Enjoy fast, free delivery, exclusive deals, and award-winning movies & TV shows with Prime
Try Prime
and start saving today with fast, free delivery
Amazon Prime includes:
Fast, FREE Delivery is available to Prime members. To join, select "Try Amazon Prime and start saving today with Fast, FREE Delivery" below the Add to Cart button.
Amazon Prime members enjoy:- Cardmembers earn 5% Back at Amazon.com with a Prime Credit Card.
- Unlimited Free Two-Day Delivery
- Streaming of thousands of movies and TV shows with limited ads on Prime Video.
- A Kindle book to borrow for free each month - with no due dates
- Listen to over 2 million songs and hundreds of playlists
- Unlimited photo storage with anywhere access
Important: Your credit card will NOT be charged when you start your free trial or if you cancel during the trial period. If you're happy with Amazon Prime, do nothing. At the end of the free trial, your membership will automatically upgrade to a monthly membership.
-20% $39.90$39.90
Ships from: Amazon.com Sold by: Amazon.com
$24.07$24.07
Ships from: Amazon Sold by: Lifefood Books
Download the free Kindle app and start reading Kindle books instantly on your smartphone, tablet, or computer - no Kindle device required.
Read instantly on your browser with Kindle for Web.
Using your mobile phone camera - scan the code below and download the Kindle app.
OK
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers 1st Edition
Purchase options and add-ons
Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation. Instead of relying on another attacker’s tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus.
- Demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts
- Write code to intercept and analyze network traffic using Python. Craft and spoof wireless frames to attack wireless and Bluetooth devices
- Data-mine popular social media websites and evade modern anti-virus
- ISBN-109781597499576
- ISBN-13978-1597499576
- Edition1st
- PublisherSyngress
- Publication dateNovember 22, 2012
- LanguageEnglish
- Dimensions5.51 x 0.59 x 8.66 inches
- Print length288 pages
Frequently bought together
Similar items that may deliver to you quickly
Editorial Reviews
Review
"An information security specialist with the US Army, O'Connor introduces the hacker's programming language Python to new users, and describes some advanced features to those who already know it." --Reference and Research Book News, August 2013
"A quick glance at [the authors] collective credentials and experience undoubtedly creates high expectations for this title… The end result is that the book demonstrates how powerful just a few dozen lines of Python code can be… useful tips and tricks will surely be acquired simply by working through the exercises." --The Ethical Hacker Network, February 2013
"Violent Python is an excellent resource that develops and enhances a diverse set of security-related Python skills. The book also serves as a great reference, where recipes could be quickly implemented to address specific issues as they arise. Readers who are actively working in an InfoSec position will likely be able to put their newly acquired skills to use immediately, and those looking to break into the field will acquire skills that differentiate themselves from others who are dependent on prebuilt tools. This title is highly recommended for anyone who wants to improve his or her Python skills within the InfoSec realm." --The Ethical Hacker Network, February 2013
"When it comes to Python and penetration testing, TJ O'Connor is the grand Python master. This is the book that keeps on giving. From building penetration testing Python scripts, to antivirus-evading penetration testing malware, to interrogating the Windows Registry and investigating other forensic artifacts...O'Connor masterfully walks the reader from basic to advanced penetration testing techniques with sample code throughout." --Ove Carroll, SANS Certified Instructor, Co-Author of SANS Forensics 408 - Windows In Depth
"Violent Python is chalked full of practical examples and is for all security professionals. It covers the spectrum - knowledge for pen testers to forensic analysts, beginner to advanced and offensive to defensive tasks. If you are involved in information security and are looking for a Python book, this is an excellent source." --James Shewmaker, Security Analyst, Bluenotch Corporation
"The best hackers know when to write their own tools. Violent Python is a very relevant collection of examples to seed your personal hacking toolbox. From offensive actions to digital forensics, this book has useful bits for everyone." --Raphael Mudge, Creator of Armitage
Review
Discover how to use Python to exploit systems and build effective pen testing tools to defend your system from attackers
About the Author
TJ holds a Master of Science degree in Computer Science from North Carolina State, a Master of Science degree in Information Security Engineering from the SANS Technical Institute, and a Bachelor of Science degree in Computer Science from the US Military Academy. He has published technical research at USENIX workshops, ACM conferences, security conferences, the SANS Reading Room, the Internet Storm Center, the Army Magazine, and the Armed Forces Journal. He holds expert cyber security credentials, including the prestigious GIAC Security Expert (GSE) and Offensive Security Certified Expert (OSCE). TJ is a member of the elite SANS Red and Blue Team Cyber Guardians.
TJ O'Connor is an active duty Army Major and former faculty member at the United States Military Academy, where he taught courses on forensics, exploitation, and information assurance. He has published research at USENIX workshops, ACM Conferences, and spoken at various security conferences, including ShmooCon. He has participated in numerous cyber defense exercises, including winning the National Defense University Cyber Challenge, coaching the winning team at the National Security Agency's Cyber Defense Exercise and working as a red team member of the Northeast Regional Collegiate Cyber Defense Competition. He has earned the SANS Certifications GIAC Gold certifications in GCFA, GCIH, GSEC, GCIA, and holds other GIAC certifications.
Product details
- ASIN : 1597499579
- Publisher : Syngress; 1st edition (November 22, 2012)
- Language : English
- Paperback : 288 pages
- ISBN-10 : 9781597499576
- ISBN-13 : 978-1597499576
- Item Weight : 1.1 pounds
- Dimensions : 5.51 x 0.59 x 8.66 inches
- Best Sellers Rank: #87,727 in Books (See Top 100 in Books)
- #51 in Computer Network Security
- #54 in Computer Hacking
- #91 in Python Programming
- Customer Reviews:
About the author
Discover more of the author’s books, see similar authors, read author blogs and more
Customer reviews
Customer Reviews, including Product Star Ratings help customers to learn more about the product and decide whether it is the right product for them.
To calculate the overall star rating and percentage breakdown by star, we don’t use a simple average. Instead, our system considers things like how recent a review is and if the reviewer bought the item on Amazon. It also analyzed reviews to verify trustworthiness.
Learn more how customers reviews work on AmazonReviews with images
-
Top reviews
Top reviews from the United States
There was a problem filtering reviews right now. Please try again later.
Although the book does cover some Python basics very well and steps through the install of both Python and packages used throughout the book, explaining why and where each one is needed I am not sure I would recommend the book to beginners and I do not think that is the target audience. If however you understand some programming basics and want to get into writing your own tools in Python this book will give you some of the most concise and well documented examples I have seen. Providing not just instructions on what you need to do but (more importantly) why you would want to do it. It provides the base scripts and the understanding leaving it up to the reader to take the script and expand on it as needed, an approach I like.
The writing style is clear and easy to follow, I am working my way back through the sections on packet capture using the nmap libraries getting a lot of info as I go along. Without a doubt one of the best book purchases I have made and I would seriously recommend it to someone looking to write their own tools or to just get an understanding of Python hacking.
The "hot book" on Python Forensics right now is Hosmer-- Python Forensics: A workbench for inventing and sharing digital forensic technology -- much more detailed, more expensive, more recent, and a much tighter focus on forensics than the broader brush of this book, which includes some pen development. Elesevier always gives their text web resources in the format elsevierdirect dot com forward slash companion then the isbn. This book's code is not as error filled as some earlier reviews said, so I'm guessing that it has been updated and corrected. Again, you'll need library access, and the code isn't as well annotated as Hosmer or Ligh's fine and classic Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code , but remember it is pure Python, which will help both introduce and fill in some blanks in both Ligh and Hosmer.
By the way, Ligh also has a new, wonderful book out on forensics: The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory , and of course Ligh uses Python in all his books, blogs and articles as the "behind the scenes" create your own resource. I'm also a developer and contribute to zsand dot com's sandboxes, and one thing this book is missing that you'll find in both Ligh and Hosmer, are COMBINATIONS of sploit software that let you customize or see things like little python windows adding elements to the bigger API. An example would be embedding any PE (dll/exe etc.) in a "harmless" looking extension like .pdf, a network update or even a non-kernel/root looking extension like a screen tip or update.
Speaking of, since the authors of this book are all military, the upside is seeing how that world thinks (worked in it for some years), but the downside is their "courtesy." For example, they will say that the problem with a Google sploit is that it "requires a developer id which compromises anonymity" but completely ignores how easy it is to buy, hack, borrow or get those credentials, ids and codes anonymously online. This doesn't have to be black, it can even be for your own honeypot or a follow up on an attack where you don't want your developer id revealed even if you do have you own!
Highly recommended for beginners and those with access to py libraries. The caveat is that the freeware and GNU libraries out there are not enough, although they are much better than they were when this text was written, and Hosmer also shows you how to go direct instead of relying on libraries when you can't get them.
Violent Python does not pretend in any way to teach readers how to program. In fact, when kicking off the brief section introducing the language itself, it flat out refers to to the reader "as an experienced programmer" (p. 6). However, a motivated hacker with limited exposure to Python can still follow along and pick things up relatively quickly, as VP doesn't really use any particularly esoteric language features.
That said, it also does not necessarily require the reader to cover it linearly from page 1 to the end. The subtitle of the book, after all, calls it a "cookbook for hackers", and it handles its end of the bargain. VP does not go into great detail for these projects but illustrates how to accomplish them relatively simply, primarily as inspiration for the reader who can then use the ideas and code as building blocks for self-driven projects.
I rarely like getting technology books in electronic format, and so I have the paperback copy. Given the complete lack of diagrams in this book, however, it wouldn't matter as much in this case. The quality of the paper and printing seems relatively high; the papers have a smooth, creamy texture, and the book has wide margins that lend themselves very well to note taking and similar marginalia. While I'm not particularly a fan of the particular typeface used for code in the book, I didn't find it so distracting as to make it impossible to work. As has become sadly common these days, the book contains a number of typographical errors and I really wish the publisher had put it through one more review iteration to catch them.
Contents
Chapter 2, "Penetration Testing with Python", provides examples of how to perform a port scan (first using the socket API and then with nmap integration), brute forcing, using weaknesses in SSH key generation, injecting malicious IFRAMEs, interacting with Metasploit, and sending custom buffer overflow code over the network.
Chapter 3, "Forensic Investigations with Python", discusses analyzing the history of wireless access points in the Windows registry (including geolocation), investigation of the Recycle Bin, examining metadata in various document types, and using application artifacts like SQLite databases in Firefox and Skype or iTunes Mobile.
Chapter 4, "Network Traffic Analysis with Python", gets into better geolocation, packet parsing using dpkt and Scapy, KML generation, and analyzing various types of traffic like the LOIC DDOS tool, varying TTLs from spoofed port scans, and DNS fast-flux, and TCP sequence prediction. It also briefly covers generating packets to match IDS signatures.
Chapter 5, "Wireless Mayhem with Python", reviews mining WiFi traffic for personal information like payment cards and authentication credentials, analyzing 802.11 probes and beacons, intercepting and hijacking UAV command traffic, detecting Firesheep use, and manipulate Bluetooth networks.
Chapter 6, "Web Recon with Python", explains the Mechanize and BeautifulSoup libraries as well as using the Google and Twitter APIs, plus a small section on spear phishing.
Chapter 7, "Antivirus Evasion with Python", covers how to use Pyinstaller to obfuscate a Metasploit payload from antivirus as well as how to check your code automatically against AV scanners.
Top reviews from other countries
contenu qui monte rapidement en complexité (tant mieux) et, cela mérite d'être cité, le tout est clairement expliqué.
Je lis en pratiquant en même temps sur mon ordi pour mieux comprendre et c'est impeccable.
il y a même un site ou on peut récupérer directement les codes présentés dans le livre, ce qui est un plus pour celui qui ne souhaite pas tout retaper. Personnelement, je préfère retaper car j'apprends mieux en faisant par moi-même (car c'est en faisant des "bêtises" qu'on arrive plus facilement à les identifier et à les éviter par la suite alors que si on se contente de copier/coller le code... l'apprentissage n'est pas aussi bon ;) )
ce livre complète mes autres bouquins sur python "grey hat python", "black hat python". à mon avis ce livre est supérieur aux deux précédemment cités en terme de pédagogie tout du moins puisqu'ils n'ont pas non plus la même finalité.
avoir des connaissances (et si possible un peu plus) en Python est selon moi un prérequis sinon, vous risquez de galérer pour aller plus loin que le chapître 1.