Book Image

Mastering Python for Networking and Security

By : José Ortega
Book Image

Mastering Python for Networking and Security

By: José Ortega

Overview of this book

It’s becoming more and more apparent that security is a critical aspect of IT infrastructure. A data breach is a major security incident, usually carried out by just hacking a simple network line. Increasing your network’s security helps step up your defenses against cyber attacks. Meanwhile, Python is being used for increasingly advanced tasks, with the latest update introducing many new packages. This book focuses on leveraging these updated packages to build a secure network with the help of Python scripting. This book covers topics from building a network to the different procedures you need to follow to secure it. You’ll first be introduced to different packages and libraries, before moving on to different ways to build a network with the help of Python scripting. Later, you will learn how to check a network’s vulnerability using Python security scripting, and understand how to check vulnerabilities in your network. As you progress through the chapters, you will also learn how to achieve endpoint protection by leveraging Python packages along with writing forensic scripts. By the end of this book, you will be able to get the most out of the Python language to build secure and robust networks that are resilient to attacks.

Related Content you might be interested in

Current Title:

Small book image
Mastering Python for Networking and Security
José Ortega
Sep, 2018 | 426 pages
Small book image
Learning Python Networking,
Sam Washington | M O Faruque Sarker | Joseacute Ortega
Mar, 2019 | 490 pages
Small book image
Python Penetration Testing Essentials
Mohit Raj
May, 2018 | 230 pages
Small book image
Python Penetration Testing Cookbook
Rejah Rehim
Nov, 2017 | 226 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Working with Python Scripting
Working with Python Scripting
Technical requirements
Programming and installing Python
Python collections
Python functions and managing exceptions
Python as an OOP language
The OMSTD methodology and STB Module for Python scripting
The main development environments for script-development
Summary
Questions
Further reading
2
System Programming Packages
System Programming Packages
Technical requirements
Introducing system modules in python
Working with the filesystem in Python
Threads in Python
Multithreading and concurrency in Python
Python Socket.io
Summary
Questions
Further reading
3
Socket Programming
Socket Programming
Technical requirements
Introduction to sockets
Creating a simple TCP client and TCP server
Creating a simple UDP client and UDP server
Resolving IP addresses and domains
Practical use cases for sockets
Summary
Questions
Further reading
4
HTTP Programming
HTTP Programming
Technical requirements
HTTP protocol and building HTTP clients in python
Building an HTTP Client with urllib2
Building an HTTP Client with requests
Authentication mechanisms with Python
Summary
Questions
Further Reading
5
Analyzing Network Traffic
Analyzing Network Traffic
Technical requirements
Capturing and injecting packets with pcapy
Capturing and injecting packets with scapy
Port-scanning and traceroute with scapy
Reading pcap files with scapy
Summary
Questions
Further reading
6
Gathering Information from Servers
Gathering Information from Servers
Technical requirements
Introduction to gathering information
Extracting information from servers with Shodan
Using python to obtain server information
Getting information on dns servers with DNSPython
Getting vulnerable addresses in servers with Fuzzing
Summary
Questions
Further reading
7
Interacting with FTP, SSH, and SNMP Servers
Interacting with FTP, SSH, and SNMP Servers
Technical requirements
Connecting with FTP servers
Connecting with SSH servers
Connecting with SNMP servers
Summary
Questions
Further reading
8
Working with Nmap Scanners
Working with Nmap Scanners
Technical requirements
Introducing port scanning with Nmap
Port scanning with python-nmap
Scan modes with python-nmap
Vulnerabilities with Nmap scripts
Summary
Questions
Further reading
9
Connecting with the Metasploit Framework
Connecting with the Metasploit Framework
Technical requirements
Introducing the Metasploit framework
Interacting with the Metasploit framework
Connecting the Metasploit framework and Python
Connecting Metasploit with pyMetasploit
Summary
Questions
Further reading
10
Interacting with the Vulnerabilities Scanner
Interacting with the Vulnerabilities Scanner
Technical requirements
Introducing vulnerabilities
Introducing the Nessus Vulnerabilities scanner
Accessing the Nessus API with Python
Introducing the Nexpose Vulnerabilities scanner
Accessing the Nexpose API with Python
Summary
Questions
Further reading
11
Identifying Server Vulnerabilities in Web Applications
Identifying Server Vulnerabilities in Web Applications
Technical requirements
Introducing vulnerabilities in web applications with OWASP
W3af scanner vulnerabilities in web applications
Discovering sql vulnerabilities with Python tools
Testing heartbleed and SSL/TLS vulnerabilities
Summary
Questions
Further reading
12
Extracting Geolocation and Metadata from Documents, Images, and Browsers
Extracting Geolocation and Metadata from Documents, Images, and Browsers
Technical Requirements
Extracting geolocation information
Extracting metadata from images
Extracting metadata from pdf documents
Identifying the technology used by a website
Extracting metadata from web browsers
Summary
Questions
Further reading
13
Cryptography and Steganography
Cryptography and Steganography
Technical requirements
Encrypting and decrypting information with pycrypto
Encrypting and decrypting information with cryptography
Steganography techniques for hiding information in images
Summary
Questions
Further reading
14
Assessments
Assessments
Chapter 1 : Working with Python Scripting
Chapter 2: System Programming Packages
Chapter 3: Socket Programming
Chapter 4: HTTP Programming
Chapter 5: Analyzing Network Traffic
Chapter 6: Gathering Information from Servers
Chapter 7: Interacting with FTP, SSH, and SNMP Servers
Chapter 8: Working with Nmap Scanners
Chapter 9: Connecting with the Metasploit Framework
Chapter 10: Interacting with the Vulnerabilities Scanner
Chapter 11: Identifying Server Vulnerabilities in Web Applications
Chapter 12: Extracting Geolocation and Metadata from Documents, Images, and Browsers
Chapter 13: Cryptography and Steganography
15
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Chapter 11: Identifying Server Vulnerabilities in Web Applications

  1. Which type of vulnerability is an attack that injects malicious scripts into web pages to redirect users to fake websites or gather personal information?

Cross-Site Scripting (XSS) allows attackers to execute scripts in the victim's browser, allowing them to hijack user sessions or redirect the user to a malicious site.

  1. What is the technique where an attacker inserts SQL database commands into a data input field of an order form used by a web-based application?

SQL injection is a technique that is used to steal data by taking advantage of a nonvalidated input vulnerability. Basically, it is a code injection technique where an attacker executes malicious SQL queries that control a web application’s database.

You want to prevent your browser from running JavaScript commands that are potentially...

Previous Section
End of Section 12
Next Section