Gray Hat Python Python Programming for Hackers and Reverse Engineers

Name: Gray Hat Python Python Programming for Hackers and Reverse Engineers
Price: 4.6 USD
Availability: InStock
ISBN: 9781593271923

ISBN-10: 1593271921

ISBN-13: 9781593271923

Edition: 2009

Authors: Justin Seitz

List price: $39.95

30 day, 100% satisfaction guarantee!

Buy new: $31.94

Marketplace

5 new & used from $4.60

what's this?

Rush Rewards U
Members Receive:

You have reached 400 XP and carrot coins. That is the daily max!

Description:

Python is the high-level language of choice for hacking, vulnerability discovery, and security research. Gray Hat Python, the first Python book written for advanced security analysts, explains the intricacies of using Python to assist in a range of security analysis tasks. Readers learn how to design and program their own debuggers, create powerful fuzzers, utilize open source libraries to automate tedious tasks, and interface with commercial and non-commercial security tools. Gray Hat Python covers everything from the nuts and bolts of how to use the language for basic code and DLL injection to using Python to analyze binaries and disassemble software. It also discusses a variety of open…

Book details

List price: $39.95
Copyright year: 2009
Publisher: No Starch Press, Incorporated
Publication date: 4/15/2009
Binding: Paperback
Pages: 216
Size: 7.00" wide x 9.20" long x 0.52" tall
Weight: 0.924
Language: English

Matthew Gast is the director of product management at Aerohive Networks, responsible for the software that powers Aerohive's networking devices. He has been active within the Wi-Fi community, serving as the chair of both security task groups at the Wi-Fi Alliance, where he leads efforts to extend the Wi-Fi Protected Access (WPA) certification to incorporate newly developed security technologies and drive adoption of the strongest forms of security by network administrators. He also led the Wi-Fi Alliance's Wireless Network Management marketing task group's investigation of certification requirements for new power-saving technologies. Matthew is also the past chair of the task group that…



Foreword



Acknowledgments


Introduction



Setting up Your Development Environment



Operating System Requirements



Obtaining and Installing Python 2.5



Installing Python on Windows



Installing Python for Linux



Setting Up Eclipse and PyDev



The Hacker's Best Friend: ctypes



Using Dynamic Libraries



Constructing C Datatypes



Passing Parameters by Reference



Defining Structures and Unions



Debuggers and Debugger Design



General-Purpose CPU Registers



The Stack



Debug Events



Breakpoints



Soft Breakpoints



Hardware Breakpoints



Memory Breakpoints



Building A Windows Debugger



Debuggee, Where Art Thou?



Obtaining CPU Register State



Thread Enumeration



Putting It All Together



Implementing Debug Event Handlers



The Almighty Breakpoint



Soft Breakpoints



Hardware Breakpoints



Memory Breakpoints



Conclusion



Pydbg-A Pure Python Windows Debugger



Extending Breakpoint Handlers



Access Violation Handlers



Process Snapshots



Obtaining Process Snapshots



Putting It All Together



Immunity Debugger-The Best Of Both Worlds



Installing Immunity Debugger



Immunity Debugger 101



PyCommands



PyHooks



Exploit Development



Finding Exploit-Friendly Instructions



Bad-Character Filtering



Bypassing DEP on Windows



Defeating Anti-Debugging Routines in Malware



IsDebuggerPresent



Defeating Process Iteration



Hooking



Soft Hooking with PyDbg



Hard Hooking with Immunity Debugger



DLL and Code Injection



Remote Thread Creation



DLL Injection



Code Injection



Getting Evil



File Hiding



Coding the Backdoor



Compiling with py2exe



Fuzzing



Bug Classes



Buffer Overflows



Integer Overflows



Format String Attacks



File Fuzzer



Future Considerations



Code Coverage



Automated Static Analysis



Sulley



Sulley Installation



Sulley Primitives



Strings



Delimiters



Static and Random Primitives



Binary Data



Integers



Blocks and Groups



Slaying WarFTPD with Sulley



FTP 101



Creating the FTP Protocol Skeleton



Sulley Sessions



Network and Process Monitoring



Fuzzing and the Sulley Web Interface



Fuzzing Windows Drivers



Driver Communication



Driver Fuzzing with Immunity Debugger



Driverlib-The Static Analysis Tool for Drivers



Discovering Device Names



Finding the IOCTL Dispatch Routine



Determining Supported IOCTL Codes



Building a Driver Fuzzer



Idapython-Scripting Ida Pro



IDAPython Installation



IDAPython Functions



Utility Functions



Segments



Functions



Cross-References



Debugger Hooks



Example Scripts



Finding Dangerous Function Cross-References



Function Code Coverage



Calculating Stack Size



Pyemu-The Scriptable Emulator



Installing PyEmu



PyEmu Overview



PyCPU



PyMemory



PyEmu



Execution



Memory and Register Modifiers



Handlers



IDAPyEmu



Function Emulation



PEPyEmu



Executable Packers



UPX Packer



Unpacking UPX with PEPyEmu


Index