This is the best review we found for this book on Amazon. The review is written by Nyck on December 12, 2014.
I just got this book in the mail earlier today and couldn't help but sit down and read through the entire thing. Starting from chapter two, author Justin Seitz walks you through the creation of classic networking tools in the popular Python programming language (Chapter 1 focuses on setting up your environment). From netcat to proxies to SSH tunnels, the amount of information packed in is amazing. He then delves deeper into the world of network analysis and shows you how to write your own sniffers leading to a pared-down nmap implementation. The best part is that you learn all of this while staying essentially crippled- Seitz doesn't just introduce one of Python's many libraries and just say "Play", he walks your though all the nitty gritty details along the way. It's great.
He then pulls you from the dark undergrounds of low(ish) level socket programming to show you what Python can do against application-layer targets. You begin with learning to bruteforce directories and image locations before quickly moving to extending Burp Suite to fit whatever your needs may be. From there, you get into some of the heavier materials by taking another step further from networks to create command and control points for a trojan that you eventually get around to writing. Keylogging, surreptitious screenshots, and even rooting techniques become your new playground.
There's more, naturally, but I feel as though you can get the point clearly enough looking through the table of contents. Besides, I wouldn't want to spoil all the fun. Suffice it to say, by the end of this book you'll be leaps and bounds closer to understanding not only how the "bad guys" get into you computer, exfiltrate your data, and maintain access over time, but you may even be able to create software of your own to detect and avoid them.
All this being said, I can't help but remain a little bit disappointed in the overall amount of material presented. The book tops off at a measly 161 pages (pretty much the same as Gray Hat Python), but with the vast majority being code samples and screenshots I feel almost a little bit let down. Print is a fantastic medium for many things, but presenting a few code snippets that can be found through some (albeit extensive) Googling with matching explanations may not be one of them. It also would have been nice if the author pointed us towards online resources for more information regarding the tools we ultimately create. Don't let this turn you away, though. If you're interested in a one-stop-shop for your lessons in using Python for hacking and penetration testing, look no further because this book rocks.
I just got this book in the mail earlier today and couldn't help but sit down and read through the entire thing. Starting from chapter two, author Justin Seitz walks you through the creation of classic networking tools in the popular Python programming language (Chapter 1 focuses on setting up your environment). From netcat to proxies to SSH tunnels, the amount of information packed in is amazing. He then delves deeper into the world of network analysis and shows you how to write your own sniffers leading to a pared-down nmap implementation. The best part is that you learn all of this while staying essentially crippled- Seitz doesn't just introduce one of Python's many libraries and just say "Play", he walks your though all the nitty gritty details along the way. It's great.
He then pulls you from the dark undergrounds of low(ish) level socket programming to show you what Python can do against application-layer targets. You begin with learning to bruteforce directories and image locations before quickly moving to extending Burp Suite to fit whatever your needs may be. From there, you get into some of the heavier materials by taking another step further from networks to create command and control points for a trojan that you eventually get around to writing. Keylogging, surreptitious screenshots, and even rooting techniques become your new playground.
There's more, naturally, but I feel as though you can get the point clearly enough looking through the table of contents. Besides, I wouldn't want to spoil all the fun. Suffice it to say, by the end of this book you'll be leaps and bounds closer to understanding not only how the "bad guys" get into you computer, exfiltrate your data, and maintain access over time, but you may even be able to create software of your own to detect and avoid them.
All this being said, I can't help but remain a little bit disappointed in the overall amount of material presented. The book tops off at a measly 161 pages (pretty much the same as Gray Hat Python), but with the vast majority being code samples and screenshots I feel almost a little bit let down. Print is a fantastic medium for many things, but presenting a few code snippets that can be found through some (albeit extensive) Googling with matching explanations may not be one of them. It also would have been nice if the author pointed us towards online resources for more information regarding the tools we ultimately create. Don't let this turn you away, though. If you're interested in a one-stop-shop for your lessons in using Python for hacking and penetration testing, look no further because this book rocks.