Black Hat Python : Python Programming for Hackers and Pentesters, 2/e

Seitz, Justin, Arnold, Tim

買這商品的人也買了...

商品描述

Fully-updated, second edition of this worldwide bestseller with over 100,000 copies sold.

When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. In Black Hat Python, 2nd Edition, you'll explore the darker side of Python's capabilities--writing network sniffers, stealing email credentials, brute forcing directories, crafting mutation fuzzers, infecting virtual machines, creating stealthy trojans, and more.

The second edition of this bestselling hacking book contains code updated for the latest version of Python 3, as well as new techniques that reflect current industry best practices. You'll also find expanded explanations of Python libraries such as ctypes, struct, lxml, and BeautifulSoup, and dig deeper into strategies, from splitting bytes to leveraging computer-vision libraries, that you can apply to future hacking projects.

You'll learn how to:

- Create a trojan command-and-control using GitHub
- Detect sandboxing and automate common malware tasks, like keylogging and screenshotting
- Escalate Windows privileges with creative process control
- Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine
- Extend the popular Burp Suite web-hacking tool
- Abuse Windows COM automation to perform a man-in-the-browser attack
- Exfiltrate data from a network most sneakily
When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how with the second edition of Black Hat Python.

New to this edition
All Python code has been updated to cover Python 3 and includes updated libraries used in current Python applications. Additionally, there are more in-depth explanations of the code and the programming techniques have been updated to current, common tactics. Examples of new material that you'll learn include how to sniff network traffic, evade anti-virus software, brute-force web applications, and set up a command-and-control (C2) system using GitHub.

商品描述(中文翻譯)

這本全球暢銷書的第二版已經完全更新,已售出超過10萬本。

當談到創建強大而有效的駭客工具時,Python是大多數安全分析師的首選語言。在《黑帽Python,第二版》中,您將探索Python能力的黑暗面,包括編寫網絡嗅探器、竊取電子郵件憑據、強制破解目錄、創建突變模糊器、感染虛擬機器、創建隱蔽的特洛伊木馬等等。

這本暢銷的駭客書籍第二版包含了更新為最新的Python 3版本的代碼,以及反映當前行業最佳實踐的新技術。您還將找到對Python庫(如ctypes、struct、lxml和BeautifulSoup)的詳細解釋,並深入探討策略,從分割字節到利用計算機視覺庫,這些策略可以應用於未來的駭客項目。

您將學習如何:

- 使用GitHub創建特洛伊木馬命令和控制
- 檢測沙箱並自動執行常見的惡意軟件任務,如按鍵記錄和截圖
- 通過創造性的進程控制提升Windows特權
- 使用攻擊性內存取證技巧檢索密碼哈希並將shellcode注入虛擬機器
- 擴展流行的Burp Suite網絡駭客工具
- 濫用Windows COM自動化執行瀏覽器中間人攻擊
- 最隱密地從網絡中洩露數據

在進攻性安全方面,您能夠即時創建強大的工具是不可或缺的。請通過《黑帽Python》第二版學習如何做到這一點。

本版的新增內容包括:
- 所有Python代碼已更新為覆蓋Python 3,並包括當前Python應用程序中使用的更新庫。
- 此外,對代碼的解釋更加詳細,並且編程技術已更新為當前常用的策略。
- 您將學習的新材料示例包括如何嗅探網絡流量、逃避防病毒軟件、強制破解Web應用程序以及使用GitHub設置命令和控制(C2)系統。

作者簡介

Justin Seitz is the president and co-founder of Dark River Systems Inc., where he spends his time shipping Hunchly (https: //www.hunch.ly), consulting for hedge funds and doing OSINT research. He is the author of Gray Hat Python (No Starch Press), the first book to cover Python for security analysis.

Tim Arnold has worked as a professional Python software developer at the SAS Institute for more than 20 years. He contributes to several open source software projects and volunteers as a hacking trainer in his local community.

作者簡介(中文翻譯)

Justin Seitz是Dark River Systems Inc.的總裁兼共同創辦人,他在那裡花時間開發Hunchly(https://www.hunch.ly),為對沖基金提供諮詢並進行開放源情報(OSINT)研究。他是《Gray Hat Python》(No Starch Press)的作者,這是第一本介紹Python用於安全分析的書籍。

Tim Arnold在SAS Institute擔任專業Python軟體開發人員已超過20年。他為多個開放源軟體專案做出貢獻,並在當地社區擔任駭客培訓師的志願者。