Book Review: Gray Hat Python

With python being a language of choice for hackers and reverse engineers, Gray Hat Python gives an insight into using the python programming language and pre-built python tools within its covers ,saving time and effort looking on the web.

While the installation methods for Python and its tools are shown in the early chapter for both Linux and windows OS, the rest of the book uses more of Python on windows OS. There is a exclusive chapter devoted to the theory behind building a windows debugger in Python before going to discussing about PyDbg and Immunity debuggers.

Examples of usage of techniques such as soft and hard hooking,dll and code injection and fuzzing are explained in simple ways. After discussing the basics of fuzzing and the sulley fuzzing framework, Immunity debugger is used to demonstrate windows driver fuzzing. One of the important tips from the book is to do the fuzzing demonstrations or experimentation on virtual machines so the appearance of the “blue screen of death” is not a significant issue.

One of the last topics of discussion revolves around using Ida Python in the disassembler IDA Pro 5.2 with examples of scripts. The book ends with description and usage of PyEmu- a pure Python IA32 emulator that allows a developer to use Python to drive CPU emulation tasks.

This sums up the review of this concise book of barely 190 pages covering usage of python for reverse engineering and hacking. With a bare-bones approach for the topic, the book does enough to get the interested novice up to a decent level of expertise. There is also lot of information useful for the advanced professionals looking for some fresh approach. The interested readers would do well to have sound theoretical concepts to put the tips and examples in this book to good use.