Gray hat Python : Python programming for hackers and reverse engineers /
Justin Seitz.
Bok Engelsk 2009 Justin. Seitz,· Electronic books.
| Utgitt | San Francisco : : No Starch Press, , 2009.
|
|---|---|
| Omfang | 1 online resource (220 p.)
|
| Utgave | 1st edition
|
| Opplysninger | Description based upon print version of record.. - Foreword; Acknowledgments; Introduction; 1: Setting Up Your Development Environment; 1.1 Operating System Requirements; 1.2 Obtaining and Installing Python 2.5; 1.2.1 Installing Python on Windows; 1.2.2 Installing Python for Linux; 1.3 Setting Up Eclipse and PyDev; 1.3.1 The Hacker's Best Friend: ctypes; 1.3.2 Using Dynamic Libraries; 1.3.3 Constructing C Datatypes; 1.3.4 Passing Parameters by Reference; 1.3.5 Defining Structures and Unions; 2: Debuggers and Debugger Design; 2.1 General-Purpose CPU Registers; 2.2 The Stack; 2.3 Debug Events; 2.4 Breakpoints; 2.4.1 Soft Breakpoints. - 11.3.1 Finding Dangerous Function Cross-References. - 2.4.2 Hardware Breakpoints2.4.3 Memory Breakpoints; 3: Building a Windows Debugger; 3.1 Debuggee, Where Art Thou?; 3.2 Obtaining CPU Register State; 3.2.1 Thread Enumeration; 3.2.2 Putting It All Together; 3.3 Implementing Debug Event Handlers; 3.4 The Almighty Breakpoint; 3.4.1 Soft Breakpoints; 3.4.2 Hardware Breakpoints; 3.4.3 Memory Breakpoints; 3.5 Conclusion; 4: PyDbg -- A Pure Python Windows Debugger; 4.1 Extending Breakpoint Handlers; 4.2 Access Violation Handlers; 4.3 Process Snapshots; 4.3.1 Obtaining Process Snapshots; 4.3.2 Putting It All Together. - 5: Immunity Debugger -- The Best of Both Worlds5.1 Installing Immunity Debugger; 5.2 Immunity Debugger 101; 5.2.1 PyCommands; 5.2.2 PyHooks; 5.3 Exploit Development; 5.3.1 Finding Exploit-Friendly Instructions; 5.3.2 Bad-Character Filtering; 5.3.3 Bypassing DEP on Windows; 5.4 Defeating Anti-Debugging Routines in Malware; 5.4.1 IsDebuggerPresent; 5.4.2 Defeating Process Iteration; 6: Hooking; 6.1 Soft Hooking with PyDbg; 6.2 Hard Hooking with Immunity Debugger; 7: DLL and Code Injection; 7.1 Remote Thread Creation; 7.1.1 DLL Injection; 7.1.2 Code Injection; 7.2 Getting Evil; 7.2.1 File Hiding. - 7.2.2 Coding the Backdoor7.2.3 Compiling with py2exe; 8: Fuzzing; 8.1 Bug Classes; 8.1.1 Buffer Overflows; 8.1.2 Integer Overflows; 8.1.3 Format String Attacks; 8.2 File Fuzzer; 8.3 Future Considerations; 8.3.1 Code Coverage; 8.3.2 Automated Static Analysis; 9: Sulley; 9.1 Sulley Installation; 9.2 Sulley Primitives; 9.2.1 Strings; 9.2.2 Delimiters; 9.2.3 Static and Random Primitives; 9.2.4 Binary Data; 9.2.5 Integers; 9.2.6 Blocks and Groups; 9.3 Slaying WarFTPD with Sulley; 9.3.1 FTP 101; 9.3.2 Creating the FTP Protocol Skeleton; 9.3.3 Sulley Sessions; 9.3.4 Network and Process Monitoring. - 9.3.5 Fuzzing and the Sulley Web Interface10: Fuzzing Windows Drivers; 10.1 Driver Communication; 10.2 Driver Fuzzing with Immunity Debugger; 10.3 Driverlib-The Static Analysis Tool for Drivers; 10.3.1 Discovering Device Names; 10.3.2 Finding the IOCTL Dispatch Routine; 10.3.3 Determining Supported IOCTL Codes; 10.4 Building a Driver Fuzzer; 11: IDAPython -- Scripting IDA Pro; 11.1 IDAPython Installation; 11.2 IDAPython Functions; 11.2.1 Utility Functions; 11.2.2 Segments; 11.2.3 Functions; 11.2.4 Cross-References; 11.2.5 Debugger Hooks; 11.3 Example Scripts. - Python is the high-level language of choice for hacking, vulnerability discovery, and security research. Gray Hat Python , the first Python book written for advanced security analysts, explains the intricacies of using Python to assist in a range of security analysis tasks. Readers learn how to design and program their own debuggers, create powerful fuzzers, utilize open source libraries to automate tedious tasks, and interface with commercial and non-commercial security tools. Gray Hat Python covers everything from the nuts and bolts of how to use the language for basic code and DLL injection
|
| Emner | |
| Sjanger | |
| Dewey | |
| ISBN | 1-59327-224-3
|
| Hylleplass | QA76.9.A25 S457 2009
|
