Book Review: Gray Hat Python

I really liked this book. If you are new to fuzzing, exploit development or Immunity Debugger or IDA Pro this book will be worth  your time to check out. But, if you are already familiar with these topics, this book would be too introductory for you  and I would probably skip it.

This book covers quite a bit of ground in its 181 pages. From debuggers, and fuzzers to emulation, each topic is introduced  well enough that you will have good base knowledge to continue on from where the book ends.

In the first chapter, we get a Python refresher. I say refresher as this book does not attempt to teach you Python.  While none of the Python in the book is particularly difficult, if you don’t have a grasp of programming in general
then I would highly recommend learning Python first. If you do know Python, this first section definitely shouldn’t  be skipped as it also introduces the ctypes library which is used extensively throughout the rest of the book.

The next three chapters in the book focus on debuggers. They cover a bit of debugger design, including as how to write a Windows debugger from scratch all in Python. Different types of breakpoints are introduced and you learn how each works at a low level. The book then introduces the PyDbg framework and finishes the debugger chapters by introducing the
popular Immunity Debugger, which has Python scripting capabilities.

Moving on through the next few chapters, the book introduces us to function hooking and code injection. Both topics are given great explanations with plenty of code examples and uses, such as file hiding and backdoors. These two chapters also serve as a starting point for the following few chapters, introducing us to Fuzzing. Like the previous chapters, Justin Seitz walks us through creation of a fuzzer from scratch, before introducing us to the Sulley fuzzing framework. He then walks us through the construction of a simple network fuzzer to fuzz an FTP service. Our education in fuzzing ends with using the Immunity driverlib to fuzz a Windows driver.

Read My Review on Amazon
Review My Review on Goodreads

Leave a Reply