Violent Python –
Looking to expand your expertise in Python or just learn more about the awesome potential of the programming language? One of the best-recommended reads for you would be ‘Violent Python’. As its tagline suggests, violent python a cookbook for hackers, penetration testers, forensic analysts and security engineers.
As you can well expect, the book has a very broad scope given its targeted reader base. It demonstrated how the language can be used to assist with and automate tasks across several information security disciplines. The book also does not sacrifice depth for the sake of breadth. Although engaging a wide range of subjects, it also goes fairly in-depth with advanced-level exercises for each subject.
Violent Python Book
The book has been primarily authored by TJ O’Connor, with Mark Baggett as Technical Editor and Rob Frost authoring one chapter on Web Reconnaissance. Here is a look at the background that each contributor/author brings:
- TJ O’Connor
A former paratrooper in the US Army and information security expert for the Department of Defense. He taught undergraduate courses on exploitation, forensics and information assurance while an assistant professor at the US Military Academy. He also co-coached the winning team twice at the annual Cyber Defense Exercise of the National Security Agency. He graduated with a Master of Science degree in Computer Science from North Carolina State University and a Master of Science degree in Information Security Engineering from the SANS Technical Institute.
- Rob Frost
Robert Frost was commissioned into the Army Signal Corps after graduating from the US Military Academy in 2011. He has a Bachelor of Science degree in Computer Science with honors, and his thesis focused on open-source information gathering. In the 2011 Cyber Defense Exercise, he was an individually recognized member of the national championship team for his ability to circumvent rules.
- Mark Baggett
A certified SANS Instructor, Mark Baggett teaches several courses in the penetration testing curriculum. He is a primary consultant and the founder of In Depth Defense, which provides penetration-testing and incident-response services. He is also the technical advisor for SANS to the Department of Defense, focusing on practical application of SANS resources for military capability development.
Violent Python – The Background
Python is a high-level language, and to the authors and for many programmers out there, it is also a hacker’s language. It offers increased efficiency, decreased complexity, limitless third-party libraries and a low entry bar. This makes it a great development platform for building offensive tools. If you run Linux or Mac OS X, chances are you already have it installed on your system. Learning Python through this book can help you achieve success when other offensive tools fail.
Violent Python book targets programmers of all ages and proficiency levels, and even non-programmers looking to start writing Python. Violent Python can even apply to advanced programmers who want to learn to apply to apply their skills in penetration testing. As the title Violent Python might suggest, the book focuses on how to tap the offensive aspects of Python in order to improve the defense. It covers ‘recipes’ for penetration testing, network analysis, web analysis and exploitation of wireless devices.
For those of you who are not familiar with cookbook-type resources, the content of this Violent Python a cookbook for hackers is made of several short self-paced scripts focused on specific tasks. It ultimately shows just how powerful a few lines of Python can be. Seriously, the longest recipes in this Violent Python book hardly go past 100 lines.
Keep in mind that the book is heavily focused on the ‘dark arts’ of Python and you won’t find direct material for general programming with the language. However, you can definitely learn some tricks and tips by working the exercises. The recipes have been made in a modular design for code reusability, and the codes can be used for larger projects.
A closer look at the Violent Python book
Before we look closer at Violent Python, it should be noted that the source code files for the recipes are located on its Syngress homepage. However, it is recommended that you write the code right from the top for better learning and retention. In any case, if you want the code quickly and easily, you know where to find it.
Here is a look at each chapter of the Violent Python book:
The first chapter gives you an introduction to Python in general, starting with background information on the language itself. It quickly jumps into the meat, introducing you to variables, data types, iteration, selection, functions and more. It also shows you how to work with modules and takes you through some simple programs.
If you are already familiar with the basics of Python and are an intermediate or experienced programmer, you can pretty much skip the entire chapter. One of the best things about Violent Python book is that most chapters are fairly independent of each other. So you can simply choose the chapter that you want and learn that alone instead of going through all the preceding chapters.
Penetration Testing with Python
This chapter introduces you to the idea of using Python for scripting attacks for penetration testing. The examples include constructing an SSH botnet, building a port scanner, writing an exploit, replicating Conficker and mass-compromising via FTP.
Forensic Investigations with Python
This chapter focuses on using Python for digital forensic investigations. It gives examples for recovering deleted items, geo-locating individuals, extracting artifacts from the Windows registry, examining document metadata and investigating mobile device and application artifacts.
Network Traffic Analysis with Python
This chapter teaches you to use Python for analyzing network traffic. The scripts given here focus on geo-locating IP addresses from packet captures, analyzing botnet traffic, investigating popular DDoS toolkits, discovering decoy scans, and foiling intrusion detection systems.
Wireless Mayhem with Python
This chapter focuses on Bluetooth and wireless devices. It provides examples on how to parse and sniff wireless traffic, identifies hidden wireless networks, builds a wireless keylogger, remotely command unmanned aerial vehicles, identifies malicious wireless toolkits being used, exploits the vulnerabilities of Bluetooth and stalks Bluetooth radios.
Web Recon With Python
This chapter examines using Python for scrapping the internet for information, with examples including how to anonymously browse the web through Python, scrape popular social media websites, work with developer APIs and create a spear-phishing email.
Antivirus Evasion with Python
This final chapter shows you how to build a malware that evades anti-virus programs. It also shows you how to build a script for uploading the malware against an online antivirus scanner. It uses malicious code from the Metasploit framework to generate some C-style shellcode. A simple Windows bandshell is used to bind the cmd.exe process to a TCP port that you choose, enabling you to remotely connect to a machine and issue commands interacting with the cmd.exe process.
More about the Violent Python book
As you can see, Violent Python covers some rather interesting subjects for hackers and those interested in information security. It has dozens of recipes packed into its 288 pages, and you would probably be surprised by the type of results that are easily achieved with Python.
Unfortunately, the recipes are enumerated in detail, so you have to do a bit of research on your own to find out how and why some of the codings work. Nevertheless, this is a great starting point to learn more about Python’s information security abilities and get surprised by the sheer depth of the language. Here is a look at some of the more interesting recipes that the Violent Python book covers:
- Developing offline and online password crackers
- Recreating Conficker
- Interacting with Metasploit and Nmap
- Delivering an exploit for a stack-based buffer overflow
- Exploiting SQLite databases, the Windows registry, and iTunes backups
- Correlating network traffic to physical locations and developing Google Earth-based maps
- Building an SSH Botnet
- Evading anti-virus systems and IDS
- Parsing websites, Tweets, and metadata
- Creating social engineering email campaigns
- Hijacking a drone
- Performing Bluetooth-based attacks
- Parsing and logging wireless traffic
The introduction itself shows how you can set up a Python development environment and acts as a great crash course for the language. It helps you get your development environment up and running and could even serve as a refresher if you already learned the language but have lost your touch recently. However, for those of you who are completely new to Python and never touched on the language before, this may go over your head. Of course, it would be difficult for any single book to cover Python right from the basics and then go into something like hacking drones and exploiting wireless networks using the language, all in less than 300 pages.
In addition, several exploitations given in the book discuss the possible actions that a particular code block, rather than giving a line-by-line explanation of the code. For those who can read common statements in Python, it will be easier to faster to understand and implement the core material. However, if you have little to no experience with the language, you may find the Violent Python book a little overwhelming. If you want to have a better experience, it is best to go for Google’s free two-day course or opt for other short hands-on courses (which are generally free) on Python fundamentals.
Now, you may think from what has been given so far that Violent Python is for higher-level programmers, but it is important to note that you do not need expert-level language skills to appreciate the book material. If you like to jump in and learn through trial-and-error and get your hands dirty, then this is something definitely worth trying. You can, in fact, learn general uses of Python and also learn the information security material given in this book at the same time. As for the code, it is as simple and clean as possible. The code is well-written and well-structured, and narrative otherwise is kept casual to make things easier, with jargon usage kept to a minimum.
Most of the content should be the accessible even to novices that have a weak grasp on the jargon and lack experience. At the same time, the kind of material present in this book is just too unique and interesting to be ignored, even for experienced Python developers.
The authors have also given quite a bit of thought and care to the recipes to make them meaningful, instead of just making it overly flashy. Also, while the scripts have been structured in modules, this book is not just a collection of copied-and-pasted scripts. Instead, most of the recipes are preceded by interesting and often entertaining background information, which makes the book all the more fun.
The Violent Python book has also been written to set up scenarios and clear objectives, ranging from solving investigative problems to recreating malicious attacks and even just executing attacks just for the sake of it. The historical trivia presented can also rival the value of the recipes themselves.
While all the recipes are very interesting, there are some that may seem impractical on surface value. For instance, most information security professionals likely do not need to take down a drone or run an SSN botnet. Still, these recipes have, at the root, core concepts that can be very useful like being able to interact with a number of hosts through SSH and injecting packets into wireless traffic. These concepts could be applied to information security activities such as penetration tests.
The exclusive focus on Python can also be a bit of a disadvantage to the reader, given that some recipes require outside knowledge for really knowing what is happening behind the scenes. Let’s look at the exploitation recipe, which shows how to deliver an exploit through Python. In itself, this recipe can be a great template for developing network-based proof-of-concept exploits. The chapter also starts with a brief look at stack-based buffer overflows. However, it does not discuss the identification of the vulnerability, creating the shellcode, x86 memory management or assembly language, all of which are outside the scope of the book but relevant to the exploitation itself.
A conclusion of Violent Python Book
As you can understand, the book does a lot while also omitting a lot, and understandably so. It can be difficult to meet the needs of every reader and every knowledge and skill level. The sidebars have common mistakes and tricks, tips and other information to help address some of the gaps in knowledge. Each chapter also has several references to further study, which is highly recommended if you read this Violent Python book.
Here are some articles that will help you to get more detail about the Violent Python Book Review so just go through the link.