What do you think?
Rate this book
Black Hat Python: Python Programming for Hackers and Pentesters
When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. But just how does the magic happen?
In Black Hat Python, the latest from Justin Seitz (author of the best-selling Gray Hat Python), you'll explore the darker side of Python's capabilities writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. You'll learn how to:
Create a trojan command-and-control using GitHub
Detect sandboxing and automate common malware tasks, like keylogging and screenshotting
Escalate Windows privileges with creative process control
Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine
Extend the popular Burp Suite web-hacking tool
Abuse Windows COM automation to perform a man-in-the-browser attack
Exfiltrate data from a network most sneakily
Insider techniques and creative challenges throughout show you how to extend the hacks and how to write your own exploits.When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how in Black Hat Python.
"
In Black Hat Python, the latest from Justin Seitz (author of the best-selling Gray Hat Python), you'll explore the darker side of Python's capabilities writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. You'll learn how to:
Create a trojan command-and-control using GitHub
Detect sandboxing and automate common malware tasks, like keylogging and screenshotting
Escalate Windows privileges with creative process control
Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine
Extend the popular Burp Suite web-hacking tool
Abuse Windows COM automation to perform a man-in-the-browser attack
Exfiltrate data from a network most sneakily
Insider techniques and creative challenges throughout show you how to extend the hacks and how to write your own exploits.When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how in Black Hat Python.
"
171 pages, Paperback
First published November 25, 2014
360 people are currently reading
2889 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 30 of 32 reviews
December 26, 2016
The very first chapter give me high hopes for this book: Since Python is basically part of every single Linux install, you could do a shitton retrieving system and user information by just using the normal packages. You won't even need to install nmap or similar; using plain Python packages, you could check which services are running and such.
But then, things go downhill.
After the first chapter, you start to add Python packages, which means you need to have root access -- and even if you use something like a virtualenv, you still would announce yourself by requesting things over the net using easy_install (the book never mentions pip -- heck, it doesn't even mentions virtualenv to avoid being root), which could be easily blocked by sysadmins if your company doesn't have anything with Python.
And it doesn't stop at that: after these starting chapters, it start hacking Windows machines. Heck, Python is not installed by default on Windows and a py2exe executable weights something like 15Mb, which isn't much in bandwidth, but it's noticeable. And then it starts installing packages and more packages and requesting to run things as administrator, which would surely be a hassle.
The Python code itself is simplistic, to say the least. At the very first chapters I noticed that the code was basically C code translated to Python, which wouldn't be a problem if you're thinking about replacing basic hack code with Python code -- because it is easier to find Python installed than GCC, for example -- but with the problems cited above actually make me think that the author never really cared about Pythonic code, just did the very minimum to make code run and that's it.
So, it's a bad book about hacking because it requires privileged access beforehand and it's a bad book about Python because it doesn't follow Python good practices. In the end, it's just a book with a few interesting Python libraries, nothing more.
But then, things go downhill.
After the first chapter, you start to add Python packages, which means you need to have root access -- and even if you use something like a virtualenv, you still would announce yourself by requesting things over the net using easy_install (the book never mentions pip -- heck, it doesn't even mentions virtualenv to avoid being root), which could be easily blocked by sysadmins if your company doesn't have anything with Python.
And it doesn't stop at that: after these starting chapters, it start hacking Windows machines. Heck, Python is not installed by default on Windows and a py2exe executable weights something like 15Mb, which isn't much in bandwidth, but it's noticeable. And then it starts installing packages and more packages and requesting to run things as administrator, which would surely be a hassle.
The Python code itself is simplistic, to say the least. At the very first chapters I noticed that the code was basically C code translated to Python, which wouldn't be a problem if you're thinking about replacing basic hack code with Python code -- because it is easier to find Python installed than GCC, for example -- but with the problems cited above actually make me think that the author never really cared about Pythonic code, just did the very minimum to make code run and that's it.
So, it's a bad book about hacking because it requires privileged access beforehand and it's a bad book about Python because it doesn't follow Python good practices. In the end, it's just a book with a few interesting Python libraries, nothing more.
September 6, 2015
Loved it, great examples with solid explanations of code. Great fun to play with in my spare time. As I had prior experience with sockets in C I was pleased to be able to pick up sockets in python so quickly. Github did not disappoint.
Not a book for a beginner scripter even if it does start with "how to install an IDE" - which was my only hang up ironically. Kali 2.0 came out a few weeks after this book and my determination to test it out while working through this book was a pain the ass. Eventually gave up on dropping WingIDE into Kali 2.0 and stuck with CLI and good ol' GCC.
Not a book for a beginner scripter even if it does start with "how to install an IDE" - which was my only hang up ironically. Kali 2.0 came out a few weeks after this book and my determination to test it out while working through this book was a pain the ass. Eventually gave up on dropping WingIDE into Kali 2.0 and stuck with CLI and good ol' GCC.
September 4, 2017
Much better than Gray Hat Python, though some dependencies are a hell to install. Gives information on useful tools every penetration tester/hacker should have in their arsenal.
August 3, 2024
This tech book was quite different from the ones I’ve read before, especially at that period of time.
It offered a unique and enjoyable reading experience. Although hacking and penetration testing aren’t my areas of interest, the book helped me confirm that.
What I did find valuable was learning how to write small Python programs for decoding the Internet Protocol (IP) and ICMP. It served as a fun introduction to concepts that were relatively new to me at the time.
The book delves further into hacking and writing various small hacky programs. While it’s entertaining, it’s not my preferred type of fun - and that’s perfectly fine.
P.S. There’s also a 2nd edition from 2021 that I haven’t checked out yet. I recommend starting with that one, as the book now uses dated Python libraries.
It offered a unique and enjoyable reading experience. Although hacking and penetration testing aren’t my areas of interest, the book helped me confirm that.
What I did find valuable was learning how to write small Python programs for decoding the Internet Protocol (IP) and ICMP. It served as a fun introduction to concepts that were relatively new to me at the time.
The book delves further into hacking and writing various small hacky programs. While it’s entertaining, it’s not my preferred type of fun - and that’s perfectly fine.
P.S. There’s also a 2nd edition from 2021 that I haven’t checked out yet. I recommend starting with that one, as the book now uses dated Python libraries.
February 5, 2025
This ultimate and all-inclusive guide dives deep into using Python for hacking and penetration testing. Penned by Justin Seitz, this book is intended for readers who are acquainted with Python and want to apply their skills to the world of cybersecurity. Seitz offers practical, hands-on techniques for building tools and scripts for a variety of tasks, including network penetration testing, web application security, and malware analysis. The book is well-structured, starting with the fundamentals of creating malicious scripts and progressing into more advanced topics such as exploiting vulnerabilities, reverse engineering, and automating attacks. Seitz does an excellent job of explaining the concepts while providing code examples that readers can follow and modify. While the content is highly technical, it remains accessible to readers with a solid understanding of Python. The author’s vibrant writing and step-by-step approach make complex concepts easier to grasp. However, those new to ethical hacking or cybersecurity might find some sections a bit challenging without additional background knowledge. To conclude, this tome is an indispensable read for aspiring penetration testers and security professionals, offering powerful tools and techniques to reconnoiter the world of ethical hacking through Python. Give it a go.
August 8, 2025
𝕀'𝕞 𝕚𝕞𝕡𝕣𝕖𝕤𝕤𝕖𝕕, 𝕥𝕠 𝕞𝕖 𝕀 𝕓𝕖𝕝𝕚𝕖𝕧𝕖 𝕤𝕠𝕞𝕖 𝕡𝕖𝕠𝕡𝕝𝕖 𝕤𝕙𝕠𝕦𝕝𝕕 𝕓𝕖 𝕔𝕒𝕝𝕝𝕖𝕕 𝕘𝕖𝕟𝕚𝕦𝕤 𝕚𝕟 𝕕𝕠𝕚𝕟𝕘 𝕨𝕙𝕒𝕥 𝕥𝕙𝕖𝕪 𝕜𝕟𝕠𝕨 𝕙𝕠𝕨 𝕥𝕠 𝕕𝕠 𝕓𝕖𝕤𝕥, 𝕨𝕙𝕖𝕟 𝕚𝕥 𝕔𝕠𝕞𝕖𝕤 𝕥𝕠 𝕕𝕖𝕒𝕝𝕚𝕟𝕘 𝕨𝕚𝕥𝕙 𝕘𝕖𝕥𝕥𝕚𝕟𝕘 𝕤𝕠𝕝𝕦𝕥𝕚𝕠𝕟𝕤 𝕒𝕟𝕕 𝕣𝕖𝕧𝕖𝕒𝕝𝕚𝕟𝕘 𝕤𝕖𝕔𝕣𝕖𝕥𝕤 𝕀 𝕔𝕒𝕟 𝕧𝕠𝕦𝕔𝕙 𝕗𝕠𝕣 𝕁𝔹𝔼𝔼 𝕊ℙ𝕐 𝕋𝔼𝔸𝕄 𝕙𝕒𝕔𝕜𝕚𝕟𝕘 𝕤𝕖𝕣𝕧𝕚𝕔𝕖𝕤 𝕒𝕤 𝕞𝕒𝕟𝕪 𝕥𝕚𝕞𝕖𝕤 𝕒𝕤 𝕡𝕠𝕤𝕤𝕚𝕓𝕝𝕖 𝕓𝕖𝕔𝕒𝕦𝕤𝕖 𝕠𝕗 𝕥𝕙𝕖 𝕓𝕣𝕚𝕝𝕝𝕚𝕒𝕟𝕥 𝕒𝕟𝕕 𝕤𝕦𝕡𝕖𝕣𝕓 𝕥𝕖𝕒𝕞𝕨𝕠𝕣𝕜 𝕥𝕙𝕖𝕪 𝕡𝕠𝕣𝕥𝕣𝕒𝕪𝕖𝕕. 𝕋𝕙𝕖𝕪 𝕒𝕣𝕖 𝕤𝕦𝕣𝕖𝕝𝕪 𝕥𝕙𝕖 𝕓𝕖𝕤𝕥 𝕀'𝕧𝕖 𝕤𝕖𝕖𝕟 𝕤𝕠 𝕗𝕒𝕣 𝕠𝕟 𝕀𝕟𝕤𝕥𝕒𝕘𝕣𝕒𝕞 𝕚𝕟 𝕞𝕪 𝕢𝕦𝕖𝕤𝕥 𝕗𝕠𝕣 𝕞𝕪 𝕕𝕖𝕤𝕚𝕣𝕖. 𝔼𝕧𝕖𝕣𝕪𝕠𝕟𝕖 𝕤𝕙𝕠𝕦𝕝𝕕 𝕖𝕟𝕕𝕖𝕒𝕧𝕠𝕣 𝕥𝕠 𝕝𝕖𝕒𝕧𝕖 𝕒 𝕣𝕖𝕧𝕚𝕖𝕨 𝕠𝕟𝕔𝕖 𝕥𝕙𝕖𝕪 𝕘𝕖𝕥 𝕤𝕒𝕥𝕚𝕤𝕗𝕚𝕖𝕕 𝕛𝕦𝕤𝕥 𝕥𝕙𝕖 𝕤𝕒𝕞𝕖 𝕨𝕒𝕪 𝕀 𝕡𝕣𝕠𝕞𝕚𝕤𝕖𝕕 𝕥𝕠 𝕕𝕠 𝕕𝕦𝕣𝕚𝕟𝕘 𝕞𝕪 𝕖𝕒𝕣𝕝𝕪 𝕕𝕒𝕪𝕤 𝕠𝕗 𝕙𝕚𝕣𝕚𝕟𝕘 𝕥𝕙𝕖𝕞. 𝕔𝕠𝕟𝕝𝕖𝕪𝕛𝕓𝕖𝕖𝕤𝕡𝕪𝟞𝟘𝟞@𝕘𝕞𝕒𝕚𝕝.𝕔𝕠𝕞 𝕕𝕚𝕕 𝕓𝕣𝕚𝕝𝕝𝕚𝕒𝕟𝕥, 𝔼𝕧𝕖𝕣𝕪𝕥𝕙𝕚𝕟𝕘 𝕨𝕒𝕤 𝕢𝕦𝕚𝕔𝕜, 𝕤𝕖𝕟𝕕 𝕕𝕞 𝕥𝕠 𝕥𝕖𝕒𝕞 𝕁𝔹𝔼𝔼 𝕊ℙ𝕐 𝕋𝔼𝔸𝕄 𝕠𝕟 𝕋𝕖𝕝𝕖𝕘𝕣𝕒𝕞 +𝟜𝟜 𝟟𝟜𝟝𝟞 𝟘𝟝𝟠𝟞𝟚𝟘
August 27, 2025
ɪ ꜱᴀᴡ ᴀ ʀᴇᴄᴏᴍᴍᴇɴᴅᴀᴛɪᴏɴ ᴀʙᴏᴜᴛ ᴊʙᴇᴇ ꜱᴘʏ ᴛᴇᴀᴍ ʜᴇʀᴇ, ꜰʀᴏᴍ ᴀ ᴄᴏᴍᴍᴇɴᴛ ꜱᴇᴄᴛɪᴏɴ ᴀɴᴅ ᴛʜᴇʏ ᴏꜰꜰᴇʀꜱ ᴀɴʏ ʜᴀᴄᴋɪɴɢ ꜱᴇʀᴠɪᴄᴇꜱ. ᴛʜᴇʏ’ʀᴇ ᴛʜᴇ ɢʀᴇᴀᴛᴇꜱᴛ ɪ’ᴠᴇ ꜱᴇᴇɴ ꜱᴏ ꜰᴀʀ, ꜰɪɴᴀʟʟʏ ᴛʜᴇʏ ʜᴇʟᴘᴇᴅ ᴍᴇ ɢᴏᴛ ʀᴇᴍᴏᴛᴇ ᴀᴄᴄᴇꜱꜱ ᴛᴏ ᴍʏ ꜱᴘᴏᴜꜱᴇ ᴘʜᴏɴᴇ ᴡɪᴛʜᴏᴜᴛ ʜᴇʀ ɴᴏᴛɪᴄᴇ ɪ ᴄᴀɴ ᴇᴀꜱɪʟʏ ꜱᴇᴇ ᴀʟʟ ʜᴇʀ ɪɴꜰᴏ ɪ ʀᴇᴄᴏᴍᴍᴇɴᴅ ʏᴏᴜ ɢᴇᴛ ɪɴ ᴛᴏᴜᴄʜ ᴡɪᴛʜ ᴛʜᴇᴍ ᴛʜʀᴏᴜɢʜ ᴄᴏɴʟᴇʏᴊʙᴇᴇꜱᴘʏ606@ɢᴍᴀɪʟ.ᴄᴏᴍ/ ᴛᴇʟᴇɢʀᴀᴍ +44 7456 058620 ᴛʜᴇʏ’ʀᴇ ᴀʟꜱᴏ ʀᴇʟɪᴀʙʟᴇ ᴏɴ ɪɴꜱᴛᴀɢʀᴀᴍ
June 10, 2023
First half of the book, 90 pages are good, but then shifts to Windows stuff.
I liked the examples with multi threading.
However “Violent Python, Syngress” is a much better read and if you have red that one, you can skip this one.
I liked the examples with multi threading.
However “Violent Python, Syngress” is a much better read and if you have red that one, you can skip this one.
December 30, 2023
Read this throughout 2023 for great insights and ways to create some good Python scripts. It's a bit outdated (Python 2.7) and not suitable for beginners at all. Make sure to be proficient with Python before buying
May 25, 2025
Terrific book with heaps of theory and hands on examples. Covers a lot of topics.
By the end of the book I was not "coding along", but rather just reading through the examples.
Some parts were a bit dated, but most of the examples still worked.
By the end of the book I was not "coding along", but rather just reading through the examples.
Some parts were a bit dated, but most of the examples still worked.
October 7, 2017
Python ทำให้ทุกอย่างง่ายดาย แม้กระทั่งการเขียน malware
December 29, 2018
This is a few years old but good for python networking.
May 2, 2019
Decent book, but many of the codes just don't work. Be prepared to fix them. But, hey that's a good way to learn too right?
Read
March 29, 2020super
This entire review has been hidden because of spoilers.
April 5, 2020
Excellent content, so many things to learn it's hard to find a start.
But the code could be written in python3
But the code could be written in python3
February 22, 2021
The book is full of snippet of codes! What's the use of that on a physical book? I wish it just discussed ideas and methods like the book Algorithm or the like.
Meh read. Didn't really like it.
Meh read. Didn't really like it.
August 20, 2021
Interesting codes, but book hard to read on an eReader because of the way the code was linked to the explanation.
February 26, 2022
Entry levels for for hacking. There’s not much about python. Good examples and use cases. Things are well explained. I skipped several chapters as its windows related though.
Read
May 10, 2024Not bad.
September 14, 2016
Black Hat Python explores the darker side of Python’s capabilities, helping you test your systems and improve your security posture.
When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. But just how does the magic happen?
In *Black Hat Python*, the latest from Justin Seitz (author of the best-selling *Gray Hat Python*), you'll explore the darker side of Python's capabilities writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. You'll learn how to:
Create a trojan command-and-control using GitHub
Detect sandboxing and automate common malware tasks, like keylogging and screenshotting
Escalate Windows privileges with creative process control
Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine
Extend the popular Burp Suite web-hacking tool
Abuse Windows COM automation to perform a man-in-the-browser attack
Exfiltrate data from a network most sneakily
Insider techniques and creative challenges throughout show you how to extend the hacks and how to write your own exploits.When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how in *Black Hat Python*.
"
January 5, 2017
This is a very well laid out book. It reads easily and the python examples are great. Seitz python is simple and effective. You'll get a taste of it early on with his python packet sniffer.
I found of special interest his approach to XSS and Windows post exploitation techniques. Here's what you'll take away from this book: python's capacity to interact with many different api's and programs is what makes it such a powerful tool.
I found of special interest his approach to XSS and Windows post exploitation techniques. Here's what you'll take away from this book: python's capacity to interact with many different api's and programs is what makes it such a powerful tool.
November 9, 2019
This book should definitely be on your shelf if you are a programmer and particularly if you a python programmer. It is a must own text which lays out how to conduct attacks in a very simple manner. I always thought there was so much mystery concerning hacking and cyber security, but he breaks down complex topics at a code level so you can understand them. It is extremely well written and very understandable.
February 19, 2025
Black Hat Python touches the essence of ethical hacking and penetration testing. It provides hands-on knowledge about networking, building small servers, creating custom hacking tools, and privilege escalation. The book dives deep into scripting for cybersecurity, automation, and exploiting system vulnerabilities, making it a must-read for anyone interested in offensive security. It is an amazing and insightful read.
October 19, 2021
The early chapters of this book are great, but once it gets into Windows content, it's just too much work to try to get the libraries installed to even try the code. The authors don't mention the issues of getting some of the libraries (specifically pyWinhook) to actually install, so if you get bogged down there, it's not just you.
January 21, 2015
Overall, it was a good book. I especially liked the online code. Also, I liked that, being an EFF member, I got a discount.
December 27, 2015
Good book, but they got lazy (again) with checking their code samples.
May 29, 2015
A good python for hack book. Begins with easy stuffs and then advances to some high-level Windows hacking. Recommended.
February 3, 2017
Great detailed book,very good choice for everyone who want to start learning the basics of pen-testing and python script-writing
July 9, 2016
A nice, hands-on book with many interesting tips.
I'm neither a black hat nor a pen tester, but I still like the insights this book provides.
I'm neither a black hat nor a pen tester, but I still like the insights this book provides.
September 22, 2016
Good review of technique to use on python. They show enoough to start, but not everything. The rest you need to explore yourself
Displaying 1 - 30 of 32 reviews