Great book, until you get to page 31 where you start to write the debugger code.
The code is a disaster. It is unclearly written, with a mixture of typos and lines shouldn't be there. If you type in the code as written, it does not work. There were some "updates" added to correct some issues, but other unclear/incorrect parts are not in the updates. If the code doesn't work as-written, it is impossible to tell if I'm entering the code wrong or if the problem is the way the code is written in the book.
For a breakdown of the errors: http://stacksmash.org/2009/06/gray-hat-python-by-justin-seitz-errata/
In short, it's a great 31 pages but after that the book is useless. If one is already an expert in Python and C, then they can possibly know enough to correct the coding errors but the reason I bought the book was to gain experience with Python. Is it that hard to at least make sure the code works?
I wouldn't have an issue with typographical errors, but the code falling part as early as page 31 is inexcusable.
Very, very disappointed with not only this book but No Starch Press.
Do not buy.
Gray Hat Python: Python Programming for Hackers and Reverse Engineers Combined Edition
by
Justin Seitz
(Author)
| Justin Seitz (Author) Find all the books, read about the author, and more. See search results for this author |
Related Text
ISBN-13: 978-1593271923
ISBN-10: 1593271921
Why is ISBN important? ISBN
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Use the Amazon App to scan ISBNs and compare prices.
Add to book club
Loading your book clubs
There was a problem loading your book clubs. Please try again.
Not in a club? Learn more
Join or create book clubs
Choose books together
Track your books
Bring your club to Amazon Book Clubs, start a new book club and invite your friends to join, or find a club that’s right for you for free.
More Buying Choices
Python is fast becoming the programming language of choice for hackers, reverse engineers, and software testers because it's easy to write quickly, and it has the low-level support and libraries that make hackers happy. But until now, there has been no real manual on how to use Python for a variety of hacking tasks. You had to dig through forum posts and man pages, endlessly tweaking your own code to get everything working. Not anymore.
Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools—and how to build your own when the pre-built ones won't cut it.
You'll learn how to:
–Automate tedious reversing and security tasks
–Design and program your own debugger
–Learn how to fuzz Windows drivers and create powerful fuzzers from scratch
–Have fun with code and library injection, soft and hard hooking techniques, and other software trickery
–Sniff secure traffic out of an encrypted web browser session
–Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more
The world's best hackers are using Python to do their handiwork. Shouldn't you?
Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools—and how to build your own when the pre-built ones won't cut it.
You'll learn how to:
–Automate tedious reversing and security tasks
–Design and program your own debugger
–Learn how to fuzz Windows drivers and create powerful fuzzers from scratch
–Have fun with code and library injection, soft and hard hooking techniques, and other software trickery
–Sniff secure traffic out of an encrypted web browser session
–Use PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU, and more
The world's best hackers are using Python to do their handiwork. Shouldn't you?
Frequently bought together

- +
- +
Total price:
To see our price, add these items to your cart.
Some of these items ship sooner than the others.
Choose items to buy together.
Customers who viewed this item also viewed
Page 1 of 1 Start overPage 1 of 1
Editorial Reviews
About the Author
Justin Seitz is a senior security researcher for Immunity, Inc., where he spends his time bug hunting, reverse engineering, writing exploits, and coding Python. He is the author of Black Hat Python (No Starch Press).
Start reading Gray Hat Python on your Kindle in under a minute.
Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.
Don't have a Kindle? Get your Kindle here, or download a FREE Kindle Reading App.
Product details
- Publisher : No Starch Press; Combined edition (April 15, 2009)
- Language : English
- Paperback : 232 pages
- ISBN-10 : 1593271921
- ISBN-13 : 978-1593271923
- Item Weight : 14.7 ounces
- Dimensions : 7.06 x 0.49 x 9.31 inches
- Best Sellers Rank: #196,040 in Books (See Top 100 in Books)
- #79 in Computer Viruses
- #197 in Computer Networking (Books)
- #214 in Computer Network Security
- Customer Reviews:
About the author
Follow authors to get new release updates, plus improved recommendations.

Discover more of the author’s books, see similar authors, read author blogs and more
Customer reviews
4.1 out of 5 stars
4.1 out of 5
100 global ratings
How customer reviews and ratings work
Customer Reviews, including Product Star Ratings help customers to learn more about the product and decide whether it is the right product for them.
To calculate the overall star rating and percentage breakdown by star, we don’t use a simple average. Instead, our system considers things like how recent a review is and if the reviewer bought the item on Amazon. It also analyzed reviews to verify trustworthiness.
Learn more how customers reviews work on Amazon
Top reviews
Top reviews from the United States
There was a problem filtering reviews right now. Please try again later.
Reviewed in the United States on February 8, 2017
35 people found this helpful
Report abuse
Reviewed in the United States on July 23, 2020
The title is fairly accurate - for hackers and reverse engineers. To be more accurate, it is mostly about reverse engineering in windows using Python2. I am by no means a security guy and to me most of the chapters are devoted to how to write windows system calls in python. Before I made the purchase, I read other people's comments and was hoping to learn some general techniques for building my own tools. However, this book is very much concentrated on reverse engineering so if you are not into this do not buy this book.
As others have pointed out, this book is dated. Code is in python2. pydbg is not updated in more than 10 years. Immunity debugger is still being maintained but getting a copy requires personal information which I do not want to provide. IDA pro is also hard to get. The concepts are still relevant though. You will definitely learn some concepts about security. At least for me I now know what hackers use debuggers for.
As others have pointed out, this book is dated. Code is in python2. pydbg is not updated in more than 10 years. Immunity debugger is still being maintained but getting a copy requires personal information which I do not want to provide. IDA pro is also hard to get. The concepts are still relevant though. You will definitely learn some concepts about security. At least for me I now know what hackers use debuggers for.
One person found this helpful
Report abuse
Reviewed in the United States on April 6, 2021
The code in the book is a little outdated. Who codes in python 2.5 anymore. It was easy enough to modify to work with python 2.7. Good information, still working on finishing, but keep having to modify the code presented in the book. Some updates on the website. Would have not spent the money on this title had I googled it first. Found several free pdf versions, easily.
One person found this helpful
Report abuse
Reviewed in the United States on July 4, 2019
Useful if you traveled back in time 10 years.
5 people found this helpful
Report abuse
Reviewed in the United States on June 11, 2009
I am always interested in Gray Hat or even Black Hat information. And, as with any of my reviews, my philosophy is this: I'll cut a book a lot of slack if I can learn something from it. That's the point of reading a book, after all. Yes, errors here and there, yada yada can be whined about and what have you, but it's the information we are really paying for.
That being said, I found this book to be a very interesting read. It took my mind to uses of Python that I had truly never considered before!
It is in my opinion not for someone learning Python. Also, if you already have an understanding of some of the internals of computing, you'll get more out of the book. Worst case, though, it will show you areas where you might want to partake of further study.
You are not going to learn anything "subversive" in this book. But, with what you learn in this book, and your imagination, you could certainly come up with something of that ilk.
If you're into hacking ( in the broad definition of the term: to really learn everything you can about the machine, etc. ), you'll enjoy this book. If you're just looking for recipes, or "script kiddie" stuff, you'll be disappointed.
I recommend the book.
That being said, I found this book to be a very interesting read. It took my mind to uses of Python that I had truly never considered before!
It is in my opinion not for someone learning Python. Also, if you already have an understanding of some of the internals of computing, you'll get more out of the book. Worst case, though, it will show you areas where you might want to partake of further study.
You are not going to learn anything "subversive" in this book. But, with what you learn in this book, and your imagination, you could certainly come up with something of that ilk.
If you're into hacking ( in the broad definition of the term: to really learn everything you can about the machine, etc. ), you'll enjoy this book. If you're just looking for recipes, or "script kiddie" stuff, you'll be disappointed.
I recommend the book.
8 people found this helpful
Report abuse
Reviewed in the United States on July 13, 2019
Great book, I was nervous about python 2 to 3 etc... But python 3 uses most if not all the python 2 libraries now. So the only difference is really the print statement. Not worth worrying about.
2 people found this helpful
Report abuse
Reviewed in the United States on March 10, 2011
I purchased this book as an attempt to learn more about debugging and hacking using Python.
The content itself is good. It's well organized and very clear, even for someone like me who is a self-taught programmer with ~1 year of Python experience. Perusing Chapters 2 and 3 should bring anyone up to speed on debuggers. The remaining chapters do a nice job of explaining various Python tools to use in hacking and reverse engineering.
Unfortunately, the code fragments in Chapter 3 (where you build your own debugger in Python) could best be described as a disaster. I expect a programming book's code to run without extensive tweaks. I don't need it to be the most Pythonic code in the world ... just generate the expected results. Given the importance of Chapter 3 to your understanding of a good portion of the book, these errors were a killer.
Given that the code required extensive fixes to run as intended, the errata (now on No Starch Press's website) was delayed by at least a year from publishing, and there was no forum on No Starch Press's website to pass errata around in the meantime, the book loses 2 stars.
The lesson: if you're going to publish a programming book, get the code right. Absent the ability to do so, at least support your book's readers in working around the issues.
Edit: Sorry, wanted to point out one more thing. For Chapter 3, the code on the website's source files don't always match the code walked through in the book, even on parts of the code that are fully functioning. Your best bet is to start with the code on the website and debug that.
The content itself is good. It's well organized and very clear, even for someone like me who is a self-taught programmer with ~1 year of Python experience. Perusing Chapters 2 and 3 should bring anyone up to speed on debuggers. The remaining chapters do a nice job of explaining various Python tools to use in hacking and reverse engineering.
Unfortunately, the code fragments in Chapter 3 (where you build your own debugger in Python) could best be described as a disaster. I expect a programming book's code to run without extensive tweaks. I don't need it to be the most Pythonic code in the world ... just generate the expected results. Given the importance of Chapter 3 to your understanding of a good portion of the book, these errors were a killer.
Given that the code required extensive fixes to run as intended, the errata (now on No Starch Press's website) was delayed by at least a year from publishing, and there was no forum on No Starch Press's website to pass errata around in the meantime, the book loses 2 stars.
The lesson: if you're going to publish a programming book, get the code right. Absent the ability to do so, at least support your book's readers in working around the issues.
Edit: Sorry, wanted to point out one more thing. For Chapter 3, the code on the website's source files don't always match the code walked through in the book, even on parts of the code that are fully functioning. Your best bet is to start with the code on the website and debug that.
19 people found this helpful
Report abuse
Top reviews from other countries
David Forster
1.0 out of 5 stars
Out of date
Reviewed in the United Kingdom on June 17, 2021
It requires windows 32bit. Not good for windows 64bit
Ronald G. Cufley
5.0 out of 5 stars
Not for the faint-hearted
Reviewed in the United Kingdom on January 16, 2015
Full of useful ideas - completely explained but requires full concentration to keep up.
C.B
2.0 out of 5 stars
Warn: Book is based around Windows
Reviewed in Canada on August 19, 2018
Chapter 2 was great - an overview of how CPUs, registers and debugging works. I really enjoyed this chapter.
Then I turned to chapter 3.
I flicked through the rest of the book. It's entirely based around Windows reverse engineering. I'm not a windows guy - I'm a Linux guy. I was expecting so much more from this book.
Complete description fail. Even on the cover (same with it's Amazon description) this book only made one mention to Windows. I didn't expect the whole book to be based around Windows. What a waste of money for me.
I'm incredibly disappointed. If I hadn't waited a few months to start reading the book I'd have returned it.
I gave it 2 stars just because Chapter 2 was incredibly useful + enjoyable.
Then I turned to chapter 3.
I flicked through the rest of the book. It's entirely based around Windows reverse engineering. I'm not a windows guy - I'm a Linux guy. I was expecting so much more from this book.
Complete description fail. Even on the cover (same with it's Amazon description) this book only made one mention to Windows. I didn't expect the whole book to be based around Windows. What a waste of money for me.
I'm incredibly disappointed. If I hadn't waited a few months to start reading the book I'd have returned it.
I gave it 2 stars just because Chapter 2 was incredibly useful + enjoyable.
2 people found this helpful
Report abuse
Davide Rinaldi
4.0 out of 5 stars
Una "vecchia" pietra miliare
Reviewed in Italy on April 30, 2015
Il libro è validissimo e resta una pietra miliare per tutti coloro che desiderino arrivare nel cuore dei programmi e dei microprocessori. L'autore spiega il debugging mediante la realizzazione di un debugger scritto in linguaggio Python: l'approccio è geniale. La vera pecca è che il libro è stato scritto in un periodo storico nel quale l'informatica era costituita da sistemi a 32 bit, pertanto la sua comprensione, e soprattutto l'effettiva implementazione, richiedono uno sforzo personale per l'adattamento a 64 bit (Python x64, implementazione di thread context per processori x64, etc. etc.). In definitiva, visto il pubblico a cui è destinato il libro, direi che il problema citato debba essere visto in chiave di sfida.
Oliver S.
4.0 out of 5 stars
Thorough explanation
Reviewed in Germany on December 11, 2010
The book in general focuses a bit too much on Immunity Debugger and its Python features. This is pretty cool though, as I'm always thrilled to learn new things, but it leaves you nevertheless with some questions if you don't have those handy libraries available that come with Immunity Debugger. And sometimes a reverse engineer has to use what is available. I mainly bought the book in the hope that IDAPython will be discussed and indeed one chapter is dedicated to it.
The author knows what he's writing about, so all in all worth its money. Something for every reverse engineer's bookshelf.
*thumbs up*
The author knows what he's writing about, so all in all worth its money. Something for every reverse engineer's bookshelf.
*thumbs up*








