Book Image

Mastering Python for Networking and Security - Second Edition

By : José Ortega
Book Image

Mastering Python for Networking and Security - Second Edition

By: José Ortega

Overview of this book

It’s now more apparent than ever that security is a critical aspect of IT infrastructure, and that devastating data breaches can occur from simple network line hacks. As shown in this book, combining the latest version of Python with an increased focus on network security can help you to level up your defenses against cyber attacks and cyber threats. Python is being used for increasingly advanced tasks, with the latest update introducing new libraries and packages featured in the Python 3.7.4 recommended version. Moreover, most scripts are compatible with the latest versions of Python and can also be executed in a virtual environment. This book will guide you through using these updated packages to build a secure network with the help of Python scripting. You’ll cover a range of topics, from building a network to the procedures you need to follow to secure it. Starting by exploring different packages and libraries, you’ll learn about various ways to build a network and connect with the Tor network through Python scripting. You will also learn how to assess a network's vulnerabilities using Python security scripting. Later, you’ll learn how to achieve endpoint protection by leveraging Python packages, along with writing forensic scripts. By the end of this Python book, you’ll be able to use Python to build secure apps using cryptography and steganography techniques.

Related Content you might be interested in

Current Title:

Small book image
Mastering Python for Networking and Security - Second Edition
José Ortega
Jan, 2021 | 538 pages
Small book image
Learning Python Networking,
Sam Washington | M O Faruque Sarker | Joseacute Ortega
Mar, 2019 | 490 pages
Small book image
Mastering Kali Linux for Advanced Penetration Testing
Vijay Kumar Velu
Jun, 2017 | 510 pages
Small book image
Python Penetration Testing Essentials
Mohit Raj
May, 2018 | 230 pages
Table of Contents (22 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Code in Action
Download the color images
Conventions used
Get in touch
Reviews
1
Section 1: The Python Environment and System Programming Tools
Section 1: The Python Environment and System Programming Tools
Free Chapter
2
Chapter 1: Working with Python Scripting
Chapter 1: Working with Python Scripting
Technical requirements
Introduction to Python scripting
Exploring Python data structures
Python functions, classes, and managing exceptions
Python modules and packages
Managing dependencies and virtual environments
Development environments for Python scripting
Summary
Questions
Further reading
3
Chapter 2: System Programming Packages
Chapter 2: System Programming Packages
Technical requirements
Introducing system modules in Python
Working with the filesystem in Python
Managing threads in Python
Working with socket.io
Summary
Questions
Further reading
4
Section 2: Network Scripting and Extracting Information from the Tor Network with Python
Section 2: Network Scripting and Extracting Information from the Tor Network with Python
5
Chapter 3: Socket Programming
Chapter 3: Socket Programming
Technical requirements
Introducing sockets in Python
Implementing an HTTP server in Python
Implementing a reverse shell with sockets
Resolving IPS domains, addresses, and managing exceptions
Port scanning with sockets
Implementing a simple TCP client and TCP server
Implementing a simple UDP client and UDP server
Summary
Questions
Further reading
6
Chapter 4: HTTP Programming
Chapter 4: HTTP Programming
Technical requirements
Introducing the HTTP protocol
Building an HTTP client with http.client
Building an HTTP client with urllib.request
Get response and request headers
Building an HTTP client with requests
Building an HTTP client with httpx
Authentication mechanisms with Python
Summary
Questions
Further reading
7
Chapter 5: Connecting to the Tor Network and Discovering Hidden Services
Chapter 5: Connecting to the Tor Network and Discovering Hidden Services
Technical requirements
Understanding the Tor Project and hidden services
Tools for anonymity in the Tor network
Discovering hidden services with OSINT tools
Modules and packages in Python for connecting to the Tor network
Tools that allow us to search hidden services and automate the crawling process in the Tor network
Summary
Questions
8
Section 3: Server Scripting and Port Scanning with Python
Section 3: Server Scripting and Port Scanning with Python
9
Chapter 6: Gathering Information from Servers
Chapter 6: Gathering Information from Servers
Technical requirements
Extracting information from servers with Shodan
Using Shodan filters and the BinaryEdge search engine
Using the socket module to obtain server information
Getting information on DNS servers with DNSPython
Getting vulnerable addresses in servers with fuzzing
Summary
Questions
Further reading
10
Chapter 7: Interacting with FTP, SFTP, and SSH Servers
Chapter 7: Interacting with FTP, SFTP, and SSH Servers
Technical requirements
Connecting with FTP servers
Building an anonymous FTP scanner with Python
Connecting with SSH servers with paramiko and pysftp
Implementing SSH clients and servers with the asyncSSH and asyncio modules
Checking the security in SSH servers with the ssh-audit tool
Summary
Questions
Further reading
11
Chapter 8: Working with Nmap Scanner
Chapter 8: Working with Nmap Scanner
Technical requirements
Introducing port scanning with Nmap
Scan modes with python-nmap
Working with Nmap through the os and subprocess modules
Discovering services and vulnerabilities with Nmap scripts
Summary
Questions
Further reading
12
Section 4: Server Vulnerabilities and Security in Python Modules
Section 4: Server Vulnerabilities and Security in Python Modules
13
Chapter 9: Interacting with Vulnerability Scanners
Chapter 9: Interacting with Vulnerability Scanners
Technical requirements
Understanding vulnerabilities and exploits
Introducing the Nessus vulnerability scanner
Introducing the OpenVAS vulnerability scanner
Accessing OpenVAS with Python
Summary
Questions
Further reading
14
Chapter 10: Identifying Server Vulnerabilities in Web Applications
Chapter 10: Identifying Server Vulnerabilities in Web Applications
Technical requirements
Understanding vulnerabilities in web applications with OWASP
Analyzing and discovering vulnerabilities in CMS web applications
Discovering SQL vulnerabilities with Python tools
Testing Heartbleed and SSL/TLS vulnerabilities
Scanning TLS/SSL configurations with SSLyze
Summary
Questions
Further reading
15
Chapter 11: Security and Vulnerabilities in Python Modules
Chapter 11: Security and Vulnerabilities in Python Modules
Technical requirements
Exploring security in Python modules
Static code analysis for detecting vulnerabilities
Detecting Python modules with backdoors and malicious code
Security in Python web applications with the Flask framework
Python security best practices
Summary
Questions
Further reading
16
Section 5: Python Forensics
Section 5: Python Forensics
17
Chapter 12: Python Tools for Forensics Analysis
Chapter 12: Python Tools for Forensics Analysis
Technical requirements
Volatility framework for extracting data from memory and disk images
Connecting and analyzing SQLite databases
Network forensics with PcapXray
Getting information from the Windows registry
Logging in Python
Summary
Questions
Further reading
18
Chapter 13: Extracting Geolocation and Metadata from Documents, Images, and Browsers
Chapter 13: Extracting Geolocation and Metadata from Documents, Images, and Browsers
Technical requirements
Extracting geolocation information
Extracting metadata from images
Extracting metadata from PDF documents
Identifying the technology used by a website
Extracting metadata from web browsers
Summary
Questions
Further reading
19
Chapter 14: Cryptography and Steganography
Chapter 14: Cryptography and Steganography
Technical requirements
Encrypting and decrypting information with pycryptodome
Encrypting and decrypting information with cryptography
Steganography techniques for hiding information in images
Steganography with Stepic
Generating keys securely with the secrets and hashlib modules
Summary
Questions
Further reading
20
Assessments
Assessments
Chapter 1 – Working with Python Scripting
Chapter 2 – System Programming Packages
Chapter 3 – Socket Programming
Chapter 4 – HTTP Programming
Chapter 5 – Connecting to the Tor Network and Discovering Hidden Services
Chapter 6 – Gathering Information from Servers
Chapter 7 – Interacting with FTP, SFTP, and SSH Servers
Chapter 8 – Working with Nmap Scanner
Chapter 9 – Interacting with Vulnerability Scanners
Chapter 10 – Identifying Server Vulnerabilities in Web Applications
Chapter 11 – Security and Vulnerabilities in Python Modules
Chapter 12 – Python Tools for Forensics Analysis
Chapter 13 – Extracting Geolocation and Metadata from Documents, Images, and Browsers
Chapter 14 – Cryptography and Steganography
21
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Exploring Python data structures

In this section, we will review different types of data structures, including lists, tuples, and dictionaries. We will see methods and operations for managing these data structures and practical examples where we review the main use cases.

Lists

Lists in Python are equivalent to structures as dynamic vectors in programming languages such as C. We can express literals by enclosing their elements between a pair of brackets and separating them with commas. The first element of a list has index 0.

Consider the following example: a programmer can create a list using the append() method by adding objects, printing the objects, and then sorting them before printing again. We describe a list of protocols in the following example, and use the key methods of a Python list as add, index, and remove:

>>> protocolList = []
>>> protocolList.append(“ftp”)
>>> protocolList.append(“ssh”)
>>> protocolList.append(“smtp”)
>>> protocolList.append(“http”)
>>> print(protocolList)
[‘ftp’,’ssh’,’smtp’,’http’]
>>> protocolList.sort()
>>> print(protocolList)
[‘ftp’,’http’,’smtp’,’ssh’]
>>> type(protocolList)
<type ‘list’>
>>> len(protocolList)
4

To access specific positions, we can use the index() method, and to delete an element, we can use the remove() method:

>>> position = protocolList.index(“ssh”)
>>> print(“ssh position”+str(position))
ssh position 3
>>> protocolList.remove(“ssh”)
>>> print(protocolList)
[‘ftp’,’http’,’smtp’]
>>> count = len(protocolList)
>>> print(“Protocol elements “+str(count))
Protocol elements 3

To print out the whole protocol list, use the following instructions. This will loop through all the elements and print them:

>>> for protocol in protocolList:
>>> 	print (protocol)
ftp
http
smtp

Lists also have methods that help manipulate the values within them and allow us to store more than one variable within them and provide a better way to sort object arrays in Python. These are the techniques commonly used to control lists:

  • .append(value): Appends an element at the end of the list
  • .count(‘x’): Gets the number of ‘x’ in the list
  • .index(‘x’): Returns the index of ‘x’ in the list
  • .insert(‘y’,’x’): Inserts ‘x’ at location ‘y’
  • .pop(): Returns the last element and also removes it from the list
  • .remove(‘x’): Removes the first ‘x’ from the list
  • .reverse(): Reverses the elements in the list
  • .sort(): Sorts the list in ascending order

The indexing operator allows access to an element and is expressed syntactically by adding its index in brackets to the list, list [index]. You can change the value of a chosen element in the list using the index between brackets:

protocols[4] = ‘ssh’
print(“New list content: “, protocols)

Also, you can copy the value of a specific position to another position in the list:

protocols[1] = protocols[4]
print(“New list content:”, protocols)

The value inside the brackets that selects one element of the list is called an index, while the operation of selecting an element from the list is known as indexing.

Adding elements to a list

We can add elements to a list by means of the following methods:

  • list.append(value): This method allows an element to be inserted at the end of the list. It takes its argument’s value and puts it at the end of the list that owns the method. The list’s length then increases by one.
  • list.insert(location, value): The insert() method is a bit smarter since it can add a new element at any place in the list, and not just at the end. It takes as arguments first the required location of the element to be inserted and then the element to be inserted.

Reversing a list

Another interesting operation that we perform in lists is the one that offers the possibility of getting elements in a reverse way in the list through the reverse() method:

>>> protocolList.reverse()
>>> print(protocolList)
[‘smtp’,’http’,’ftp’]

Another way to do the same operation is to use the -1 index. This quick and easy technique shows how you can access all the elements of a list in reverse order:

>>> protocolList[::-1]
>>> print(protocolList)
[‘smtp’,’http’,’ftp’]

Searching elements in a list

In this example, we can see the code for finding the location of a given element inside a list. We use the range function to get elements inside protocolList and we compare each element with the element to find. When both elements are equal, we break the loop and return the element.

You can find the following code in the search_element_list.py file:

protocolList = [“FTP”, “HTTP”, “SNMP”, “SSH”]
toFind = “SSH”
found = False
for i in range(len(protocolList)):
        found = protocolList[i] == toFind
        if found:
                break
if found:
        print(“Element found at index”, i)
else:
        print(“Element not found”)

Now that you know how to add, reverse, and search for elements in a list, let’s move on to learning about tuples in Python.

Tuples

A tuple is like a list, except its size cannot change and cannot add more elements than originally specified. The parentheses delimit a tuple. If we try to modify a tuple element, we get an error that indicates that the tuple object does not support element assignment:

>>>tuple=(“ftp”,”ssh”,”http”,”snmp”)
>>>tuple[0]
‘ftp’
>>>tuple[0]=”FTP”
Traceback (most recent call last):
    File “<stdin>”, line 1, in <module>
TypeError: ‘tuple’ object does not support item assignment

Now that you know the basic data structures for working with Python, let’s move on to learning about Python dictionaries in order to organize information in the key-value format.

Python dictionaries

The Python dictionary data structure is probably the most important in the entire language and allows us to associate values with keys. A key is any immutable object. The value associated with a key can be accessed with the indexing operator. In Python, dictionaries are implemented using hash tables.

A Python dictionary is a way of storing information in the format of key: value pairs. Python dictionaries have curly brackets, {}. Let’s look at a protocols dictionary, with names and numbers, for example:

>>> services = {“ftp”:21, “ssh”:22, “smtp”:25, “http”:80}

The limitation with dictionaries is that we cannot use the same key to create multiple values. This will overwrite the duplicate key preceding value.

Using the update method, we can combine two distinct dictionaries into one. In addition, the update method will merge existing elements if they conflict:

>>> services = {“ftp”:21, “ssh”:22, “smtp”:25, “http”:80}
>>> services2 = {“ftp”:21, “ssh”:22, “snmp”:161, “ldap”:389}
>>> services.update(services2)
>>> print(services)
{“ftp”:21, “ssh”:22, “smtp”:25, “http”:80,”snmp”:161, “ldap”:389}

The first value is the key, and the second the key value. We can use any unchangeable value as a key. We can use numbers, sequences, Booleans, or tuples, but not lists or dictionaries, since they are mutable.

The main difference between dictionaries and lists or tuples is that values contained in a dictionary are accessed by their name and not by their index. You may also use this operator to reassign values, as in the lists and tuples:

>>> services[“http”]= 8080

This means that a dictionary is a set of key-value pairs with the following conditions:

  • Each key must be unique: That means it is not possible to have more than one key of the same value.
  • A key may be data of any type: It may be a number or a string.
  • A dictionary is not a list: A list contains a set of numbered values, while a dictionary holds pairs of values.
  • The len() function: This works for dictionaries and returns the number of key-value elements in the dictionary.

    Important note

    In Python 3.7, dictionaries have become ordered collections by default.

When building a dictionary, each key is separated from its value by a colon, and we separate items by commas. The .keys() method will return a list of all keys of a dictionary and the .items() method will return a complete list of elements in the dictionary. The following are examples involving these methods:

  • services.keys() is a method that will return all the keys in the dictionary.
  • services.items() is a method that will return the entire list of items in a dictionary:
>>> keys = services.keys()
>>> print(keys)
[‘ftp’, ‘smtp’, ‘ssh’, ‘http’, ‘snmp’]

Another way is based on using a dictionary’s method called items(). The method returns a list of tuples (this is the first example where tuples are something more than just an example of themselves) where each tuple is a key-value pair:

  1. Enter the following command:
    >>> items = services.items()
>>> print(items)
[(‘ftp’, 21), (‘smtp’,25), (‘ssh’, 22), (‘http’, 80), (‘snmp’, 161)]

    From the performance point of view, when it is stored, the key inside a dictionary is converted to a hash value to save space and boost efficiency when searching or indexing the dictionary. The dictionary may also be printed, and the keys browsed in a particular order.

  2. The following code sorts the dictionary elements in ascending order by key using the sort() method:
    >>> items.sort()
>>> print(items)
[(‘ftp’, 21), (‘http’, 80), (‘smtp’, 25), (‘snmp’, 161), (‘ssh’, 22)]
  3. Finally, you might want to iterate over a dictionary and extract and display all the key-value pairs with a classical for loop:
    >>> for key,value in services.items():
>>>	print(key,value)
ftp 21
smtp 25
ssh 22
http 80
snmp 16

Assigning a new value to an existing key is simple due to dictionaries being fully mutable. There are no obstacles to modify them:

  1. In this example, we’re going to replace the value of the http key:
    >>> services[‘http’] = 8080
>>> print(services)
{“ftp”:21, “ssh”:22, “smtp”:25, “http”:8080,”snmp”:161}
  2. Adding a new key-value pair to a dictionary is as easy as modifying a value. Only a new, previously non-existent key needs to be assigned to one:
    >>> services[‘ldap’] = 389
>>> print(services)
{“ftp”:21, “ssh”:22, “smtp”:25, “http”:8080,”snmp”:161, “ldap”:389}

Note that this is very different behavior compared to lists, which don’t allow you to assign values to non-existing indices.

Now that you know the main data structures for working with Python, let’s move on to learning how to structure our Python code with functions and classes.

Previous Section
End of Section 4
Next Section