Tiwari Shantnu. Python For Hackers

Leanpub.com, 2015. — 97 p.Learn the secrets of hackers with practical examples! You will be provided a virtual machine with all the code, so you can start practicing immediately. Ready to start hacking?
How to brute force a password using a dictionary
How to predict user sessions and steal data from other users
Directory Transversal: How to steal the passwords file
XSS attack : How to steal the user's cookie
SQL injection: Destroy user data with a well crafted SQL query!
Stack overflow: Force the system to log you in, even with the wrong password
A simulation of the Heartbleed bug: Read hidden & secret data
Heap overflow: Read a secret file you are banned from reading, by overflowing the internal memory buffers
and more:
How to prevent all the attacks above
General principles on writing secure code
How to store passwords safely
How code is compiled, how we go from high level to assembly to machine language.
Inside...
Setting Up Your System: Starting the virtual machine, Selenium and Pydriver.
Brute Force Dictionary Attack, Preventing brute force attacks.
Session Prediction Attack, Preventing Session prediction.
Directory Transversal attack, Preventing directory transversal.
Cross Site Scripting: Stealing the user cookie, Preventing XSS attacks.
SQL Code Injection.
Principles of Secure Coding: Never trust user input, Don’t roll your own solution, Don’t do security by obscurity, Follow good software engineering practices, Keep the design simple, Each component must have its own security, Default deny, Update all your software regularly, Finally, if you can afford it, have an external security audit.
Storing Passwords safely: Rainbow attacks, or the problem with just encrypting, Salting.
From C to assembly to machine code: A 5 minute guide to C, The compilation process.
Stack Overflow.
A simulation of the Heartbleed bug.
Heap Overflow.
Preventing Overflow attacks, Practical ways to stop stack/heap based attacks.