Black Hat Python

Python is still the dominant language in the world of information security, even
if the conversation about your language of choice sometimes looks more like a
religious war. Python-based tools include all manner of fuzzers, proxies, and
even the occasional exploit. Exploit frameworks like CANVAS are written in
Python as are more obscure tools like PyEmu or Sulley.
Just about every fuzzer or exploit I have written has been in Python. In fact, the
automotive hacking research that Chris Valasek and I recently performed
contained a library to inject CAN messages onto your automotive network using
Python!
If you are interested in tinkering with information security tasks, Python is a
great language to learn because of the large number of reverse engineering and
exploitation libraries available for your use. Now if only the Metasploit
developers would come to their senses and switch from Ruby to Python, our
community would be united.
In this new book, Justin covers a large range of topics that an enterprising young
hacker would need to get off the ground. He includes walkthroughs of how to
read and write network packets, how to sniff the network, as well as anything
you might need for web application auditing and attacking. He then spends
significant time diving into how to write code to address specifics with attacking
Windows systems. In general, Black Hat Python is a fun read, and while it might
not turn you into a super stunt hacker like myself, it can certainly get you started
down the path. Remember, the difference between script kiddies and
professionals is the difference between merely using other people’s tools and
writing your own.
Charlie Miller
St. Louis, Missouri
September 2014