Font size:

Reset

Interval:

Bookmark:

Make

Similar books «Black Hat Python : Python programming for hackers and pentesters»

Look at similar books to Black Hat Python : Python programming for hackers and pentesters. We have selected literature similar in name and meaning in the hope of providing readers with more options to find new, interesting, not yet read works.


Reviews about «Black Hat Python : Python programming for hackers and pentesters»

Discussion, reviews of the book Black Hat Python : Python programming for hackers and pentesters and just readers' own opinions. Leave your comments, write what you think about the work, its meaning or the main characters. Specify what exactly you liked and what you didn't like, and why you think so.