Python For Hackers
Python For Hackers
Minimum price
Suggested price
Python For Hackers

Last updated on 2015-07-23

About the Book

Learn the secrets of hackers with practical examples

  • How to brute force a password using a dictionary

  •  How to predict user sessions and steal data from other users

  •  Directory Transversal: How to steal the passwords file

  •  XSS attack : How to steal the user’s cookie

  •  SQL injection: Destroy user data with a well crafted SQL query!

  •  Stack overflow: Force the system to log you in, even with the wrong password

  •  A simulation of the Heartbleed bug: Read hidden & secret data

  •  Heap overflow: Read a secret file you are banned from reading, by overflowing the internal memory buffers

and more:

  • How to prevent all the attacks above

  • General principles on writing secure code

  • How to store passwords safely

  • How code is compiled, how we go from high level to assembly to machine language.

You will be provided a virtual machine with all the code, so you can start practicing immediately.

Ready to start hacking?

About the Author

Shantnu Tiwari
Shantnu Tiwari

Shantnu trained as an Electronics Engineer, and spent several years working with low level code, including DSPs,  embedded systems and embedded Linux.

  Soon, he grew disillusioned by fixing dangling pointers, memory leaks, race conditions, bugs which only appeared once every two weeks.

In desperation, Shantnu threw up his hands and said, “Lord! Is there more than life to this?”

And that night, SpongBob SquarePants appeared in his dream. “My son,” he said, “try Python. It will fix all your problems.”

And Shantnu did, and lo! All was well.

And now, Shantnu is sharing the love…

Table of Contents

    • 1. Introduction
  • I Part 1
    • 2. Setting Up Your System
      • 2.1 Starting the virtual machine
      • 2.2 Selenium and Pydriver
    • 3. Brute Force Dictionary Attack
      • 3.1 Preventing brute force attacks
    • 4. Session Prediction Attack
      • 4.1 Preventing Session prediction
    • 5. Directory Transversal attack
      • 5.1 Preventing directory transversal
    • 6. Cross Site Scripting
      • 6.1 Stealing the user cookie
      • 6.2 Preventing XSS attacks
    • 7. SQL Code Injection
    • 8. Principles of Secure Coding
      • 8.1 Never trust user input
      • 8.2 Don’t roll your own solution
      • 8.3 Don’t do security by obscurity
      • 8.4 Follow good software engineering practices
      • 8.5 Keep the design simple
      • 8.6 Each component must have its own security
      • 8.7 Default deny
      • 8.8 Update all your software regularly
      • 8.9 Finally, if you can afford it, have an external security audit
    • 9. Storing Passwords safely
      • 9.1 Rainbow attacks, or the problem with just encrypting
      • 9.2 Salting
  • II Part 2
    • 10. From C to assembly to machine code
      • 10.1 A 5 minute guide to C
      • 10.2 The compilation process
    • 11. Stack Overflow
    • 12. A simulation of the Heartbleed bug
    • 13. Heap Overflow
    • 14. Preventing Overflow attacks
      • 14.1 Practical ways to stop stack/heap based attacks
    • 15. Conclusion

The Leanpub 45-day 100% Happiness Guarantee

Within 45 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

See full terms...

Write and Publish on Leanpub

Authors, publishers and universities use Leanpub to publish amazing in-progress and completed books and courses, just like this one. You can use Leanpub to write, publish and sell your book or course as well! Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks. Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. It really is that easy.

Learn more about writing on Leanpub