This chapter will go through some Windows-based vulnerabilities and the exploit techniques using Python. The solution for the exploit development tasks is to replace the program instructions with our instructions to manipulate the application behavior. We will be using an Immunity Debugger for debugging the applications. As the victim machine will be a Windows machine, we require a machine with Window XP OS installed on it. We are using the old XP version for the ease of exploiting, and the sample applications with vulnerabilities will work in XP.
Python Penetration Testing Cookbook
By :
Python Penetration Testing Cookbook
By:
Overview of this book
Penetration testing is the use of tools and code to attack a system in order to assess its vulnerabilities to external threats. Python allows pen testers to create their own tools. Since Python is a highly valued pen-testing language, there are many native libraries and Python bindings available specifically for pen-testing tasks.
Python Penetration Testing Cookbook begins by teaching you how to extract information from web pages. You will learn how to build an intrusion detection system using network sniffing techniques. Next, you will find out how to scan your networks to ensure performance and quality, and how to carry out wireless pen testing on your network to avoid cyber attacks. After that, we’ll discuss the different kinds of network attack. Next, you’ll get to grips with designing your own torrent detection program. We’ll take you through common vulnerability scenarios and then cover buffer overflow exploitation so you can detect insecure coding. Finally, you’ll master PE code injection methods to safeguard your network.
Table of Contents (15 chapters)
Preface
Free Chapter
Why Python in Penetration Testing?
Setting Up a Python Environment
Web Scraping with Python
Data Parsing with Python
Web Scraping with Scrapy and BeautifulSoup
Network Scanning with Python
Network Sniffing with Python
Scapy Basics
Wi-Fi Sniffing
Layer 2 Attacks
TCP/IP Attacks
Introduction to Exploit Development
Windows Exploit Development
Linux Exploit Development
Customer Reviews