Goodreads helps you keep track of books you want to read.
Start by marking “Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers” as Want to Read:
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
Enlarge cover
Rate this book
Clear rating
Open Preview

Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

4.05 of 5 stars 4.05  ·  rating details  ·  174 ratings  ·  21 reviews
''Python is a hacker's language. With its decreased complexity, increased efficiency, limitless third-party libraries, and low bar to entry, Python provides an excellent development platform to build your own offensive tools. If you are running Mac OS X or
ebook, 289 pages
Published December 1st 2012 by Syngress Publishing (first published November 8th 2012)
more details... edit details

Friend Reviews

To see what your friends thought of this book, please sign up.

Reader Q&A

To ask other readers questions about Violent Python, please sign up.

Be the first to ask a question about Violent Python

This book is not yet featured on Listopia. Add this book to your favorite list »

Community Reviews

(showing 1-30 of 738)
filter  |  sort: default (?)  |  rating details
Stuart Larsen
The book is split into six main chapters, and an intro chapter. Each chapter focuses on a specific topic of cracking via python. I enjoyed some chapters more than others.

The first chapter was just an intro to python. I don't know if it's any good.

The second chapter was about building botnets with a few simple attack vectors, simple bruteforce cracking of ssh/ftp, cracking ssh keys, and interacting with metasploit.

The third chapter was forensic investigations with python. Honestly my favorite par
This book is for beginner scripters seeking an intro to some useful python libraries.
For any depth (how those libraries work under the hood, for example), look elsewhere.
I was expecting more implementation, rather than just calling into other peoples code where all the fun has been abstracted out.
Consequently, most of the exercises over-promise and under-deliver.
The only reason I finished is because the simplicity made it a quick read.

The editing has some minor annoyances - code th
This is a very interesting book. On this book Connor achieves a very difficult objective. The work it has done here is simultaneously broad, historical relevant and relatively deep in content while simplifying to the maximum the approach and the code developed. The language sits like a glove here as well as the frameworks chosen to tackle every single problem purposed. The author is a very pragmatic one and, as you'll see as soon as you read the book, knowledgeable one. I truly recommend this bo ...more
Me terminó de convencer en lo práctico que resulta Python. En cuanto a técnicas de hacking es algo básico, pero creo que apunta a eso. Aunque sea 2012, me parece que no está del todo actualizado. A excepción por hablar sobre Flame y su complejidad al evadir por más de dos años a todas las firmas de antivirus.
Pero como dije, me vendió uy bien Python como lenguaje simple y práctico.
Bengt Ericsson
A joyful introduction to netsec using Python and its myriad of third party libraries as your toolbox. I highly recommend it! The examples are well executed and easy to comprehend (and easy to maintain and extend!)
Cool book if you want to know how to use python in security field. It mostly about smart usage of API and libraries but still cool and interesting.
enjoyed sections on forensics and social network scraping. some questionable coding practice, beginners be wary.

n.b. this book uses python 2.6.5
Chetan Singh
First of all i would like to thanks TJ. O'Conner for writing this wonderful book i really enjoyed.
now i come to review
In this book the author has done wonderful job by taking excellent examples from past (infosec field) to demonstrate various tools and technique using the power of python language,
the codes are easy to understand and the example which author has chosen for this cook book add more excitement in the reader that not to stop reading this book, apart from the code and examples the lan
Paul Childs
This was a pretty interesting book on using Python for a variety of tasks that are mentioned in the title. I am relatively newto Python and found it to be a useful way to be introduced to how things can be done and what modules would be needed to do them.

In general I found the code in the book to be clear enough that I was able to follow it, and the concepts where easily understandable. There were times that I would have trouble with the code in a chapter which would lead to a couple of hours go
Chuk Yong
This is a fantastic book for anyone interested in starting onto the world of hacking.

You will need basic level of coding experience and understanding of computer security and networking because after the first chapter, it quickly gets going. It offers a fast track into various hacking techniques used in real world cases. Guiding the readers through how attacks were conducted and what he counter measurements necessary to mitigate them.

This is easily one of the most relevant and interesting book
Christopher Käck
It is written in a humorous writing style, which makes it a fun read.

However it feels like I am not the intended audience for this book. As an experienced python developer the coding parts seemed very trivial (it begins from the very basics). On the upside there are some interesting introductions to some third party libraries.
The security bits where often interesting and based of on real attacks, which I liked. However there were not much depth in explaining the attacks or the methology behind
Neal Aggarwal
An excellent resource that motivates many of my students to dive deeper into programming. That it uses python is even more up our street. The examples are skimpy and not 'real world' in any sense of the phrase but they get across a lot of ideas and open up a pathway that my students can then follow to further their knowledge of computer systems. My sequence in teaching computing is Learn Python the Hard Way >> Dive Into Python 3 >> This book >> The Elements of Computer Systems ...more
Hristo Deshev
First a warning -- don't expect to get some deep Python insights from this book. That isn't really the point. The book shines as a tour of the wide range of Python tools that you can use to wreak havoc (or defend against that) on your network.

I really enjoyed the parts on using scapy and dpkg to parse captured network packets, sniff them yourself, and craft your own ones.
George Silva
i enjoyed this book. i did read it entirely, but i mostly liked to see s e of pythons dark side.

i knew some of the tools mentioned on this book, but i really did not know how much interesting they are. the author successfully combined pythons simple nature with classical security breaches examples.

its interesting, but not for beginners
Justin Andrusk
This book had a lot of good examples and I really liked the various modules that were incorporated for various use cases. The source code in the book could have been better aligned as in certain spots it was difficult to tell which section you were in given various indents. Overall I would recommend it.
Eduardo Hideo
bom livro para entender um pouco sobre invasões, ele conta a história de várias invasões e implementa o código em python.
Apesar do livro ser atual (2012), bugs surgem e são corrigidos a todo momento, então, esse assunto está sempre desatualizado.
Accidentally bought this with 1-click. It wasn't actually that bad though. Doesn't really cover much that is immediately useful to me, and I was already familiar with a lot of the material.
Learned tons of new knowledge within these pages. Plus some working knowledge of the network. It is a very good book for python programmers to make a step from primary to intermediate.
Ruben Fonseca
Some things are overly simplified, but overall a good book that shows the simplicity of huge security holes in the past.
An excellent introduction! It's pretty useful as a cookbook too.
It is exactly what I expected.
Concise and terse.
Hicham added it
Jul 05, 2015
Jon marked it as to-read
Jul 01, 2015
Lucas Teixeira
Lucas Teixeira marked it as to-read
Jul 01, 2015
Ian Campbell
Ian Campbell marked it as to-read
Jun 30, 2015
Equinox marked it as to-read
Jun 30, 2015
Tkachev Eugene
Tkachev Eugene marked it as to-read
Jun 29, 2015
« previous 1 3 4 5 6 7 8 9 24 25 next »
There are no discussion topics on this book yet. Be the first to start one »
  • Gray Hat Python: Python Programming for Hackers and Reverse Engineers
  • Metasploit: The Penetration Tester's Guide
  • Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
  • The Tangled Web: A Guide to Securing Modern Web Applications
  • The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy
  • Reversing: Secrets of Reverse Engineering
  • Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
  • The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
  • File System Forensic Analysis
  • The Shellcoder's Handbook: Discovering and Exploiting Security Holes
  • Gray Hat Hacking: The Ethical Hacker's Handbook
  • The Art of Software Security Assessment: Identifying and Avoiding Software Vulnerabilities
  • The Practice of Network Security Monitoring: Understanding Incident Detection and Response
  • Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems
  • Rtfm: Red Team Field Manual
  • Hacking: The Art of Exploitation
  • Security Engineering: A Guide to Building Dependable Distributed Systems
  • Writing Secure Code

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »
TJ O'Connor is a Department of Defense expert on information security and a US Army paratrooper. While assigned as an assistant professor at the US Military Academy, TJ taught undergraduate courses on forensics, exploitation and information assurance. He twice co-coached the winning team at the National Security Agency's annual Cyber Defense Exercise and won the National Defense University's first ...more
More about T.J. O'Connor...

Share This Book

“Storm’s Fast-Flux and Conficker’s Domain-Flux In 2007, security researchers identified a new technique used by the infamous Storm botnet (Higgins, 2007). The technique, named fast-flux, used domain name service (DNS) records to hide the command and control servers that controlled the Storm botnet. DNS records typically translate a domain name to an IP address. When a DNS server returns a result, it also specifies the TTL that the IP address remains valid for before the host should check again. The attackers behind the Storm botnet changed the DNS records for the command-and-control server rather frequently. In fact, they used 2,000 redundant hosts spread amongst 384 providers in more than 50 countries (Lemos, 2007). The attackers swapped the IP addresses for the command-and-control server frequently and ensured the DNS results returned with a very short TTL. This fast-flux of IP addresses made it difficult for security researchers to identify the command-and-control servers for the botnet and even more difficult to take the servers offline. While fast-flux proved difficult in the takedown of the Storm botnet, a similar technique used the following year aided in the infection of seven million computers in over two hundred countries (Binde et al., 2011). Conficker, the most successful computer worm to date, spread by attacking a vulnerability in the Windows Service Message Block (SMB) protocol. Once infected, the vulnerable machines contacted a command-and-control server for further instructions. Identifying and preventing communication with the command-and-control server proved absolutely necessary for those involved with stopping the attack. However, Conficker generated different domain names every three hours, using the current date and time at UTC. For the third iteration of Conficker, this meant 50,000 domains were generated every three hours. Attackers registered only a handful of these domains to actual IP addresses for the command-and-control servers. This made intercepting and preventing traffic with the command-and-control server very difficult. Because the technique rotated domain names, researchers named it domain-flux. In the following section, we will write some Python scripts to detect fast-flux and domain-flux in the wild to identify attacks.” 0 likes
More quotes…