Start reading Gray Hat Python on the free Kindle Reading App or on your Kindle in under a minute. Don't have a Kindle? Get your Kindle here.
Programming Books C Java PHP Python Learn more Browse Programming Books

Deliver to your Kindle or other device

Enter a promotion code
or gift card
 
 
 

Try it free

Sample the beginning of this book for free

Deliver to your Kindle or other device

Sorry, this item is not available in
Image not available for
Color:
Image not available
 

Gray Hat Python: Python Programming for Hackers and Reverse Engineers [Kindle Edition]

Justin Seitz
3.8 out of 5 stars  See all reviews (30 customer reviews)

Digital List Price: $31.95 What's this?
Print List Price: $39.95
Kindle Price: $17.25
You Save: $22.70 (57%)

Free Kindle Reading App Anybody can read Kindle books—even without a Kindle device—with the FREE Kindle app for smartphones, tablets and computers.

To get the free app, enter your email address or mobile phone number.

Formats

Amazon Price New from Used from
Kindle Edition $17.25  
Paperback $28.48  

Book Description

Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.


Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools - and how to build your own when the pre-built ones won't cut it.


You'll learn how to:


  • Automate tedious reversing and security tasks
  • Design and program your own debugger
  • Learn how to fuzz Windows drivers and create powerful fuzzers from scratch
  • Have fun with code and library injection, soft and hard hooking techniques, and other software trickery
  • Sniff secure traffic out of an encrypted web browser session
  • Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more

The world's best hackers are using Python to do their handiwork. Shouldn't you?



Editorial Reviews

About the Author

Justin Seitz is a Senior Security Researcher for Immunity, Inc., where he spends his time bug hunting, reverse engineering, writing exploits, and coding Python.


Product Details

  • File Size: 583 KB
  • Print Length: 216 pages
  • Simultaneous Device Usage: Unlimited
  • Publisher: No Starch Press; 1 edition (April 16, 2012)
  • Sold by: Amazon Digital Services, Inc.
  • Language: English
  • ASIN: B007V2DNEK
  • Text-to-Speech: Enabled
  • X-Ray:
  • Word Wise: Not Enabled
  • Lending: Not Enabled
  • Amazon Best Sellers Rank: #401,952 Paid in Kindle Store (See Top 100 Paid in Kindle Store)
  •  Would you like to give feedback on images?


Customer Reviews

Most Helpful Customer Reviews
69 of 74 people found the following review helpful
Format:Paperback|Verified Purchase
I was extremely disappointed in this book. I had been waiting almost a year for the book to be released and in that time had spent time looking at the different applications that were currently written in Python that could possible be included. With the time spent in writing this book and bringing it into publication the poor quality of the book does not compare to the higher standards that most No Starch Press books have achieved.

While there were a few merits in the book the majority of the book was a futile attempt to put outdated or useless information to paper. Many of my coworkers were very interested in the publication, but having read it and having spoken with my collegues that have read it we can all agree that it falls well short of anticipation.

The first five chapters were about Immunity Debugger. While reading them it seemed as if it were a sales pitch and then after reading that the author was employed by the same company that produces Immunity it was plainly obvious that he was influenced.

The author spent a chapter on hooking(6), DLL and code injection(7), fuzzing(8), Sulley(9), Fuzzing Windows Drivers(10), IDAPython(11), PyEMU(12) and obviously the Immunity Debugger chapters that were 1 through 5. But where was the rest? It was obviously lacking in many areas. There was very little mentioned on networks, packet reassembly or capture (pynids). No mention was made of Scapy, Pcapy, Impacket, Inguma, Volatility and so many more. Libraries that would be extremely helpful were never even brushed. IronPython, Win32, CryptoPy,

The examples given were poor to say the least. The author never mentioned which versions of python that the examples worked with and they were built using the older releases.
Read more ›
Was this review helpful to you?
39 of 41 people found the following review helpful
4.0 out of 5 stars GHPython Review May 3, 2009
Format:Paperback
I have to start off by saying that I've been looking forward to this book being published for months now. Since it initially popped up on the No Starch website I've been following it and nagging the publishers about it's release. I was fortunate enough to get a copy last Friday and I dove into it full force, even my final exam suffered because I was a little too focused on this book. I have mixed feelings about the book overall, there was definitely a few things I gained from it. On the other hand, there were many more things that could have been added. If you are new to Reverse Engineering then you will most likely obtain a leap of knowledge from the book. Packed with code examples on various open source tools and concepts to create your own, you'll be waste deep in python for a while. If you've been around for the last few years and have already checked out many of the open source tools discussed in the book you may only get a few things out of it.

Justin does a great job elaborating through the the code examples used throughout the book. The sheer scope of this book makes it difficult to cover everything but Justin definitely attempts to give you a taste for the more common scenarios you may find yourself in. Below I highlight a few chapters that I found interesting and useful. Overall the entire book is useful but a large portion covers open source tools that have a plethora of documentation and examples in existence.

Chapter 3 is just downright awesome. This chapter walks you through creating your own python based debugger that is similar to pydbg. Between the concepts and actual implementation you obtain a solid understanding of what is going on in a Windows based debugger.

Chapter 6 goes over Hooking in 5 pages.
Read more ›
Comment | 
Was this review helpful to you?
14 of 14 people found the following review helpful
4.0 out of 5 stars Excellent book for rapid vulnerability testing May 7, 2009
By mjw
Format:Paperback
I've been eagerly awaiting the release of "Grey Hat Python" by Justin Seitz of Immunity. I think Python is a great language and it's used extensively in the security industry so I've been quite curious about the book. Overall, I'm happy with it. The book gives insight into some of the tips and tricks one of the best exploit development companies uses to quickly find and exploit bugs. I think most security professionals will find the book a useful addition to their shelves.

If the book has a fault, it's Justin's concise focus on using python as a tool to rapidly find and exploit bugs. As such the book is in a niche category. It doesn't really fulfill the subtitle "Python Programming for Hackers..." A more accurate subtitle might be "Python programming for expedited bug finding and exploitation". As such it lacks some things I would have expected from a more general book such as:

1. Using scapy or impacket for network tricks
2. Using python for phishing (this is a potential hot topic -- the Metasploit guys are working on a phishing addition for the framework so seeing something similar in python would be a plus).
3. Using python for generic security applications: web scraping, social network enumeration, gluing security tools, etc

All the above would have been nice additions to make the book more complete. As-is the book is very good, but you need to understand that it's not a general purpose python for hacking book. It is a great resource for debugging and automating dynamic analysis of executables.

Now for the super-hardcore exploit guys out there I would have liked to see more depth. I understand why the book didn't go into too much more detail -- the number of interested parties likely decreases exponentially.
Read more ›
Comment | 
Was this review helpful to you?
Most Recent Customer Reviews
4.0 out of 5 stars This is a very useful book about how to establish your own debugger...
This is a very useful book about how to establish your own debugger with python and use/learn PyDbg-Immunity debugger. I really advise the book. Read more
Published 25 days ago by Ibrahim Karaguzel
4.0 out of 5 stars Great introductory book
I really liked this book. If you are new to fuzzing, exploit development or Immunity Debugger or IDA Pro this book will be worth your time to check out. Read more
Published 3 months ago by Casey Dunham
4.0 out of 5 stars Good almost 7 years ago, but then again so was the economy.
New viewers and potential buyers should beware, this book was great in 2009. Python has evolved greatly since then. Read more
Published 5 months ago by Vladimir
5.0 out of 5 stars best learning book!
great way to learn python!
Published 8 months ago by Tactical Keychains
4.0 out of 5 stars very very good
Quite a good technical book! Better if you if you can read between the lines. Hard core machine stuff, beautiful.
Published 11 months ago by Dylan W Randall
3.0 out of 5 stars Love/Hate Relationship
First off, I am only on chapter 5, but I feel I should weigh in. This book allowed me to jump right into python, and for that its awesome. Read more
Published 13 months ago by Milandon F.
5.0 out of 5 stars Gray Hat Awesomeness
An awesome book! The book gave me valuable inside about the inner workings of a debugger (Windows). This book also shed some light on the topics unknown to me (at the time) like... Read more
Published 13 months ago by AP
3.0 out of 5 stars Despite initial impressions, pretty useless for Linux users
Given that it's Python, and the first chapter covers installing Python on Linux and doing some basic things involving ctypes with Linux (in addition to Windows), I fully expected... Read more
Published 19 months ago by Amazon Customer
2.0 out of 5 stars Code that doesn't work.
I had high hopes for this book but it did not take long to find that the book was not worthy of purchase. In short, several pieces of python code did not work. Read more
Published 21 months ago by Blue Chip
5.0 out of 5 stars Best IT Book I ever read
I've read the following books, MCSE -Security, CCIE Security, CompTIA Security, A+, EC-Council Certified Ethical Hacker, EC-Council Computer Hacking Forensics Investigator, & this... Read more
Published on January 29, 2013 by IT Guy
Search Customer Reviews
Search these reviews only

More About the Author

Discover books, learn about writers, read author blogs, and more.

What Other Items Do Customers Buy After Viewing This Item?


Forums

There are no discussions about this product yet.
Be the first to discuss this product with the community.
Start a new discussion
Topic:
First post:
Prompts for sign-in
 


Look for Similar Items by Category