Gray hat Python : Python programming for hackers and reverse engineers

Gray hat Python Python programming for hackers and reverse engineers

Python is the high-level language of choice for hacking, vulnerability discovery, and security research. Gray Hat Python , the first Python book written for advanced security analysts, explains the intricacies of using Python to assist in a range of security analysis tasks. Readers learn how to desi...

Descripción completa

Detalles Bibliográficos
Autor principal: Seitz, Justin (-)
Formato: Libro electrónico
Idioma:Inglés
Publicado: San Francisco : No Starch Press 2009.
Edición:1st edition
Materias:
Computer security.
Python (Computer program language)
Ver en Biblioteca Universitat Ramon Llull:https://discovery.url.edu/permalink/34CSUC_URL/1im36ta/alma991009627510606719
Tabla de Contenidos:
  • Foreword; Acknowledgments; Introduction; 1: Setting Up Your Development Environment; 1.1 Operating System Requirements; 1.2 Obtaining and Installing Python 2.5; 1.2.1 Installing Python on Windows; 1.2.2 Installing Python for Linux; 1.3 Setting Up Eclipse and PyDev; 1.3.1 The Hacker's Best Friend: ctypes; 1.3.2 Using Dynamic Libraries; 1.3.3 Constructing C Datatypes; 1.3.4 Passing Parameters by Reference; 1.3.5 Defining Structures and Unions; 2: Debuggers and Debugger Design; 2.1 General-Purpose CPU Registers; 2.2 The Stack; 2.3 Debug Events; 2.4 Breakpoints; 2.4.1 Soft Breakpoints
  • 2.4.2 Hardware Breakpoints2.4.3 Memory Breakpoints; 3: Building a Windows Debugger; 3.1 Debuggee, Where Art Thou?; 3.2 Obtaining CPU Register State; 3.2.1 Thread Enumeration; 3.2.2 Putting It All Together; 3.3 Implementing Debug Event Handlers; 3.4 The Almighty Breakpoint; 3.4.1 Soft Breakpoints; 3.4.2 Hardware Breakpoints; 3.4.3 Memory Breakpoints; 3.5 Conclusion; 4: PyDbg
  • A Pure Python Windows Debugger; 4.1 Extending Breakpoint Handlers; 4.2 Access Violation Handlers; 4.3 Process Snapshots; 4.3.1 Obtaining Process Snapshots; 4.3.2 Putting It All Together
  • 5: Immunity Debugger
  • The Best of Both Worlds5.1 Installing Immunity Debugger; 5.2 Immunity Debugger 101; 5.2.1 PyCommands; 5.2.2 PyHooks; 5.3 Exploit Development; 5.3.1 Finding Exploit-Friendly Instructions; 5.3.2 Bad-Character Filtering; 5.3.3 Bypassing DEP on Windows; 5.4 Defeating Anti-Debugging Routines in Malware; 5.4.1 IsDebuggerPresent; 5.4.2 Defeating Process Iteration; 6: Hooking; 6.1 Soft Hooking with PyDbg; 6.2 Hard Hooking with Immunity Debugger; 7: DLL and Code Injection; 7.1 Remote Thread Creation; 7.1.1 DLL Injection; 7.1.2 Code Injection; 7.2 Getting Evil; 7.2.1 File Hiding
  • 7.2.2 Coding the Backdoor7.2.3 Compiling with py2exe; 8: Fuzzing; 8.1 Bug Classes; 8.1.1 Buffer Overflows; 8.1.2 Integer Overflows; 8.1.3 Format String Attacks; 8.2 File Fuzzer; 8.3 Future Considerations; 8.3.1 Code Coverage; 8.3.2 Automated Static Analysis; 9: Sulley; 9.1 Sulley Installation; 9.2 Sulley Primitives; 9.2.1 Strings; 9.2.2 Delimiters; 9.2.3 Static and Random Primitives; 9.2.4 Binary Data; 9.2.5 Integers; 9.2.6 Blocks and Groups; 9.3 Slaying WarFTPD with Sulley; 9.3.1 FTP 101; 9.3.2 Creating the FTP Protocol Skeleton; 9.3.3 Sulley Sessions; 9.3.4 Network and Process Monitoring
  • 9.3.5 Fuzzing and the Sulley Web Interface10: Fuzzing Windows Drivers; 10.1 Driver Communication; 10.2 Driver Fuzzing with Immunity Debugger; 10.3 Driverlib-The Static Analysis Tool for Drivers; 10.3.1 Discovering Device Names; 10.3.2 Finding the IOCTL Dispatch Routine; 10.3.3 Determining Supported IOCTL Codes; 10.4 Building a Driver Fuzzer; 11: IDAPython
  • Scripting IDA Pro; 11.1 IDAPython Installation; 11.2 IDAPython Functions; 11.2.1 Utility Functions; 11.2.2 Segments; 11.2.3 Functions; 11.2.4 Cross-References; 11.2.5 Debugger Hooks; 11.3 Example Scripts
  • 11.3.1 Finding Dangerous Function Cross-References

Ejemplares similares