Audience: Existing programmers, preferably in Python
Reviewer: Mike James
Given its title, you can tell that this book is a little unusual. Its subtitle, A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers, only gives you a clue as to the area it tackles. So what is it about?
The idea seems to be that you can learn about security problems by reproducing famous attacks from the past. I can't say that I like the ethics of a book that shows how to crack passwords and mount a DOS attack in terms so simple that beginners can follow. It is a bit like providing the instructions on how to make a bomb or commit some other terrible assault on society. However, there are some good reasons for doing it. The most obvious is that by understanding how attacks work you can avoid them. There is also the sad fact that apart from books about "hacking" there isn't very much published on the lower level practical aspects of programming. So let's forget for a moment any special interest groups and see what this book has to offer the general reader.
The first chapter sets up the basic ideas of Python and why it might be a good approach to this sort of task. There is an introduction to Python but it is very rapid and covers only the minimum. It might be enough if you already program, but being able to program in Python at least a little is a prerequisite for reading this book. The first examples are about using a dictionary to crack a password and a Zipfile brute force cracker. The examples throughout the book are motivated by short potted histories of "famous" hacks. For example, in the case of the dictionary attack on a password the reference is to The Cuckoo's Egg, a well-known book describing an early break in to a Unix system. This does at least give you the feeling that you are creating programs that were "dangerous" in the past even if things have moved on since.
Chapter 2 is about penetration testing with Python and here we learn how to build a port scanner before moving on to see how to use Nmap. Other topics include SSH, FTP and Conflicker and a bit about stack overflow attacks. Python is great for scanning and password cracking, but not so good for tasks that really need native code. Chapter 3 moves on to forensic investigations and this has a lot of generally useful information about extracting WiFi location information from the Windows registry, undelete files. reading metadata in images and various other application files including Skype and Firefox. Chapter 4 goes back to networking with a look at traffic analysis, Chapter 5 extends the work to WiFi, Chapter 6 looks at working with the web and Chapter 7 dips into antivirus evasion.
Most of the work of the examples is done using Python libraries and so you often don't get to see the low level details. However, you do get to see how to use the libraries and the same techniques could be useful. There are aspects of the code as presented that could be a problem. For example, threading is used but with no discussion of locks etc and no discussion of the problems Python has with multi-threading. There is also no help with error handling or debugging. If you are a skilled programmer then you can add these missing details for yourself. If you are not then the result is likely to be a mess somewhere down the line. Some of the examples also have simple mistakes that would confuse the beginner.
So from a learning Python point of view there are a few problems with this book. However if you know enough programming then it does show you with the help of libraries how Python can be used to create tools that can react to an on-going attack and extract information about what is happening.
The little bits of history that were thrown in were also fun and helped set the scene and make you feel that you were doing something real - even if the original loop holes had long been closed. You could take the attitude that showing how to do things that have no real relevance anymore is a bit of a cheat. What is more worrying is that some of the techniques could be used against naive users or to cause mischief- for example a DOS attack on a work station within the local network.
If you already know a lot about practical security matters than this book is going to be too impractical for you but if you program and are interested then it's a lot of fun.