Python For Hackers
Python For Hackers
About the Book
Learn the secrets of hackers with practical examples
How to brute force a password using a dictionary
How to predict user sessions and steal data from other users
Directory Transversal: How to steal the passwords file
XSS attack : How to steal the user’s cookie
SQL injection: Destroy user data with a well crafted SQL query!
Stack overflow: Force the system to log you in, even with the wrong password
A simulation of the Heartbleed bug: Read hidden & secret data
Heap overflow: Read a secret file you are banned from reading, by overflowing the internal memory buffers
How to prevent all the attacks above
General principles on writing secure code
How to store passwords safely
How code is compiled, how we go from high level to assembly to machine language.
You will be provided a virtual machine with all the code, so you can start practicing immediately.
Ready to start hacking?
- 1. Introduction
I Part 1
2. Setting Up Your System
- 2.1 Starting the virtual machine
- 2.2 Selenium and Pydriver
3. Brute Force Dictionary Attack
- 3.1 Preventing brute force attacks
4. Session Prediction Attack
- 4.1 Preventing Session prediction
5. Directory Transversal attack
- 5.1 Preventing directory transversal
6. Cross Site Scripting
- 6.1 Stealing the user cookie
- 6.2 Preventing XSS attacks
- 7. SQL Code Injection
8. Principles of Secure Coding
- 8.1 Never trust user input
- 8.2 Don’t roll your own solution
- 8.3 Don’t do security by obscurity
- 8.4 Follow good software engineering practices
- 8.5 Keep the design simple
- 8.6 Each component must have its own security
- 8.7 Default deny
- 8.8 Update all your software regularly
- 8.9 Finally, if you can afford it, have an external security audit
9. Storing Passwords safely
- 9.1 Rainbow attacks, or the problem with just encrypting
- 9.2 Salting
- 2. Setting Up Your System
II Part 2
10. From C to assembly to machine code
- 10.1 A 5 minute guide to C
- 10.2 The compilation process
- 11. Stack Overflow
- 12. A simulation of the Heartbleed bug
- 13. Heap Overflow
14. Preventing Overflow attacks
- 14.1 Practical ways to stop stack/heap based attacks
- 15. Conclusion
- 10. From C to assembly to machine code
The Leanpub 45-day 100% Happiness Guarantee
Within 45 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.
See full terms
Free Updates. DRM Free.
If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).
Most Leanpub books are available in PDF (for computers), EPUB (for phones and tablets) and MOBI (for Kindle). The formats that a book includes are shown at the top right corner of this page.
Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.
El Manual del ManagerKeyvan Akbary, Félix López, and Álvaro Salazar
¿Has deseado alguna vez el haber tenido una buena introducción al rol del Engineering Manager? En este libro aprenderás lo necesario para ejercer el rol de una manera efectiva: Expectativas y Responsabilidades del Rol, 1-1s, Ayudar a Crecer, Objetivos, Planes de Carrera, Cultura, Feedback, Contratación, Cultura de Producto y mucho más.
Functional Design and ArchitectureAlexander Granin
Software Design in Functional Programming, Design Patterns and Practices, Methodologies and Application Architectures. How to build real software in Haskell with less efforts and low risks. The first complete source of knowledge.
Ansible for KubernetesJeff Geerling
Ansible is a powerful infrastructure automation tool. Kubernetes is a powerful application deployment platform. Learn how to use these tools to automate massively-scalable, highly-available infrastructure.
CCIE Service Provider Version 4 Written and Lab Exam Comprehensive GuideNicholas Russo
The service provider landscape has changed rapidly over the past several years. Networking vendors are continuing to propose new standards, techniques, and procedures for overcoming new challenges while concurrently reducing costs and delivering new services. Cisco has recently updated the CCIE Service Provider track to reflect these changes; this book represents the author's personal journey in achieving that certification.
CCIE SP v4.1 - WorkbookŁukasz Bromirski, Piotr Jablonski, and Nicholas Russo
Are you striving to prepare to and pass CCIE SP lab exam? Take the opportunity and get this workbook! With the attached initial cfg files you will prepare yourself for the CCIE SP exam as well as learn SP technologies applicable to all kinds of today modern networks! This workbook covers blueprint topics and provides challenging examples.
Practical FP in Scala: A hands-on approachGabriel Volpe
A practical book aimed for those familiar with functional programming in Scala who are yet not confident about architecting an application from scratch.
Together, we will develop a purely functional application using the best libraries in the Cats ecosystem, while learning about design patterns and best practices.
Ansible for DevOpsJeff Geerling
Ansible is a simple, but powerful, server and configuration management tool. Learn to use Ansible effectively, whether you manage one server—or thousands.
C++ Best PracticesJason Turner
Level up your C++, get the tools working for you, eliminate common problems, and move on to more exciting things!
Tame your Work FlowSteve Tendon and Daniel Doiron
Do you need a high performance enterprise governance approach improving management, execution and delivery while dealing with multiple projects/products, events, stakeholders and teams? Giving you better bottom line results, faster time to market, less work, better predictability, happier employees, and delighted clients? Then learn about TameFlow!
R Programming for Data ScienceRoger D. Peng
This book brings the fundamentals of R programming to you, using the same material developed as part of the industry-leading Johns Hopkins Data Science Specialization. The skills taught in this book will lay the foundation for you to begin your journey learning data science. Printed copies of this book are available through Lulu.
11 BooksThe Quality Software Bundle is for managers, would-be managers, and any of us who find themselves being managed and confused. This comprehensive bundle covers the entire span of software development approaches, from hacking through waterfall, cascade, prototyping, Iterative enhancement, reusable code, off-the-shelf, to Agile teams. The bundle...
The Node.js Bundle
3 BooksThis bundle combines three bestselling Leanpub Node.js books into a package that gives you everything you need to get started with developing Node.js applications at an unbeatable price.
The Tester's Library
8 BooksThe Tester's Library consists of eight five-star books that every software tester should read and re-read. As bound books, this collection would cost over $200. Even as e-books, their price would exceed $80, but in this bundle, their cost is only $49.99. Here are the books, and why they should be in your library: Perfect Software and Other...
11 BooksIn this bundle, you will find 10 different agile books. They are about different aspects of being agile. - finding a job - doing coding dojo's - Retrospectives - Personal kanban - a non-typical coaching book and even a book that gives you an insight in the lives of some agile people.
WTFlop 6M + HU - Beta Bundle
Growing Agile: Coach's Guide Series
4 BooksThis bundle provides a collection of training and workshop plans for a variety of agile topics. The series is aimed at agile coaches, trainers and ScrumMasters who often find themselves needing to help teams understand agile concepts. Each book in the series provides the plans, slides, handouts and activity instructions to run a number of...
Marionette.js A to Z
Complete Scala Bundle
3 BooksScala is a general-purpose programming language and it's getting extremely popular these days. Some say that learning Scala could be a challenging task. My experience, however, suggests that this is actually a myth that has very little to do with reality. With the right approach, learning Scala can be easy, fun and rewarding.The first book from...
Build A Better Backbone App
3 BooksThe best way to learn new development skills is through experience, but that takes time you don't have.Get the best of both worlds with this bundle: you'll learn how to produce modern web applications by learning from experienced developers like Derick Bailey and David Sulc. BackboneJS is one of the favorite tools on the web today, but it...
People Skills—Soft but Difficult
7 BooksPerhaps you've been told that "lack of people skills" has been holding you back. No wonder: you may have had hundreds of hours of technical training, but little or no "people skills" guidance.You've heard it said that people skills are "soft," whereas technical skills are "hard." For you, though, technical skills are "easy," but people skills...