Sign In Start Free Trial

Book Overview & Buying
Table Of Contents

Python Penetration Testing Essentials

By : Mohit Raj

3 (9)

Python Penetration Testing Essentials

3 (9)

By: Mohit Raj

Overview of this book

If you are a Python programmer or a security researcher who has basic knowledge of Python programming and want to learn about penetration testing with the help of Python, this book is ideal for you. Even if you are new to the field of ethical hacking, this book can help you find the vulnerabilities in your system so that you are ready to tackle any kind of attack or intrusion.

Preface

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Free Chapter

1. Python with Penetration Testing and Networking

1. Python with Penetration Testing and Networking

Introducing the scope of pentesting

Approaches to pentesting

Introducing Python scripting

Understanding the tests and tools you'll need

Learning the common testing platforms with Python

Network sockets

Server socket methods

Client socket methods

General socket methods

Moving on to the practical

Summary

2. Scanning Pentesting

2. Scanning Pentesting

How to check live systems in a network and the concept of a live system

What are the services running on the target machine?

Summary

3. Sniffing and Penetration Testing

3. Sniffing and Penetration Testing

Introducing a network sniffer

Implementing a network sniffer using Python

Learning about packet crafting

Introducing ARP spoofing and implementing it using Python

Testing the security system using custom packet crafting and injection

Summary

4. Wireless Pentesting

4. Wireless Pentesting

Wireless SSID finding and wireless traffic analysis by Python

Wireless attacks

Summary

5. Foot Printing of a Web Server and a Web Application

5. Foot Printing of a Web Server and a Web Application

The concept of foot printing of a web server

Introducing information gathering

Information gathering of a website from SmartWhois by the parser BeautifulSoup

Banner grabbing of a website

Hardening of a web server

Summary

6. Client-side and DDoS Attacks

6. Client-side and DDoS Attacks

Introducing client-side validation

Tampering with the client-side parameter with Python

Effects of parameter tampering on business

Introducing DoS and DDoS

Summary

7. Pentesting of SQLI and XSS

7. Pentesting of SQLI and XSS

Introducing the SQL injection attack

Types of SQL injections

Understanding the SQL injection attack by a Python script

Learning about Cross-Site scripting

Summary

Index

Index

Chapter 7. Pentesting of SQLI and XSS

In this chapter, we will discuss some serious attacks on a web application. You must have heard about incidents such as data theft, the cracking of usernames and passwords, the defacement of websites, and so on, that are known to occur mainly due to the vulnerabilities that exist in web applications, such as SQL injection and XSS attacks. In Chapter 5, Foot Printing of a Web Server and a Web Application, you learned how to see which database software is being used and which OS is running on the web server. Now we will proceed with our attacks one by one. In this chapter, we will cover the following topics:

The SQL injection attack
Types of SQL injection attacks
An SQL injection attack by Python script
A Cross-site scripting attack
Types of XSS
An XSS attack by Python script

CONTINUE READING

83

Tech Concepts

36

Programming languages

73

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Python Penetration Testing Essentials

Search

Your notes and bookmarks