Book Image

Python Web Penetration Testing Cookbook

By : Benjamin May, Cameron Buchanan, Andrew Mabbitt, Dave Mound, Terry Ip
Book Image

Python Web Penetration Testing Cookbook

By: Benjamin May, Cameron Buchanan, Andrew Mabbitt, Dave Mound, Terry Ip

Overview of this book

Related Content you might be interested in

Current Title:

Small book image
Python Web Penetration Testing Cookbook
Benjamin May | Cameron Buchanan | Andrew Mabbitt | Dave Mound | Terry Ip
Jun, 2015 | 224 pages
No titles found
Table of Contents (16 chapters)
Python Web Penetration Testing Cookbook
Python Web Penetration Testing Cookbook
Credits
Credits
About the Authors
About the Authors
About the Reviewers
About the Reviewers
www.PacktPub.com
www.PacktPub.com
Preface
Preface
Free Chapter
1
Gathering Open Source Intelligence
Gathering Open Source Intelligence
Introduction
Gathering information using the Shodan API
Scripting a Google+ API search
Downloading profile pictures using the Google+ API
Harvesting additional results from the Google+ API using pagination
Getting screenshots of websites with QtWebKit
Screenshots based on a port list
Spidering websites
2
Enumeration
Enumeration
Introduction
Performing a ping sweep with Scapy
Scanning with Scapy
Checking username validity
Brute forcing usernames
Enumerating files
Brute forcing passwords
Generating e-mail addresses from names
Finding e-mail addresses from web pages
Finding comments in source code
3
Vulnerability Identification
Vulnerability Identification
Introduction
Automated URL-based Directory Traversal
Automated URL-based Cross-site scripting
Automated parameter-based Cross-site scripting
Automated fuzzing
jQuery checking
Header-based Cross-site scripting
Shellshock checking
4
SQL Injection
SQL Injection
Introduction
Checking jitter
Identifying URL-based SQLi
Exploiting Boolean SQLi
Exploiting Blind SQL Injection
Encoding payloads
5
Web Header Manipulation
Web Header Manipulation
Introduction
Testing HTTP methods
Fingerprinting servers through HTTP headers
Testing for insecure headers
Brute forcing login through the Authorization header
Testing for clickjacking vulnerabilities
Identifying alternative sites by spoofing user agents
Testing for insecure cookie flags
Session fixation through a cookie injection
6
Image Analysis and Manipulation
Image Analysis and Manipulation
Introduction
Hiding a message using LSB steganography
Extracting messages hidden in LSB
Hiding text in images
Extracting text from images
Enabling command and control using steganography
7
Encryption and Encoding
Encryption and Encoding
Introduction
Generating an MD5 hash
Generating an SHA 1/128/256 hash
Implementing SHA and MD5 hashes together
Implementing SHA in a real-world scenario
Generating a Bcrypt hash
Cracking an MD5 hash
Encoding with Base64
Encoding with ROT13
Cracking a substitution cipher
Cracking the Atbash cipher
Attacking one-time pad reuse
Predicting a linear congruential generator
Identifying hashes
8
Payloads and Shells
Payloads and Shells
Introduction
Extracting data through HTTP requests
Creating an HTTP C2
Creating an FTP C2
Creating an Twitter C2
Creating a simple Netcat shell
9
Reporting
Reporting
Introduction
Converting Nmap XML to CSV
Extracting links from a URL to Maltego
Extracting e-mails to Maltego
Parsing Sslscan into CSV
Generating graphs using plot.ly
Index
Index

About the Reviewers

Sam Brown is a security researcher based in the UK and has a background in software engineering and electronics. He is primarily interested in breaking things, building tools to help break things, and burning himself with a soldering iron.

James Burns is currently a security consultant, but with a technology career spanning over 15 years, he has held positions ranging from a helpdesk phone answerer to a network cable untangler, to technical architect roles. A network monkey at heart, he is happiest when he is up to his elbows in packets but has been known to turn his hand to most technical disciplines.

When not working as a penetration tester, he has a varied range of other security interests, including scripting, vulnerability research, and intelligence gathering. He also has a long-time interest in building and researching embedded Linux systems. While he's not very good at them, he also enjoys the occasional CTF with friends. Occasionally, he gets out into the real world and pursues his other hobby of cycling.

I would like to thank my parents for giving me the passion to learn and the means to try. I would also like to thank my fantastic girlfriend, Claire, for winking at me once; never before has a wink led to such a dramatic move. She continues to support me in all that I do, even at her own expense. Finally, I should like to thank the youngest people in my household, Grace and Samuel, for providing me with the ultimate incentive for always trying to improve myself. These are the greatest joys that a bloke could wish for.

Rejah Rehim is currently a software engineer for Digital Brand Group (DBG), India and is a long-time preacher of open source. He is a steady contributor to the Mozilla Foundation and his name has featured in the San Francisco Monument made by the Mozilla Foundation.

He is part of the Mozilla Add-on Review Board and has contributed to the development of several node modules. He has also been credited with the creation of eight Mozilla add-ons, including the highly successful Clear Console add-on, which was selected as one of the best Mozilla add-ons of 2013. With a user base of more than 44,000, it has registered more than 4,50,000 downloads till date. He successfully created the world's first one-of-the-kind Security Testing Browser Bundle, PenQ, which is an open source Linux-based penetration testing browser bundle, preconfigured with tools for spidering, advanced web searching, fingerprinting, and so on.

He is also an active member of the OWASP and the chapter leader of OWASP, Kerala. He is also one of the moderators of the OWASP Google+ group and an active speaker at Coffee@DBG, one of the premier monthly tech rendezvous in Technopark, Kerala. Besides currently being a part of the Cyber Security division of DBG and QBurst in previous years, he is also a fan of process automation and has implemented it in DBG.

Ishbir Singh is studying computer engineering and computer science at the Georgia Institute of Technology. He's been programming since he was 9 and has built a wide variety of software, from those meant to run on a calculator to those intended for deployment in multiple data centers around the world. Trained as a Microsoft Certified System Engineer and certified by Linux Professional Institute, he has also dabbled in reverse engineering, information security, hardware programming, and web development. His current interests lie in developing cryptographic peer-to-peer trustless systems, polishing his penetration testing skills, learning new languages (both human and computer), and playing table tennis.

Matt Watkins is a final year computer networks and cyber security student. He has been the Cyber Security Challenge master class finalist twice. Most of the time, you'll find him studying, reading, writing, programming, or just generally breaking things. He also enjoys getting his heart pumping, which includes activities such as running, hitting the gym, rock climbing, and snowboarding.

Previous Section
Next Chapter