What do you think?
Rate this book
Hacking mit Python: Fehlersuche, Programmanalyse, Reverse Engineering
Python wird mehr und mehr zur bevorzugten Programmiersprache von Hackern, Reverse Engineers und Softwaretestern, weil sie es einfach macht, schnell zu entwickeln. Gleichzeitig bietet Python die Low-Level-Unterstützung und die Bibliotheken, die Hacker glücklich machen. Hacking mit Python bietet eine umfassende Anleitung, wie man diese Sprache für eine Vielzahl von Hacking-Aufgaben nutzen kann. Das Buch erläutert die Konzepte hinter Hacking-Tools und -Techniken wie Debugger, Trojaner, Fuzzer und Emulatoren. Doch der Autor Justin Seitz geht über die Theorie hinaus und zeigt, wie man existierende Python-basierte Sicherheits-Tools nutzt - und wie man eigene entwickelt, wenn die vorhandenen nicht ausreichen. Sie lernen, wie - lästige Reverse Engineering- und Sicherheits-Aufgaben automatisiert - einen eigenen Debugger entwirft und programmiert - Windows-Treiber "fuzzed" und mächtige Fuzzer von Grund auf entwickelt - Code- und Library-Injection, Soft- und Hard-Hooks und andere Software-Tricks vornimmt - gesicherten Traffic aus einer verschlüsselten Webbrowser-Session erschnüffelt - PyDBG, Immunity Debugger, Sulley, IDAPython, PyEMU und andere Software nutzt Die weltbesten Hacker nutzen Python für ihre Arbeit. Warum nicht auch Sie?
216 pages, Paperback
First published August 1, 2008
68 people are currently reading
995 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 10 of 10 reviews
December 13, 2014
I really liked this book. If you are new to fuzzing, exploit development or Immunity Debugger or IDA Pro this book will be worth your time to check out. But, if you are already familiar with these topics, this book would be too introductory for you and I would probably skip it.
This book covers quite a bit of ground in its 181 pages. From debuggers, and fuzzers to emulation, each topic is introduced well enough that you will have good base knowledge to continue on from where the book ends.
In the first chapter, we get a Python refresher. I say refresher as this book does not attempt to teach you Python. While none of the Python in the book is particularly difficult, if you don't have a grasp of programming in general then I would highly recommend learning Python first. If you do know Python, this first section definitely shouldn't be skipped as it also introduces the ctypes library which is used extensively throughout the rest of the book.
The next three chapters in the book focus on debuggers. They cover a bit of debugger design, including as how to write a Windows debugger from scratch all in Python. Different types of breakpoints are introduced and you learn how each works at a low level. The book then introduces the PyDbg framework and finishes the debugger chapters by introducing the popular Immunity Debugger, which has Python scripting capabilities.
Moving on through the next few chapters, the book introduces us to function hooking and code injection. Both topics are given great explanations with plenty of code examples and uses, such as file hiding and backdoors. These two chapters also serve as a starting point for the following few chapters, introducing us to Fuzzing. Like the previous chapters, Justin Seitz walks us through creation of a fuzzer from scratch, before introducing us to the Sulley fuzzing framework. He then walks us through the construction of a simple network fuzzer to fuzz an FTP service. Our education in fuzzing ends with using the Immunity driverlib to fuzz a Windows driver.
This book covers quite a bit of ground in its 181 pages. From debuggers, and fuzzers to emulation, each topic is introduced well enough that you will have good base knowledge to continue on from where the book ends.
In the first chapter, we get a Python refresher. I say refresher as this book does not attempt to teach you Python. While none of the Python in the book is particularly difficult, if you don't have a grasp of programming in general then I would highly recommend learning Python first. If you do know Python, this first section definitely shouldn't be skipped as it also introduces the ctypes library which is used extensively throughout the rest of the book.
The next three chapters in the book focus on debuggers. They cover a bit of debugger design, including as how to write a Windows debugger from scratch all in Python. Different types of breakpoints are introduced and you learn how each works at a low level. The book then introduces the PyDbg framework and finishes the debugger chapters by introducing the popular Immunity Debugger, which has Python scripting capabilities.
Moving on through the next few chapters, the book introduces us to function hooking and code injection. Both topics are given great explanations with plenty of code examples and uses, such as file hiding and backdoors. These two chapters also serve as a starting point for the following few chapters, introducing us to Fuzzing. Like the previous chapters, Justin Seitz walks us through creation of a fuzzer from scratch, before introducing us to the Sulley fuzzing framework. He then walks us through the construction of a simple network fuzzer to fuzz an FTP service. Our education in fuzzing ends with using the Immunity driverlib to fuzz a Windows driver.
January 9, 2015
I thought it was certainly interesting but too short to do anything useful.
August 31, 2017
It was good but the Windows API functions were not supported in the newer functions of windows. Some of the modules and tools used are also almost obsolete, or not free.
Read
September 22, 2019Book focus on introducing python in reverse engineering / debug process and your target environment is Windows operation system.
February 23, 2015
Книга представляет из себя краткий обзор техник и инструментов для обратной инженерии с использованием Python. Могла бы послужить неплохим введением в предмет, если не учитывать некоторые моменты: 1. ориентирована она, прежде всего, на PE и Windows API; 2. не содержит введения в язык ассемблера; 3. последние главы, похоже, вымучены и повествование обрывается.
April 26, 2015
Would be a lot better if a good editor took a look at it.
A lot of the code has trivial errors... others are more trivial. Some have TODOs (including in the included sample code archive) and unfortunately a lot of the examples are 'stale' because they work only on Windows XP on a 32bit x86.
A lot of the code has trivial errors... others are more trivial. Some have TODOs (including in the included sample code archive) and unfortunately a lot of the examples are 'stale' because they work only on Windows XP on a 32bit x86.
September 6, 2014
Awesome book if you into reverse engineering!
Using python to clearly describe reverse techniques and principals.
Using python to clearly describe reverse techniques and principals.
Read
October 19, 2014Good for developing skills beyond completing just the first trivial buffer overflow.
August 2, 2016
Very Windows-centric.
Displaying 1 - 10 of 10 reviews