Book Review: Black Hat Python: Python Programming for Hackers and Pentesters

bhp cover
no starch press

Black Hat Python is a clear winner in the field of books for security professionals. Written for people who want to move into the hacking and penetration testing fields and fully understand what they're doing, this book will challenge readers to quickly come up to speed not just on how hackers work, but how to build their own tools. It contains plenty of examples that show exactly what one needs to do with code that builds on itself as you grow in skill, plus plenty of introductory material. Most chapters also include a "Kicking the Tires" section on putting the new tools to use. If you read this book cover-to-cover, you won't come to the end of it without a deep understanding of how your systems work, why hacking is possible, and how you can build your own hacking and security testing tools with Python and add-on tools.

Just imagine yourself using Python for ...

  • doing network analysis
  • writing your own sniffer
  • manipulating packets
  • infecting virtual machines
  • going against application-layer targets
  • writing stealthy trojans
  • extending the popular Burp (security testing of web applications) Suite
  • detecting sandboxing and automating keylogging screenshotting
  • stealing email credentials and password hashes
  • injecting shellcode into a virtual machines
  • escalating your privileges on a Windows system
  • performing ARP poisoning
  • exfiltrating data

The book contains enough explanatory material and comments within the code that you will gain tremendous insight into what you can do with everything you will learn and some solid Python scripting know-how. I am definitely surprised at the level of expertise that has been provided in this book's less than 200 pages. Even if you get to the end without building tools of your own, you'll at least understand how others do that. And, if you work hard at following along, you're bound to find that your skills and insight have improved dramatically.

While this is an amazing book with extremely valuable insights, I would not suggest it for anyone who has never programmed/scripted before. It's also not one of those books that you can pick up and read a few pages when you want to find an answer to a troubling issue. Instead, it will take some amount of determined attention. To get the full benefit, you should jump in, set up your Kali Linux system as the book suggests, and follow the examples step by step. Even if you've been working in the information security field for years, you are likely to find that the experience will leave you with a deeper understanding than you ever imagined possible.

The author, Justin Seitz, is a senior security researcher for Immunity, Inc. and obviously knows his stuff. He is also the author of Gray Hat Python (no starch press, 2009).

If you're truly interested in information security, Python is the language to learn and this book should be added to your library. And, by the way, you can download the code samples from the book if you go to the no starch press site

Here's the Table of Contents in case you're still not convinced you want this book.

1  Setting Up Your Python Environment
   Installing Kali Linux
2  The Network: Basics
   Python Networking in a Paragraph
   TCP Client
   UDP Client
   TCP Server
   Replacing Netcat
      Kicking the Tires
   Building a TCP Proxy
      Kicking the Tires
   SSH with Paramiko
      Kicking the Tires
   SSH Tunneling 
      Kicking the Tires
3  The Network: Raw Sockets and Sniffing
   Building a UDP Host Discovery Tool
   Packet Sniffing on Windows and Linux
      Kicking the Tires
   Decoding the IP Layer
      Kicking the Tires
   Decoding ICMP 
      Kicking the Tires
4  Owning the Network with Scapy
   Stealing Email Credentials
      Kicking the Tires
   ARP Cache Poisoning with Scapy
      Kicking the Tires
   PCAP Processing
      Kicking the Tires
5  Web Hackery
   The Socket Library of the Web: urllib2
   Mapping Open Source Web App Installations
      Kicking the Tires
   Brute-Forcing Directories and File Locations
      Kicking the Tires
   Brute-Forcing HTML Form Authentication 
      Kicking the Tires
6  Extending Burp Proxy 
   Setting Up
   Burp Fuzzing
      Kicking the Tires
   Bing for Burp
      Kicking the Tires
   Turning Website Content into Password Gold
      Kicking the Tires
7  GitHub Command and Control
   Setting Up a GitHub Account
   Creating Modules
   Trojan Configuration
   Building a GitHub-Aware Trojan
      Hacking Python’s import Functionality
      Kicking the Tires
8  Common Trojaning Tasks on Windows
   Keylogging for Fun and Keystrokes
      Kicking the Tires
   Taking Screenshots
   Pythonic Shellcode Execution
      Kicking the Tires
   Sandbox Detection
9  Fun with Internet Explorer
   Man-in-the-Browser (Kind Of)
      Creating the Server
      Kicking the Tires
   IE COM Automation for Exfiltration
      Kicking the Tires
10 Windows Privilege Escalation
   Installing the Prerequisites
   Creating a Process Monitor
      Process Monitoring with WMI
      Kicking the Tires
   Windows Token Privileges
   Winning the Race
      Kicking the Tires
   Code Injection
      Kicking the Tires
11 Automating Offensive Forensics
   Grabbing Password Hashes
   Direct Code Injection
      Kicking the Tires

Whether you're interested in becoming a serious hacker/penetration tester or just want to know how they work, this book is one you need to read. Intense, technically sound, and eye-opening, it could be a good investment in your professional development.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Take IDG’s 2020 IT Salary Survey: You’ll provide important data and have a chance to win $500.