When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. Seitz explores the darker side of Python's capabilities--writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. Readers will learn how to: create a trojan command-and-control using GitHub; detect sandboxing and automate common malware Read more... Abstract: When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. Seitz explores the darker side of Python's capabilities--writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. Readers will learn how to: create a trojan command-and-control using GitHub; detect sandboxing and automate common malware tasks, like keylogging and screenshotting; escalate Windows privileges with creative process control; use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine; extend the popular Burp Suite Web-hacking tool; abuse Windows COM automation to perform a man-in-the-browser attack; and exfiltrate data from a network most sneakily. Insider techniques and creative challenges throughout show readers how to extend the hacks and how to write their own exploits www.it-ebooks.info About the Author 9 Brief Contents 11 Contents in Detail 13 Foreword 17 Preface 19 Acknowledgments 21 Chapter 1: Setting Up Your Python Environment 23 Installing Kali Linux 24 WingIDE 25 Chapter 2: The Network: Basics 31 Python Networking in a Paragraph 32 TCP Client 32 UDP Client 33 TCP Server 34 Replacing Netcat 35 Kicking the Tires 41 Building a TCP Proxy 42 Kicking the Tires 47 SSH with Paramiko 48 Kicking the Tires 51 SSH Tunneling 52 Kicking the Tires 55 Chapter 3: The Network: Raw Sockets and Sniffing 57 Building a UDP Host Discovery Tool 58 Packet Sniffing on Windows and Linux 58 Kicking the Tires 60 Decoding the IP Layer 60 Kicking the Tires 63 Decoding ICMP 64 Kicking the Tires 67 Chapter 4: Owning the Network with Scapy 69 Stealing Email Credentials 70 Kicking the Tires 72 ARP Cache Poisoning with Scapy 73 Kicking the Tires 76 PCAP Processing 77 Kicking the Tires 81 Chapter 5: Web Hackery 83 The Socket Library of the Web: urllib2 84 Mapping Open Source Web App Installations 85 Kicking the Tires 86 Brute-Forcing Directories and File Locations 87 Kicking the Tires 90 Brute-Forcing HTML Form Authentication 91 Kicking the Tires 96 Chapter 6: Extending Burp Proxy 97 Setting Up 98 Burp Fuzzing 100 Kicking the Tires 105 Bing for Burp 109 Kicking the Tires 113 Turning Website Content into Password Gold 115 Kicking the Tires 119 Chapter 7: GitHub Command and Control 123 Setting Up a GitHub Account 124 Creating Modules 125 Trojan Configuration 126 Building a GitHub-Aware Trojan 127 Hacking Python’s import Functionality 129 Kicking the Tires 130 Chapter 8: Common Trojaning Tasks on Windows 133 Keylogging for Fun and Keystrokes 134 Kicking the Tires 136 Taking Screenshots 137 Pythonic Shellcode Execution 138 Kicking the Tires 139 Sandbox Detection 140 Chapter 9: Fun with Internet Explorer 145 Man-in-the-Browser (Kind Of) 146 Creating the Server 149 Kicking the Tires 150 IE COM Automation for Exfiltration 150 Kicking the Tires 156 Chapter 10: Windows Privilege Escalation 159 Installing the Prerequisites 160 Creating a Process Monitor 161 Process Monitoring with WMI 161 Kicking the Tires 163 Windows Token Privileges 163 Winning the Race 166 Kicking the Tires 168 Code Injection 169 Kicking the Tires 171 Chapter 11: Automating Offensive Forensics 173 Installation 174 Profiles 174 Grabbing Password Hashes 175 Direct Code Injection 178 Kicking the Tires 183 Index 185 Updates 193 Fully-updated for Python 3, the second edition of this worldwide bestseller (over 100,000 copies sold) explores the stealthier side of programming and brings you all new strategies for your hacking projects. When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. In Black Hat Python, 2nd Edition, you’ll explore the darker side of Python’s capabilities—writing network sniffers, stealing email credentials, brute forcing directories, crafting mutation fuzzers, infecting virtual machines, creating stealthy trojans, and more. The second edition of this bestselling hacking book contains code updated for the latest version of Python 3, as well as new techniques that reflect current industry best practices. You’ll also find expanded explanations of Python libraries such as ctypes, struct, lxml, and BeautifulSoup, and dig deeper into strategies, from splitting bytes to leveraging computer-vision libraries, that you can apply to future hacking projects. You’ll learn how to: • Create a trojan command-and-control using GitHub • Detect sandboxing and automate common malware tasks, like keylogging and screenshotting • Escalate Windows privileges with creative process control • Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine • Extend the popular Burp Suite web-hacking tool • Abuse Windows COM automation to perform a man-in-the-browser attack • Exfiltrate data from a network most sneakily When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how with the second edition of Black Hat Python. New to this edition: All Python code has been updated to cover Python 3 and includes updated libraries used in current Python applications. Additionally, there are more in-depth explanations of the code and the programming techniques have been updated to current, common tactics. Examples of new material that you'll learn include how to sniff network traffic, evade anti-virus software, brute-force web applications, and set up a command-and-control (C2) system using GitHub. Foreword Preface Acknowledgments Setting Up Your Python Environment Installing Kali Linux WingIDE The Network: Basics Python Networking in a Paragraph TCP Client UDP Client TCP Server Replacing Netcat Kicking the Tires Building a TCP Proxy Kicking the Tires SSH with Paramiko Kicking the Tires SSH Tunneling Kicking the Tires The Network: Raw Sockets and Sniffing Building a UDP Host Discovery Tool Packet Sniffing on Windows and Linux Kicking the Tires Decoding the IP Layer Kicking the Tires Decoding ICMP Kicking the Tires Owning the Network with Scapy Stealing Email Credentials Kicking the Tires ARP Cache Poisoning with Scapy Kicking the Tires PCAP Processing Kicking the Tires Web Hackery The Socket Library of the Web: urllib2 Mapping Open Source Web App Installations Kicking the Tires Brute-Forcing Directories and File Locations Kicking the Tires Brute-Forcing HTML Form Authentication Kicking the Tires Extending Burp Proxy Setting Up Burp Fuzzing Kicking the Tires Bing for Burp Kicking the Tires Turning Website Content into Password Gold Kicking the Tires GitHub Command and Control Setting Up a GitHub Account Creating Modules Trojan Configuration Building a GitHub-Aware Trojan Hacking Python's Import Functionality Kicking the Tires Common Trojanning Tasks on Windows Keylogging for Fun and Keystrokes Kicking the Tires Taking Screenshots Pythonic Shellcode Execution Kicking the Tires Sandbox Detection Fun with Internet Explorer Man-in-the-Browser (Kind Of) Creating the Server Kicking the Tires IE COM Automation for Exfiltration Kicking the Tires Windows Privilege Escalation Installing the Prerequisites Creating a Process Monitor Process Monitoring with WMI Kicking the Tires Windows Token Privileges Winning the Race Kicking the Tires Code Injection Kicking the Tires Automating Offensive Forensics Installation Profiles Grabbing Password Hashes Direct Code Injection Kicking the Tires Index "When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. In this second edition of the bestselling Black Hat Python, you'll explore the darker side of Python's capabilities: everything from writing network sniffers, stealing email credentials, and bruteforcing directories to crafting mutation fuzzers, investigating virtual machines, and creating stealthy trojans. All of the code in this edition has been updated to Python 3.x. You'll also find new coverage of bit shifting, code hygiene, and offensive forensics with the Volatility Framework as well as expanded explanations of the Python libraries ctypes, struct, lxml, and BeautifulSoup, and offensive hacking strategies like splitting bytes, leveraging computer vision libraries, and scraping websites. You'll even learn how to: " Create a trojan command-and-control server using GitHub " Detect sandboxing and automate common malware tasks like keylogging and screenshotting " Extend the Burp Suite web-hacking tool " Escalate Windows privileges with creative process control " Use offensive memory forensics tricks to retrieve password hashes and find vulnerabilities on a virtual machine " Abuse Windows COM automation " Exfiltrate data from a network undetected When it comes to offensive security, you need to be able to create powerful tools on the fly. Learn how with Black Hat Python."--Amazon.com When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. But just how does the magic happen? In Black Hat Python, the latest from Justin Seitz (author of the best-selling Gray Hat Python), you’ll explore the darker side of Python’s capabilities—writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. You’ll learn how to: –Create a trojan command-and-control using GitHub –Detect sandboxing and automate common malware tasks, like keylogging and screenshotting –Escalate Windows privileges with creative process control –Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine –Extend the popular Burp Suite web-hacking tool –Abuse Windows COM automation to perform a man-in-the-browser attack –Exfiltrate data from a network most sneakily Insider techniques and creative challenges throughout show you how to extend the hacks and how to write your own exploits. When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how in Black Hat Python. Uses Python 2 When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. But just how does the magic happen? In Black Hat Python , the latest from Justin Seitz (author of the best-selling Gray Hat Python ), you'll explore the darker side of Python's capabilities writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. You'll learn how to: Create a trojan command-and-control using GitHub Detect sandboxing and automate common malware tasks, like keylogging and screenshotting Escalate Windows privileges with creative process control Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine Extend the popular Burp Suite web-hacking tool Abuse Windows COM automation to perform a man-in-the-browser attack Exfiltrate data from a network most sneakily Insider techniques and creative challenges throughout show you how to extend the hacks and how to write your own exploits.When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how in Black Hat Python . " When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. Seitz explores the darker side of Python's capabilities--writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. Readers will learn how to: create a trojan command-and-control using GitHub; detect sandboxing and automate common malware tasks, like keylogging and screenshotting; escalate Windows privileges with creative process control; use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine; extend the popular Burp Suite Web-hacking tool; abuse Windows COM automation to perform a man-in-the-browser attack; and exfiltrate data from a network most sneakily. Insider techniques and creative challenges throughout show readers how to extend the hacks and how to write their own exploits. -- Edited summary from book Python is the high-level language of choice for hackers and software security analysts because it makes it easy to write powerful and effective security tools. A follow-up to the perennial best-seller Gray Hat Python (2011), the all-new Black Hat Python explores the darker side of Python's capabilities - writing network sniffers, manipulating packets, web hacking, infecting virtual machines, creating stealthy trojans, extending the popular web hacking tool Burp Suite, and more. By showing how carefully crafted code can be used to disrupt and disable a system, Black Hat Python will help you test your systems and improve your security posture. Insider techniques and creative challenges show you how to extend the hacks, and are sure to make Black Hat Python irresistible to anyone interested in offensive security--From back cover