New to infosec – Python

Viewing 9 reply threads
  • Author
    Posts
    • #7452
      Trebin
      Participant

      I am new to infosec and I was going to read Gray Hat Python but a lot of the reviews said the code doesn’t work. I am also studying for the CEH and was looking for a good set of books to read to learn python, understand hacking from a hackers perspective and help with ethical hacking in general. I have access to most of the CEH books so I am not too worried about those. I am really looking for a list or group of must read books for ethical hacking to understand the enemy in 2012.

    • #46528
      cd1zz
      Participant

      Grey Hat Python is a great book, if the code “doesn’t work” they don’t have the desire or aptitude to make it work. If you want to understand “hacking” there are a million books to read. I would start with Counter Hack Reloaded, it will open your eyes. From there, decide what you’re interested in… and report back. This is a lifestyle and commitment, not just a profession 😉

    • #46529
      dynamik
      Participant

      What is your current skill level with Python, assembly, etc.? If you’re just starting out, writing our own debugger and fuzzing drivers isn’t the best way to learn the basics. Check out Coding for Penetrations for a good introduction into what you’re looking for (I’ll be providing a review shortly): http://syngress.com/hacking-and-penetration-testing/Coding-for-Penetration-Testers/

      The O’Reilly Python Cookbook is also good for reviewing examples of functional code.

    • #46530
      unicityd
      Participant

      You say that you’re new to information security, but you don’t say what your other skills are.  The advice that people can give you really depends on the CS/IT background that you already have.  If you’re also new to IT, you should start with books on system/network administration and programming.  If you’re already an accomplished programmer, Cisco guru, or sysadmin, you can pick a security book that relates to your existing experience and jump right in. 

      If you’re already strong in networking concepts you might want to grab Network Intrusion Detection by Stephen Northcutt (a little dated, but good), The Tao of Network Security Monitoring by Richard Beijtlich, or Snort IDS and IPS Toolkit by Jay Beale.  If your interest is in Cisco, the Hacking Exposed: Cisco book may suit you.

      If you have system administration experience, you may want to grab one of the Hacking Exposed volumes or Counter Hack as recommended above (I haven’t read that one).

      If you’re interested in application security, check out this reading list by Dino Dai Zovi (one of the top appsec researchers):

      http://www.amazon.com/A-Bug-Hunters-Reading-List/lm/R21POHD6Y2DOLQ

    • #46531
      Trebin
      Participant

      I have some experience with networking, working on the ccent now and also have some experience in programming. Python is what they are going to be using at work so that is one of the reasons I picked that one. I have some experience with the sys admin side of things and also with IA and compliance. I will look up some of the books here and use that as a start.

    • #46532
      unicityd
      Participant

      Python is a good language.  It’s clean, powerful, and you can develop apps quickly with it.  I used to build all of my small or one-shot apps in Perl, but I switched to Python a while back.  It’s easier to read/maintain which is particularly important to me since I don’t code on a daily basis anymore. 

      You should also learn enough C  that you can at least read basic code with some proficiency; it will be helpful for solving compilation problems, understanding exploit code, and reading some articles. 

      As far as understanding the enemy, you should check out the papers from the Honeynet project titled “Know Your Enemy”:

      http://www.honeynet.org/papers

    • #46533
      Anonymous
      Participant

      securitytube has just released a python course so if your still trying to learn maybe of interest

    • #46534
      ambient
      Participant

      @cd1zz wrote:

      I would start with Counter Hack Reloaded, it will open your eyes.

      I agree with cd1zz. Counter Hack Reloaded is great. If I could go back to the time I started in infosec, I would choose this one. Ed Skoudis is a great instructor.

    • #46535
      mesho
      Participant

      I’ve a different opinion than others!

      you should start with more basic Programming/Linux books before digging deeply in InfoSec..

      i would suggest the following respectively:
      * Practical Guide To Linux
      * Advanced Shell Scripting (Free) from the tldp.org
      * Learn Python the Hard Way (Free)
      * Dive into Python (Free)
      * The C Programming Language
      * Programming from the groundup (Free)
      * PC Assemly (Free)
      * Art of Exploitation 2nd edition
      * ShellCoder handbook 2nd edition
      * Secret of Reverse Engineering

      then you may consider to read the Gray Hat Python  ;D

    • #46536
      magxtopher
      Participant

      Hey,
      THE BASICS OF HACKING AND PENETRATION TESTING.
      ethical hacking and penetration testing made easy.
      Author….PATRICK  ENGEBRETSON
      Plz this book is 100 percent ok for newbie.
      I just finish the book and ready to hack and pen test.

Viewing 9 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?