did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

did-you-know? rent-now

Amazon no longer offers textbook rentals. We do!

We're the #1 textbook rental company. Let us show you why.

9781593271923

Gray Hat Python Python Programming for Hackers and Reverse Engineers

by
  • ISBN13:

    9781593271923

  • ISBN10:

    1593271921

  • Format: Paperback
  • Copyright: 2009-04-15
  • Publisher: No Starch Press

Note: Supplemental materials are not guaranteed with Rental or Used book purchases.

Purchase Benefits

  • Free Shipping Icon Free Shipping On Orders Over $35!
    Your order must be $35 or more to qualify for free economy shipping. Bulk sales, PO's, Marketplace items, eBooks and apparel do not qualify for this offer.
  • eCampus.com Logo Get Rewarded for Ordering Your Textbooks! Enroll Now
  • Write a Review Icon Write a Review
List Price: $39.95 Save up to $9.99
  • Buy Used
    $29.96
    Add to Cart

    USUALLY SHIPS IN 2-4 BUSINESS DAYS

Supplemental Materials

What is included with this book?

Summary

Python is the high-level language of choice for hacking, vulnerability discovery, and security research. Gray Hat Python, the first Python book written for advanced security analysts, explains the intricacies of using Python to assist in a range of security analysis tasks. Readers learn how to design and program their own debuggers, create powerful fuzzers, utilize open source libraries to automate tedious tasks, and interface with commercial and non-commercial security tools. Gray Hat Python covers everything from the nuts and bolts of how to use the language for basic code and DLL injection to using Python to analyze binaries and disassemble software. It also discusses a variety of open source Python tools (such as PyDbg, PaiMei, PyEmu, Sulley, and Immunity Debugger) and how to extend them. Fundamentally a security book, Gray Hat Python reveals just how superior the Python language is when it comes to hacking, reverse engineering, malware analysis and software testing.

Author Biography

Justin Seitz is a Senior Security Researcher for Immunity, Inc., where he spends his time bug hunting, reverse engineering, writing exploits, and coding Python.

Table of Contents

Forewordp. xiii
Acknowledgmentsp. xvii
Introductionp. xix
Setting up Your Development Environmentp. 1
Operating System Requirementsp. 2
Obtaining and Installing Python 2.5p. 2
Installing Python on Windowsp. 2
Installing Python for Linuxp. 3
Setting Up Eclipse and PyDevp. 4
The Hacker's Best Friend: ctypesp. 5
Using Dynamic Librariesp. 6
Constructing C Datatypesp. 8
Passing Parameters by Referencep. 9
Defining Structures and Unionsp. 9
Debuggers and Debugger Designp. 13
General-Purpose CPU Registersp. 14
The Stackp. 16
Debug Eventsp. 18
Breakpointsp. 18
Soft Breakpointsp. 19
Hardware Breakpointsp. 21
Memory Breakpointsp. 23
Building A Windows Debuggerp. 25
Debuggee, Where Art Thou?p. 25
Obtaining CPU Register Statep. 33
Thread Enumerationp. 33
Putting It All Togetherp. 35
Implementing Debug Event Handlersp. 39
The Almighty Breakpointp. 43
Soft Breakpointsp. 43
Hardware Breakpointsp. 47
Memory Breakpointsp. 52
Conclusionp. 55
Pydbg-A Pure Python Windows Debuggerp. 57
Extending Breakpoint Handlersp. 58
Access Violation Handlersp. 60
Process Snapshotsp. 63
Obtaining Process Snapshotsp. 63
Putting It All Togetherp. 65
Immunity Debugger-The Best Of Both Worldsp. 69
Installing Immunity Debuggerp. 70
Immunity Debugger 101p. 70
PyCommandsp. 71
PyHooksp. 71
Exploit Developmentp. 73
Finding Exploit-Friendly Instructionsp. 73
Bad-Character Filteringp. 75
Bypassing DEP on Windowsp. 77
Defeating Anti-Debugging Routines in Malwarep. 81
IsDebuggerPresentp. 81
Defeating Process Iterationp. 82
Hookingp. 85
Soft Hooking with PyDbgp. 86
Hard Hooking with Immunity Debuggerp. 90
DLL and Code Injectionp. 97
Remote Thread Creationp. 98
DLL Injectionp. 99
Code Injectionp. 101
Getting Evilp. 104
File Hidingp. 104
Coding the Backdoorp. 105
Compiling with py2exep. 108
Fuzzingp. 111
Bug Classesp. 112
Buffer Overflowsp. 112
Integer Overflowsp. 113
Format String Attacksp. 114
File Fuzzerp. 115
Future Considerationsp. 122
Code Coveragep. 122
Automated Static Analysisp. 122
Sulleyp. 123
Sulley Installationp. 124
Sulley Primitivesp. 125
Stringsp. 125
Delimitersp. 125
Static and Random Primitivesp. 126
Binary Datap. 126
Integersp. 126
Blocks and Groupsp. 127
Slaying WarFTPD with Sulleyp. 129
FTP 101p. 129
Creating the FTP Protocol Skeletonp. 130
Sulley Sessionsp. 131
Network and Process Monitoringp. 132
Fuzzing and the Sulley Web Interfacep. 133
Fuzzing Windows Driversp. 137
Driver Communicationp. 138
Driver Fuzzing with Immunity Debuggerp. 139
Driverlib-The Static Analysis Tool for Driversp. 142
Discovering Device Namesp. 143
Finding the IOCTL Dispatch Routinep. 144
Determining Supported IOCTL Codesp. 145
Building a Driver Fuzzerp. 147
Idapython-Scripting Ida Prop. 153
IDAPython Installationp. 154
IDAPython Functionsp. 155
Utility Functionsp. 155
Segmentsp. 155
Functionsp. 156
Cross-Referencesp. 156
Debugger Hooksp. 157
Example Scriptsp. 158
Finding Dangerous Function Cross-Referencesp. 158
Function Code Coveragep. 160
Calculating Stack Sizep. 161
Pyemu-The Scriptable Emulatorp. 163
Installing PyEmup. 164
PyEmu Overviewp. 164
PyCPUp. 164
PyMemoryp. 165
PyEmup. 165
Executionp. 165
Memory and Register Modifiersp. 165
Handlersp. 166
IDAPyEmup. 171
Function Emulationp. 172
PEPyEmup. 175
Executable Packersp. 176
UPX Packerp. 176
Unpacking UPX with PEPyEmup. 177
Indexp. 183
Table of Contents provided by Ingram. All Rights Reserved.

Supplemental Materials

What is included with this book?

The New copy of this book will include any supplemental materials advertised. Please check the title of the book to determine if it should include any access cards, study guides, lab manuals, CDs, etc.

The Used, Rental and eBook copies of this book are not guaranteed to include any supplemental materials. Typically, only the book itself is included. This is true even if the title states it includes any access cards, study guides, lab manuals, CDs, etc.

Rewards Program