Black Hat Python
Python Programming for Hackers and Pentesters
Justin Seitz and Tim Arnold's hands-on tour of writing offensive tooling in Python: network sniffers, web scrapers, GitHub-based command-and-control, screen capture, keylogging, and Volatility extensions.
As an Amazon Associate we earn from qualifying purchases. The link above is sponsored.
- Authors
- Justin Seitz,Tim Arnold
- Published
- 2021
- Publisher
- No Starch Press
- Pages
- 216
- Language
- English
Read this if
Working pentesters and red teamers who want to stop fighting other people's tools and start writing their own. The book that turns Python from a scripting language into an offensive multitool.
Skip this if
Beginners with no Python experience, or readers wanting a structured CS curriculum. Seitz and Arnold assume you can already program; the value is in offensive idioms, not language fundamentals.
Key takeaways
- Most operational tools you use can be replaced by ~50 lines of Python that do exactly what you need; the book is a series of working examples of that thesis.
- The networking, web-scraping and process-injection chapters individually pay back the cost of the book once you've used the patterns three times.
- The 2nd edition (Python 3, modern libraries) is the one to buy; the first edition's Python 2 code is dated.
Notes
Pair with Black Hat Go (Steele/Patten/Kottmann) for the cross-compilation use cases Python doesn't cover well, and with Practical Binary Analysis (Andriesse) for the dynamic-analysis side. Seitz's earlier Gray Hat Python is a useful supplement on the debugger and reversing chapters. Read it cover to cover once, then keep it on the shelf for chapter three's networking patterns.
What to read before
What to read before Black Hat Python →Intermediate · 2020
Black Hat Go
Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.
Beginner · 2014
Penetration Testing
Georgia Weidman's lab-driven introduction to pentesting, walking the reader from setting up a target environment through scanning, exploitation, post-exploitation, and reporting.
Intermediate · 2008
Hacking: The Art of Exploitation
A from-first-principles tour of low-level exploitation that still teaches the mindset two decades later.
What to read next
What to read after Black Hat Python →Intermediate · 2020
Black Hat Go
Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.
Advanced · 2017
Attacking Network Protocols
James Forshaw, Project Zero veteran, on how to capture, parse, and break protocols from the wire up to the application layer, with a strong focus on building reusable analysis tooling.
Intermediate · 2008
Hacking: The Art of Exploitation
A from-first-principles tour of low-level exploitation that still teaches the mindset two decades later.
Explore similar books
Alternatives to Black Hat Python →Intermediate · 2020
Black Hat Go
Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.
Intermediate · 2025
Metasploit
The second edition of the definitive No Starch guide to the Metasploit Framework, updated by the project's original maintainers and newer contributors for the modern Framework.
Intermediate · 2024
Black Hat Bash
Nick Aleks and Dolev Farhi on getting offensive work done with the shell: privilege escalation tooling, lateral movement, and pipelining bash with the rest of the toolkit.