 |
| Gray Hat Python (Python Programming for Hackers and Reverse Engineers) by Justin Seitz |
Books Title: Gray Hat Python (Python Programming for Hackers and Reverse Engineers)
Author's: Justin Seitz
Publisher: William Pollock
Author's: Justin Seitz
Publisher: William Pollock
Contents:
Chapter 1: SETTING UP YOUR DEVELOPMENT ENVIRONMENT
1.1 Operating System Requirements
1.2 Obtaining and Installing Python 2.5
1.2.1 Installing Python on Windows
1.2.2 Installing Python for Linux
1.3 Setting Up Eclipse and PyDev
1.3.1 The Hacker’s Best Friend: ctypes
1.3.2 Using Dynamic Libraries
1.3.3 Constructing C Datatypes
1.3.4 Passing Parameters by Reference
1.3.5 Defining Structures and Unions
Chapter 2: DEBUGGERS AND DEBUGGER DESIGN
2.1 General-Purpose CPU Registers
2.2 The Stack
2.3 Debug Events
2.4 Breakpoints
2.4.1 Soft Breakpoints
2.4.2 Hardware Breakpoints
2.4.3 Memory Breakpoints
Chapter 3: BUILDING A WINDOWS DEBUGGER
3.1 Debuggee, Where Art Thou?
3.2 Obtaining CPU Register State
3.2.1 Thread Enumeration
3.2.2 Putting It All Together
3.3 Implementing Debug Event Handlers
3.4 The Almighty Breakpoint
3.4.1 Soft Breakpoints
3.4.2 Hardware Breakpoints
3.4.3 Memory Breakpoints
3.5 Conclusion
Chapter 4: PYDBG—A PURE PYTHON WINDOWS DEBUGGER
4.1 Extending Breakpoint Handlers
4.2 Access Violation Handlers
4.3 Process Snapshots
4.3.1 Obtaining Process Snapshots
4.3.2 Putting It All Together
Chapter 5: MMUNITY DEBUGGER—THE BEST OF BOTH WORLDS
5.1 Installing Immunity Debugger
5.2 Immunity Debugger 101
5.2.1 PyCommands
5.2.2 PyHooks
5.3 Exploit Development
5.3.1 Finding Exploit-Friendly Instructions
5.3.2 Bad-Character Filtering
5.3.3 Bypassing DEP on Windows
5.4 Defeating Anti-Debugging Routines in Malware
5.4.1 IsDebuggerPresent
5.4.2 Defeating Process Iteration
Chapter 6: HOOKING
6.1 Soft Hooking with PyDbg
6.2 Hard Hooking with Immunity Debugger
Chapter 7: DLL AND CODE INJECTION
7.1 Remote Thread Creation
7.1.1 DLL Injection
7.1.2 Code Injection
7.2 Getting Evil
7.2.1 File Hiding
7.2.2 Coding the Backdoor
7.2.3 Compiling with py2exe
Chapter 8: FUZZING
8.1 Bug Classes
8.1.1 Buffer Overflows
8.1.2 Integer Overflows
8.1.3 Format String Attacks
8.2 File Fuzzer
8.3 Future Considerations
8.3.1 Code Coverage
8.3.2 Automated Static Analysis
Chapter 9: SULLEY
9.1 Sulley Installation
9.2 Sulley Primitives
9.2.1 Strings
9.2.2 Delimiters
9.2.3 Static and Random Primitives
9.2.4 Binary Data
9.2.5 Integers
9.2.6 Blocks and Groups
9.3 Slaying WarFTPD with Sulley
9.3.1 FTP 101
9.3.2 Creating the FTP Protocol Skeleton
9.3.3 Sulley Sessions
9.3.4 Network and Process Monitoring
9.3.5 Fuzzing and the Sulley Web Interface
Chapter 10: FUZZING WINDOWS DRIVERS
10.1 Driver Communication
10.2 Driver Fuzzing with Immunity Debugger
10.3 Driverlib—The Static Analysis Tool for Drivers
10.3.1 Discovering Device Names
10.3.2 Finding the IOCTL Dispatch Routine
10.3.3 Determining Supported IOCTL Codes
10.4 Building a Driver Fuzzer
Chapter 11: IDAPYTHON—SCRIPTING IDA PRO
11.1 IDAPython Installation
11.2 IDAPython Functions
11.2.1 Utility Functions
11.2.2 Segments
11.2.3 Functions
11.2.4 Cross-References
11.2.5 Debugger Hooks
11.3 Example Scripts
11.3.1 Finding Dangerous Function Cross-References
11.3.2 Function Code Coverage
11.3.3 Calculating Stack Size
Chapter 12: PYEMU—THE SCRIPTABLE EMULATOR
12.1 Installing PyEmu
12.2 PyEmu Overview
Comments
Post a Comment