Book Image

Hands-On Penetration Testing with Python

By : Furqan Khan
Book Image

Hands-On Penetration Testing with Python

By: Furqan Khan

Overview of this book

With the current technological and infrastructural shift, penetration testing is no longer a process-oriented activity. Modern-day penetration testing demands lots of automation and innovation; the only language that dominates all its peers is Python. Given the huge number of tools written in Python, and its popularity in the penetration testing space, this language has always been the first choice for penetration testers. Hands-On Penetration Testing with Python walks you through advanced Python programming constructs. Once you are familiar with the core concepts, you’ll explore the advanced uses of Python in the domain of penetration testing and optimization. You’ll then move on to understanding how Python, data science, and the cybersecurity ecosystem communicate with one another. In the concluding chapters, you’ll study exploit development, reverse engineering, and cybersecurity use cases that can be automated with Python. By the end of this book, you’ll have acquired adequate skills to leverage Python as a helpful tool to pentest and secure infrastructure, while also creating your own custom exploits.
Table of Contents (18 chapters)

Fuzzing Linux applications

Fuzzing is a technique used to discover bugs in an application that make the application crash when presented with input that was not anticipated by the application. Fuzzing typically involves the use of automated tools or scripts that send large strings to an application that would cause an application to break. The idea behind fuzzing is to discover vulnerabilities or bugs that, if found, could lead to catastrophic consequences. These vulnerabilities could belong to either the following categories:

  • Buffer overflow vulnerabilities
  • String format vulnerabilities

Fuzzing is the technique of sending randomly generated code to our test program with the intention of crashing it or seeing how it might behave on different inputs. Fuzzing is an automated way of sending payloads of different lengths to the program that is being tested, to see whether the program...