Black Hat Python Review

BHP_cover_final

The book Black Hat Python by Justin Seitz and published by No Starch Press fills in a gap that I believe exists in between learning Python and actually knowing how to apply it to penetration testing scenarios. The book does this starting in chapter 2 titled The Network: basics where you build your own python servers, proxies, and ssh connection while the author explains to you situations in which these would come in handy. This just barely scratches the surface as he dives into command and control trojans, extending the burpe suite tools, and Windows privilege escalation just to name a few other topics.

Justin Seitz who also published Grey Hat Python and is a Senior Security Researcher for Immunity Inc is obviously on a mission to make sure people know how to write their own tools. The back of the book in huge writing is a quote from the forward of the book written by Charlie Miller that says “The difference between script kiddies and professionals is the difference between merely using others people’s tools and writing your own.” I share his feeling on the topic and strongly believe that it is perfectly fine  to leverage the tools that we all know and love. However simply having a complete lack of understanding for how they work or lacking the ability to add or modify functionality is selling yourself short. All penetration testers should have the skills you can learn from this book and should write their own tools when needed. This entire community is built from the amazing tools that are available and one of the greatest thing you can do to give back is become a contributor.

This book is available from Amazon here

Post navigation