Book Image

Python Penetration Testing Cookbook

By : Rejah Rehim
Book Image

Python Penetration Testing Cookbook

By: Rejah Rehim

Overview of this book

Penetration testing is the use of tools and code to attack a system in order to assess its vulnerabilities to external threats. Python allows pen testers to create their own tools. Since Python is a highly valued pen-testing language, there are many native libraries and Python bindings available specifically for pen-testing tasks. Python Penetration Testing Cookbook begins by teaching you how to extract information from web pages. You will learn how to build an intrusion detection system using network sniffing techniques. Next, you will find out how to scan your networks to ensure performance and quality, and how to carry out wireless pen testing on your network to avoid cyber attacks. After that, we’ll discuss the different kinds of network attack. Next, you’ll get to grips with designing your own torrent detection program. We’ll take you through common vulnerability scenarios and then cover buffer overflow exploitation so you can detect insecure coding. Finally, you’ll master PE code injection methods to safeguard your network.

Related Content you might be interested in

Current Title:

Small book image
Python Penetration Testing Cookbook
Rejah Rehim
Nov, 2017 | 226 pages
Small book image
Penetration Testing with Shellcode
Hamza Megahed
Feb, 2018 | 346 pages
Small book image
Python Penetration Testing Essentials
Mohit Raj
May, 2018 | 230 pages
Small book image
Offensive Shellcode from Scratch.
Rishalin Pillay
Apr, 2022 | 208 pages
Table of Contents (15 chapters)
Preface
Preface
What this book covers
What you need for this book
Who this book is for
Sections
Conventions
Reader feedback
Customer support
Free Chapter
1
Why Python in Penetration Testing?
Why Python in Penetration Testing?
Introduction
Why Python is a great option for security scripting
Python 3 language basics and differences
2
Setting Up a Python Environment
Setting Up a Python Environment
Introduction
Setting up a Python environment in Linux
Setting up a Python environment in macOS
Setting up a Python environment in Windows
3
Web Scraping with Python
Web Scraping with Python
Introduction
Download web pages with Python scripts
Changing the user agent
Downloading files
Using a regular expression to get the information from the downloaded web pages
Requesting and downloading dynamic website pages
Dynamic GET requests
4
Data Parsing with Python
Data Parsing with Python
Introduction
Parsing HTML tables
Extracting data from HTML documents
Parsing XML data
5
Web Scraping with Scrapy and BeautifulSoup
Web Scraping with Scrapy and BeautifulSoup
Introduction
Web spiders with Scrapy
Scrapy shell
Link extractor with Scrapy
Scraping after logging into websites using Scrapy
6
Network Scanning with Python
Network Scanning with Python
Introduction
Simple port scanner
IP range/network scanner
Stealth scanning
FIN scanning
XMAS scanning
TCP ACK scanning
LanScan
7
Network Sniffing with Python
Network Sniffing with Python
Introduction
Packet sniffer in Python
Parsing the packet
PyShark
8
Scapy Basics
Scapy Basics
Introduction
Creating a packet with Scapy
Sending and receiving packets with Scapy
Layering packets
Reading and writing to pcap files
Sniffing packets
ARP man-in-the-middle tool with Scapy
9
Wi-Fi Sniffing
Wi-Fi Sniffing
Introduction
Finding Wi-Fi devices
Getting ready
Finding SSIDs
Exposing hidden SSIDs
Dictionary attack on hidden SSIDs
Fake access points with Scapy
10
Layer 2 Attacks
Layer 2 Attacks
Introduction
ARP Watcher
ARP cache poisoning
MAC flooder
VLAN hopping
ARP spoofing over VLAN hopping
DHCP starvation
11
TCP/IP Attacks
TCP/IP Attacks
Introduction
IP spoofing
SYN flooding
Password sniffer with Python over LAN
12
Introduction to Exploit Development
Introduction to Exploit Development
Introduction
Memory dump
CPU instructions
13
Windows Exploit Development
Windows Exploit Development
Introduction
Windows memory layout
Buffer overflow with saved return pointer overwrite
Structured Exception Handling
Egg hunters
14
Linux Exploit Development
Linux Exploit Development
Introduction
Format string exploitation
Buffer overflow

Structured Exception Handling

The Structured Exception Handling (SEH) is a protection mechanism to prevent the buffer overflows. SEH uses a linked list as it contains a sequence of data records. When an exception occurs, the OS will go through this list and check for the suitable exception function. For this, the exception handler requires a pointer to the current exception registration record (SEH) and another pointer to the next exception registration record (nSEH). As the Windows stack grows downwards, the order will be reversed:

So, if we can overwrite the SEH with a POP POP RETN instruction, the POP will remove four bytes from the top of the stack and the RETN will return an execution to the top of the stack. As the SEH is located at esp+8, we can increment the stack with eight bytes and return to the new pointer at the top of the stack. Then we will be executing nSEH. So...

Previous Section
End of Section 5
Next Section