Black Hat Python: Python Programming for Hackers and Pentesters

Book Description

Python is the language of choice for hackers and security analysts for creating powerful and effective tools. Ever wonder how they do it?

A follow-up to the perennial best-seller Gray Hat Python, Justin Seitz’s Black Hat Python explores the darker side of Python’s capabilities—writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, extending the popular web hacking tool Burp Suite, and more. You’ll learn how to:

• Create a trojan command-and-control using Github
• Detect sandboxing and automate common malware tasks, like keylogging and screenshotting
• Escalate Windows privileges with creative process control
• Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine
• Abuse Windows COM automation to perform a man-in-the-browser attack
• Exfiltrate data from a network most sneakily

Insider techniques and creative challenges show you how to extend the hacks, and are sure to make Black Hat Python irresistible to anyone interested in offensive security.

Table of Contents

Chapter 1. Setting Up Your Python Environment
Chapter 2. The Network: Basics
Chapter 3. The Network: Raw Sockets and Sniffing
Chapter 4. Owning the Network with Scapy
Chapter 5. Web Hackery
Chapter 6. Extending Burp Proxy
Chapter 7. Github Command and Control
Chapter 8. Common Trojaning Tasks on Windows
Chapter 9. Fun with Internet Explorer
Chapter 10. Windows Privilege Escalation
Chapter 11. Automating Offensive Forensics

中文：

书名：Black Hat Python: Python Programming for Hackers and Pentesters

对于黑客和安全分析师来说，要创建强大而有效的工具，Python是他们的首选语言。有没有想过他们是怎么做到的？

这本常年畅销书的续集 格雷有蟒蛇, Justin Seitz’s 黑帽蟒蛇 探索Python功能的阴暗面-编写网络嗅探器、操纵数据包、感染虚拟机、创建隐蔽的特洛伊木马、扩展流行的网络黑客工具Burp Suite等。您将学习如何：

• 使用Github创建特洛伊木马命令和控制
• 检测沙箱并自动执行常见的恶意软件任务，如键盘记录和截图
• 通过创造性的流程控制提升Windows权限
• 使用攻击性内存取证技巧来检索密码散列并将外壳代码注入虚拟机
• Abuse Windows COM automation to perform a man-in-the-browser attack
• 以最狡猾的方式从网络中窃取数据

内幕技术和创造性挑战向你展示了如何扩展黑客，并肯定会让 黑帽蟒蛇 对于任何对进攻性安全感兴趣的人来说，这是不可抗拒的。

目录表

第1章.设置您的Python环境
Chapter 2. The Network: Basics
第3章：网络：原始套接字和嗅探
第4章：使用Scapy拥有网络
第5章.网络黑客
Chapter 6. Extending Burp Proxy
Chapter 7. Github Command and Control
Chapter 8. Common Trojaning Tasks on Windows
Chapter 9. Fun with Internet Explorer
第10章.Windows权限提升
第11章：自动化攻击性取证