Foreword by Charlie Miller
Chapter 1: Setting up Your Python Environment
Chapter 2: Basic Networking Tools
Chapter 3: Writing a Sniffer
Chapter 4: Owning the Network with Scapy
Chapter 5: Web Hackery
Chapter 6: Extending Burp Proxy
Chapter 7: GitHub Command and Control
Chapter 8: Common Trojaning Tasks on Windows
Chapter 9: Fun with Exfiltration
Chapter 10: Windows Privilege Escalation
Chapter 11: Offensive Forensics
Black Hat Python, 2nd Edition
When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. In Black Hat Python, 2nd Edition, you’ll explore the darker side of Python’s capabilities—writing network sniffers, stealing email credentials, brute forcing directories, crafting mutation fuzzers, infecting virtual machines, creating stealthy trojans, and more.
The second edition of this bestselling hacking book contains code updated for the latest version of Python 3, as well as new techniques that reflect current industry best practices. You’ll also find expanded explanations of Python libraries such as ctypes, struct, lxml, and BeautifulSoup, and dig deeper into strategies, from splitting bytes to leveraging computer-vision libraries, that you can apply to future hacking projects.
You’ll learn how to:
- Create a trojan command-and-control using GitHub
- Detect sandboxing and automate common malware tasks, like keylogging and screenshotting
- Escalate Windows privileges with creative process control
- Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine
- Extend the popular Burp Suite web-hacking tool
- Abuse Windows COM automation to perform a man-in-the-browser attack
- Exfiltrate data from a network most sneakily
When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how with the second edition of Black Hat Python.
Foreword by Charlie Miller
“Black Hat Python is a fun read written by experts with years of experience who are willing to share the secrets they have learned along the way. While It might not immediately turn you into a super stunt hacker like me, it will certainly get you started down the correct path.”
(from the foreword)
—Charlie Miller, Security Researcher
Reviews of the first edition of Black Hat Python:
Selected by Cyber Defense Magazine as 1 of 100 Best CyberSecurity Books
"Another incredible Python book. With a minor tweak or two many of these programs will have at least a ten year shelf life, and that is rare for a security book."
—Stephen Northcutt, founding president of the SANS Technology Institute
"A great book using Python for offensive security purposes."
—Andrew Case, Volatility core developer and coauthor of The Art of Memory Forensics
"If you truly have a hacker’s mindset, a spark is all you need to make it your own and do something even more amazing. Justin Seitz offers plenty of sparks."
"Whether you're interested in becoming a serious hacker/penetration tester or just want to know how they work, this book is one you need to read. Intense, technically sound, and eye-opening."
—Sandra Henry-Stocker, IT World
"Definitely a recommended read for the technical security professional with some basic previous exposure to Python."
—Richard Austin, IEEE Cipher
"This book breaks down how to create powerful tools using Python like network sniffers or keyloggers. This book even goes over how to escalate privileges in Windows."
—Davin Jackson, Alpha Cyber Security, Books to Start Your Penetration Testing Journey