Published on April 14th, 2013 | by NJ Ouchn1
Book Review: Violent Python A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
Summary: “Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers“ is undoubtedly one of the best resources to combine IT security pentesting and hacking with Python scripting.
“Give a man a fish and you feed him for a day. Teach a man to fish and you feed him for a lifetime” – Chinese Proverb
These are the words that formed in my mind upon i finished reading the first two chapters of the book i want to talk about in this review.
In fact, it is an effort to share with the community my thoughts about how helpful it was to improve a facet i do not know about. Although we are all in the security industry for a long time, we have necessarily things to learn from each others. And this is our strength. Security folks are humble, always willing to share the expertise and never miss the opportunity to enhance the knowledge.
Let me introduce you a great book that worth the detour and a must have for every hacker or security professional. Whether you are experienced or novice, this masterpiece is for you and it is entitled “Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers“
De facto, I was looking for a quick and easy way to learn coding in python and avoid diving into classic books such “Mastering This in 24h” or “Programming That for Beginners and Perfect Restless“. Likewise finding a specific coding language book but dedicated to IT Security and hacking seemed to be unlikely. Until a great buddy of mine from the community (Raphael Mudge) pointed me out to “Violent Python“
The author has organized the book brilliantly. Indeed, TJ O’Connor gradually begins with very simplified examples. You don’t even realize that you are about to master the very basic principles of Python coding. By the end of the first two chapters, you have already learned how to write a well-structured program, with the necessary ingredients such as errors handling, threading, functions and more. And all this, guess what ? applied to security with neat use cases and impressive small scripts.
Leverage the power of Python to hack everything hackable !
It took me 2 days to understand how python works and to start reactivating few of my dormant projects. In such a short time, I realized the simplicity with which Python could help me to write protocols scanners, bots, password crackers and far beyond. The best is yet to come.
TJ O’Connor introduced very quickly since the 2nd chapter how to leverage Python to interface with Metasploit and Nmap. In a few lines of code, he shows us how to write a Proof of Concept to reproduce the Conficker attack. At this point I undoubtedly appreciated the beauty of Python and especially the effective intelligence with which the author has transmitted the information.
Nevertheless, the book is not a Python developer’s guide. Don’t be mistaken. The author himself stated with quotes that act as preface for some chapters.
“To be a warrior is not a simple matter of wishing to be one. It is rather an endless struggle that will go on to the very last moment of our lives. Nobody is born a warrior, in exactly the same way that nobody is born an average man. We make ourselves into one or the other” – Carlos Castaneda
Got it ? Nobody is born a warrior. “Violent Python” will only lead you forward accelerating your practice. It’s up to you my friend to sharp your skills.
If you are a bit imaginative, you have certainly catched that python allows to perform almost all the tasks and tricks, specially the rough ones, an auditor or computer security hacker might do to analyze artifacts and outputs. And one fashionable subject these days is the “Forensics“. The book comes with a bunch of very nice forensics scripts to use, to modify and to expand to fit your needs.
At the end of the 3rd Chapter, you will begin to interact (create, delete, search) with databases such as SQLite. Likewise, you will get the straight-to-point principles for extracting data from HTML pages by leverging libraries such as BeautifulSoup. And besides, you learn with very nice concrete examples to perform networks, databases and files forensics.
The next chapters are based upon real attacks cases (for educational purposes only. Avoid to reproduce them on live targets) like the TCP Sequence Prediction (the few line of codes depicted in the book would have saved tremendous effort for K. Mitnick 😉 , taking full control of an UAV drone or hacking protocols such as Bluetooth or WiFi.
And I would not say more. This book is a gold mine. I read it 3 times and still learning tips and tricks.
Putting together all the accumulated knowledge through your discovery, you might do the following when you unlock the last chapter :
- Offer a beer to TJ O’Connor whenever you meet him
- Finally understand why some BackTrack’s Python scripts hang (if you debug some, your life will never be the same)
- Craft your own vulnerability scanner (or expand existant. Do not reinvent the wheel)
- Interact with any protocol by leveraging scapy library
- Intercept communications and protocols (eg 802.11)
- Boost your pentesting kungfu by automating efficiently your attacks via Metasploit and Nmap
- Perform network & systems forensics.
- Analyze web applications or web services
- Perform almost any security task on hosts (local or remote)
Dont forget, you are only limited by your neurons. Dont blame anyone for this 😉
Remember what told Clint Eastwood to Eli wallach in this awesome Western Movie “The Good The Bad and the Ugly” : “You see, in this world there’s two kinds of people, my friend. Those with loaded guns, and those who dig. You dig”
What I mean is that you can still rely on open source tools to achieve any kind of tasks and that’s great. Therefore, you will always be yet another simple user . TJ O’connor opens here the opportunity to leverage Python to build or customize your own security scripts. So, it is always helpful to master python as programming language to overcome a problem instead of waiting for the next version of your favorite tool to be released.
The most important thing here is not the way you write code but what newest idea you bring to the community and what problem you solved. You will always find a guru to help you optimizing and beautifying your script.
Starting the book, I knew very few about the python coding principles. After a week, I decided to launch “vFeed.” which is completely built with python. I’m still learning and improving.
Indeed, the book has taught me the following
- The basic principles of a python script in a perspective of a security analyst
- Optimize the code with functions and classes
- Manipulate XML files
- Manipulate log files
- Use of databases (Sqlite)
- Manipulate HTML data
In fact all the ingredients needed to dive into my own projects. “Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers” is undoubtedly one of the best resources to combine IT security pentesting and hacking with Python scripting.