Goodreads helps you keep track of books you want to read.
Start by marking “Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers” as Want to Read:
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
Enlarge cover
Rate this book
Clear rating
Open Preview

Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

4.03  ·  Rating details ·  472 ratings  ·  30 reviews
Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation. Instead of relying on another attacker's tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, ...more
Paperback, 288 pages
Published November 22nd 2012 by Syngress Publishing (first published November 8th 2012)
More Details... Edit Details

Friend Reviews

To see what your friends thought of this book, please sign up.

Community Reviews

Showing 1-30
Average rating 4.03  · 
Rating details
 ·  472 ratings  ·  30 reviews

More filters
Sort order
Feb 02, 2015 rated it it was ok
This book is for beginner scripters seeking an intro to some useful python libraries.
For any depth (how those libraries work under the hood, for example), look elsewhere.
I was expecting more implementation, rather than just calling into other peoples code where all the fun has been abstracted out.
Consequently, most of the exercises over-promise and under-deliver.
The only reason I finished is because the simplicity made it a quick read.

Stuart Larsen
Jan 04, 2013 rated it it was amazing
The book is split into six main chapters, and an intro chapter. Each chapter focuses on a specific topic of cracking via python. I enjoyed some chapters more than others.

The first chapter was just an intro to python. I don't know if it's any good.

The second chapter was about building botnets with a few simple attack vectors, simple bruteforce cracking of ssh/ftp, cracking ssh keys, and interacting with metasploit.

The third chapter was forensic investigations w
Sep 24, 2013 rated it liked it
Me terminó de convencer en lo práctico que resulta Python. En cuanto a técnicas de hacking es algo básico, pero creo que apunta a eso. Aunque sea 2012, me parece que no está del todo actualizado. A excepción por hablar sobre Flame y su complejidad al evadir por más de dos años a todas las firmas de antivirus.
Pero como dije, me vendió uy bien Python como lenguaje simple y práctico.
Nov 07, 2013 rated it really liked it
Shelves: python, netsec, own
A joyful introduction to netsec using Python and its myriad of third party libraries as your toolbox. I highly recommend it! The examples are well executed and easy to comprehend (and easy to maintain and extend!)
Ahmed Sultan
Oct 26, 2016 rated it it was amazing
This book give you a really great idea about how to use python the smart way , few lines of codes on the fly make you avoid searching , installation or usage of many other tools
highly recommended for every pentrster
Oct 31, 2013 rated it it was amazing
Cool book if you want to know how to use python in security field. It mostly about smart usage of API and libraries but still cool and interesting.
May 26, 2019 rated it liked it
The book pops up every here and there over online forums whenever there is a question "How to begin" (/r/netsec for example).

* Pros:
- Author's humor makes the book really amusing to read, despite being a technical book.
- Almost every topic is inspired from a real event (such as Operation Aurora) or a common vulnerability / attack vector (such as FTP Anonymous), thus providing a lot of real life examples about how / why something is broken and what to do to exploit / patch
Scott Johnson
Apr 10, 2018 rated it it was amazing
This was an excellent transition book to learn how to build and detect exploits yourself. Typically, this sort of grey-hat manual goes no further than introducing script-kiddie tools like Metasploit, never telling you how to go one step further and add to them yourself.

It's very informative to structure this to follow well-known incidents, first explaining what happened and then showing how simple this is to translate into Python. It provides a much more down-to-earth and easy-to-fol
Cameron Smith
May 26, 2019 rated it did not like it
Outdated, poorly written, poorly formatted, and uninteresting. Very little context when new concepts are introduced, boring example projects, and absolutely no interaction between theory and implementation. This book will make you hate Python.
Chad Zody
Jun 22, 2017 rated it it was amazing
Python is the perfect language for quickly creating forensics tools. The language is easy to learn and has the power of classes. The book does a great job teaching beginners and is a great reference.
Ben Yu
Aug 31, 2018 rated it did not like it
Not very in-depth. Examples are a bunch of wrappers around existing libraries, sniffing over HTTP or simple webscraping...
Dec 20, 2014 rated it really liked it
This is a very interesting book. On this book Connor achieves a very difficult objective. The work it has done here is simultaneously broad, historical relevant and relatively deep in content while simplifying to the maximum the approach and the code developed. The language sits like a glove here as well as the frameworks chosen to tackle every single problem purposed. The author is a very pragmatic one and, as you'll see as soon as you read the book, knowledgeable one. I truly recommend this bo ...more
John Dideriksen
May 04, 2016 rated it really liked it
You should wrestle the violent python! It's filled with quick and easy language, fun anecdotes and very violent python snipplets. When combined with your own creativity and playfullness there's no end to just how easy you can unleash the python on your own network, your friends and your social media accounts.

The book takes you through 3rd party libraries for analysing network traffic, reading geo locations etc. All examples are simple, so if you're looking for sofisticated cookbook e
Paul Childs
Nov 05, 2014 rated it really liked it
Shelves: computers
This was a pretty interesting book on using Python for a variety of tasks that are mentioned in the title. I am relatively newto Python and found it to be a useful way to be introduced to how things can be done and what modules would be needed to do them.

In general I found the code in the book to be clear enough that I was able to follow it, and the concepts where easily understandable. There were times that I would have trouble with the code in a chapter which would lead to a couple
Dec 10, 2013 rated it liked it
It is written in a humorous writing style, which makes it a fun read.

However it feels like I am not the intended audience for this book. As an experienced python developer the coding parts seemed very trivial (it begins from the very basics). On the upside there are some interesting introductions to some third party libraries.
The security bits where often interesting and based of on real attacks, which I liked. However there were not much depth in explaining the attacks or the methology behind
Chetan Singh
Aug 08, 2014 rated it really liked it
First of all i would like to thanks TJ. O'Conner for writing this wonderful book i really enjoyed.
now i come to review
In this book the author has done wonderful job by taking excellent examples from past (infosec field) to demonstrate various tools and technique using the power of python language,
the codes are easy to understand and the example which author has chosen for this cook book add more excitement in the reader that not to stop reading this book, apart from the code an
Chuk Yong
Jun 21, 2015 rated it it was amazing
This is a fantastic book for anyone interested in starting onto the world of hacking.

You will need basic level of coding experience and understanding of computer security and networking because after the first chapter, it quickly gets going. It offers a fast track into various hacking techniques used in real world cases. Guiding the readers through how attacks were conducted and what he counter measurements necessary to mitigate them.

This is easily one of the most relevant and interesting book
Neal Aggarwal
Oct 21, 2013 rated it really liked it
An excellent resource that motivates many of my students to dive deeper into programming. That it uses python is even more up our street. The examples are skimpy and not 'real world' in any sense of the phrase but they get across a lot of ideas and open up a pathway that my students can then follow to further their knowledge of computer systems. My sequence in teaching computing is Learn Python the Hard Way >> Dive Into Python 3 >> This book >> The Elements of Computer Systems ...more
Jan 05, 2017 rated it really liked it
Shelves: cs
Nice book. TJ O'Connor's background is enough to make you want to read it. Although his prose can be vague or redundant, his python is quite interesting. For instance, I loved how he uses exceptions to output a successful match of a brute force password cracker, rather than loop until it equals x.

Another great reason to read this book is for the bibliography. It has some excellent references which will keep me busy for quite some time.
Tadas Talaikis
May 01, 2017 rated it really liked it
First chapter. No idea how to crack random generated passwords, when there are billions of billions of possible combinations.

On the other hand, after reading this book, got lots of information, doesn't matter it's on outdated Python 2.7, many even tech aware people use ridiculously idiotic short, one word passwords for wireless routers, password and crypto-wallets. With increasing "technologization", just one undetectable keylogger and someone can steal everything, not just data.
Marek Krajewski
Jan 05, 2017 rated it it was ok
Its a 2012 book, thus a little bit outdated, but nonetheless it shows you a collection of attack techniques. Repeating all the code at the end on a chapter is somehow irritating.

- Ironically, Guido's efforts to create a beginner friendly language for CS-newbies ended in Python being the best language for criminal hackers!
Hristo Deshev
Jan 19, 2013 rated it really liked it
First a warning -- don't expect to get some deep Python insights from this book. That isn't really the point. The book shines as a tour of the wide range of Python tools that you can use to wreak havoc (or defend against that) on your network.

I really enjoyed the parts on using scapy and dpkg to parse captured network packets, sniff them yourself, and craft your own ones.
George Silva
Dec 13, 2013 rated it liked it
i enjoyed this book. i did read it entirely, but i mostly liked to see s e of pythons dark side.

i knew some of the tools mentioned on this book, but i really did not know how much interesting they are. the author successfully combined pythons simple nature with classical security breaches examples.

its interesting, but not for beginners
Justin Andrusk
Dec 19, 2012 rated it liked it
Shelves: security
This book had a lot of good examples and I really liked the various modules that were incorporated for various use cases. The source code in the book could have been better aligned as in certain spots it was difficult to tell which section you were in given various indents. Overall I would recommend it.
Eduardo Hideo
Jul 21, 2013 rated it really liked it
bom livro para entender um pouco sobre invasões, ele conta a história de várias invasões e implementa o código em python.
Apesar do livro ser atual (2012), bugs surgem e são corrigidos a todo momento, então, esse assunto está sempre desatualizado.
Ruben Fonseca
Jul 07, 2013 rated it really liked it
Some things are overly simplified, but overall a good book that shows the simplicity of huge security holes in the past.
Sep 04, 2014 rated it it was amazing
It is exactly what I expected.
Concise and terse.
Jul 15, 2013 rated it liked it
Accidentally bought this with 1-click. It wasn't actually that bad though. Doesn't really cover much that is immediately useful to me, and I was already familiar with a lot of the material.
May 22, 2013 rated it it was amazing
Shelves: programming
Learned tons of new knowledge within these pages. Plus some working knowledge of the network. It is a very good book for python programmers to make a step from primary to intermediate.
Vlad Gostom
rated it really liked it
May 10, 2015
« previous 1 3 4 5 6 7 8 9 next »
There are no discussion topics on this book yet. Be the first to start one »

Readers also enjoyed

  • Gray Hat Python: Python Programming for Hackers and Reverse Engineers
  • Metasploit: The Penetration Tester's Guide
  • Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software
  • The Practice of Network Security Monitoring: Understanding Incident Detection and Response
  • The Tangled Web: A Guide to Securing Modern Web Applications
  • The IDA Pro Book: The Unofficial Guide to the World's Most Popular Disassembler
  • Reversing: Secrets of Reverse Engineering
  • The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory
  • Gray Hat Hacking: The Ethical Hacker's Handbook
  • Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
  • Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems
  • Security Engineering: A Guide to Building Dependable Distributed Systems
  • The Hacker Playbook 2: Practical Guide To Penetration Testing
  • The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
  • Windows® Internals, Part 1: Covering Windows Server® 2008 R2 and Windows 7
  • The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy
  • Hacking: The Art of Exploitation
  • Red Team Field Manual (RTFM)
See similar books…

Goodreads is hiring!

If you like books and love to build cool products, we may be looking for you.
Learn more »
TJ O'Connor is a Department of Defense expert on information security and a US Army paratrooper. While assigned as an assistant professor at the US Military Academy, TJ taught undergraduate courses on forensics, exploitation and information assurance. He twice co-coached the winning team at the National Security Agency's annual Cyber Defense Exercise and won the National Defense University's first ...more
“Storm’s Fast-Flux and Conficker’s Domain-Flux In 2007, security researchers identified a new technique used by the infamous Storm botnet (Higgins, 2007). The technique, named fast-flux, used domain name service (DNS) records to hide the command and control servers that controlled the Storm botnet. DNS records typically translate a domain name to an IP address. When a DNS server returns a result, it also specifies the TTL that the IP address remains valid for before the host should check again. The attackers behind the Storm botnet changed the DNS records for the command-and-control server rather frequently. In fact, they used 2,000 redundant hosts spread amongst 384 providers in more than 50 countries (Lemos, 2007). The attackers swapped the IP addresses for the command-and-control server frequently and ensured the DNS results returned with a very short TTL. This fast-flux of IP addresses made it difficult for security researchers to identify the command-and-control servers for the botnet and even more difficult to take the servers offline. While fast-flux proved difficult in the takedown of the Storm botnet, a similar technique used the following year aided in the infection of seven million computers in over two hundred countries (Binde et al., 2011). Conficker, the most successful computer worm to date, spread by attacking a vulnerability in the Windows Service Message Block (SMB) protocol. Once infected, the vulnerable machines contacted a command-and-control server for further instructions. Identifying and preventing communication with the command-and-control server proved absolutely necessary for those involved with stopping the attack. However, Conficker generated different domain names every three hours, using the current date and time at UTC. For the third iteration of Conficker, this meant 50,000 domains were generated every three hours. Attackers registered only a handful of these domains to actual IP addresses for the command-and-control servers. This made intercepting and preventing traffic with the command-and-control server very difficult. Because the technique rotated domain names, researchers named it domain-flux. In the following section, we will write some Python scripts to detect fast-flux and domain-flux in the wild to identify attacks.” 0 likes
More quotes…