Book Image

Mastering Python for Networking and Security - Second Edition

By : José Ortega
Book Image

Mastering Python for Networking and Security - Second Edition

By: José Ortega

Overview of this book

It’s now more apparent than ever that security is a critical aspect of IT infrastructure, and that devastating data breaches can occur from simple network line hacks. As shown in this book, combining the latest version of Python with an increased focus on network security can help you to level up your defenses against cyber attacks and cyber threats. Python is being used for increasingly advanced tasks, with the latest update introducing new libraries and packages featured in the Python 3.7.4 recommended version. Moreover, most scripts are compatible with the latest versions of Python and can also be executed in a virtual environment. This book will guide you through using these updated packages to build a secure network with the help of Python scripting. You’ll cover a range of topics, from building a network to the procedures you need to follow to secure it. Starting by exploring different packages and libraries, you’ll learn about various ways to build a network and connect with the Tor network through Python scripting. You will also learn how to assess a network's vulnerabilities using Python security scripting. Later, you’ll learn how to achieve endpoint protection by leveraging Python packages, along with writing forensic scripts. By the end of this Python book, you’ll be able to use Python to build secure apps using cryptography and steganography techniques.
Table of Contents (22 chapters)
1
Section 1: The Python Environment and System Programming Tools
4
Section 2: Network Scripting and Extracting Information from the Tor Network with Python
8
Section 3: Server Scripting and Port Scanning with Python
12
Section 4: Server Vulnerabilities and Security in Python Modules
16
Section 5: Python Forensics

Analyzing and discovering vulnerabilities in CMS web applications

In this section, we will cover some of the tools that can be used to discover vulnerabilities in Content Management System (CMS) web applications such as WordPress and Joomla.

The goal of a penetration tester is to obtain sensitive information from a website or server. For example, we might be interested in determining the type of CMS, as well as determining the vulnerabilities at the administrative interface level relative to users and groups that are configured.

CMSes have become an especially tempting target for attackers due to their growth and large presence on the internet. The ease of having a web page without technical knowledge implies that many companies and individuals deploy these applications with multiple vulnerabilities due to using outdated plugins and bad configurations on the server that hosts them.

CMSes also incorporate third-party plugins to facilitate tasks such as login and session management...