Sign In Start Free Trial

Book Overview & Buying
Table Of Contents
Feedback & Rating

Python Penetration Testing Cookbook

By : Rejah Rehim

3 (3)

Python Penetration Testing Cookbook

3 (3)

By: Rejah Rehim

Overview of this book

Penetration testing is the use of tools and code to attack a system in order to assess its vulnerabilities to external threats. Python allows pen testers to create their own tools. Since Python is a highly valued pen-testing language, there are many native libraries and Python bindings available specifically for pen-testing tasks. Python Penetration Testing Cookbook begins by teaching you how to extract information from web pages. You will learn how to build an intrusion detection system using network sniffing techniques. Next, you will find out how to scan your networks to ensure performance and quality, and how to carry out wireless pen testing on your network to avoid cyber attacks. After that, we’ll discuss the different kinds of network attack. Next, you’ll get to grips with designing your own torrent detection program. We’ll take you through common vulnerability scenarios and then cover buffer overflow exploitation so you can detect insecure coding. Finally, you’ll master PE code injection methods to safeguard your network.

Preface

Preface

What this book covers

What you need for this book

Who this book is for

Sections

Conventions

Reader feedback

Customer support

Free Chapter

Why Python in Penetration Testing?

Why Python in Penetration Testing?

Introduction

Why Python is a great option for security scripting

Python 3 language basics and differences

Setting Up a Python Environment

Setting Up a Python Environment

Introduction

Setting up a Python environment in Linux

Setting up a Python environment in macOS

Setting up a Python environment in Windows

Web Scraping with Python

Web Scraping with Python

Introduction

Download web pages with Python scripts

Changing the user agent

Downloading files

Using a regular expression to get the information from the downloaded web pages

Requesting and downloading dynamic website pages

Dynamic GET requests

Data Parsing with Python

Data Parsing with Python

Introduction

Parsing HTML tables

Extracting data from HTML documents

Parsing XML data

Web Scraping with Scrapy and BeautifulSoup

Web Scraping with Scrapy and BeautifulSoup

Introduction

Web spiders with Scrapy

Scrapy shell

Link extractor with Scrapy

Scraping after logging into websites using Scrapy

Network Scanning with Python

Network Scanning with Python

Introduction

Simple port scanner

IP range/network scanner

Stealth scanning

FIN scanning

XMAS scanning

TCP ACK scanning

LanScan

Network Sniffing with Python

Network Sniffing with Python

Introduction

Packet sniffer in Python

Parsing the packet

PyShark

Scapy Basics

Scapy Basics

Introduction

Creating a packet with Scapy

Sending and receiving packets with Scapy

Layering packets

Reading and writing to pcap files

Sniffing packets

ARP man-in-the-middle tool with Scapy

Wi-Fi Sniffing

Wi-Fi Sniffing

Introduction

Finding Wi-Fi devices

Getting ready

Finding SSIDs

Exposing hidden SSIDs

Dictionary attack on hidden SSIDs

Fake access points with Scapy

Layer 2 Attacks

Layer 2 Attacks

Introduction

ARP Watcher

ARP cache poisoning

MAC flooder

VLAN hopping

ARP spoofing over VLAN hopping

DHCP starvation

TCP/IP Attacks

TCP/IP Attacks

Introduction

IP spoofing

SYN flooding

Password sniffer with Python over LAN

Introduction to Exploit Development

Introduction to Exploit Development

Introduction

Memory dump

CPU instructions

Windows Exploit Development

Windows Exploit Development

Introduction

Windows memory layout

Buffer overflow with saved return pointer overwrite

Structured Exception Handling

Egg hunters

Linux Exploit Development

Linux Exploit Development

Introduction

Format string exploitation

Buffer overflow

Customer Reviews

3 (3)

5 star

33.3%

4 star

0%

3 star

33.3%

2 star

0%

1 star

33.3%

Conventions

In this book, you will find a number of text styles that distinguish between different kinds of information. Here are some examples of these styles and an explanation of their meaning. Code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles are shown as follows: "It will be extracted to a Python-3.6.2 folder"

A block of code is set as follows:

import urllib.request
import urllib.parse
import re
from os.path import basename

Any command-line input or output is written as follows:

$ sudo apt-get install python

New terms and important words are shown in bold. Words that you see on the screen, for example, in menus or dialog boxes, appear in the text like this: "This will show an option Package Control: Install Package."

Warnings or important notes appear like this.

Tips and tricks appear like this.

Visually different images

CONTINUE READING

83

Tech Concepts

36

Programming languages

73

Tech Tools

Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.

Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.

50+ new titles added per month and exclusive early access to books as they are being written.

Python Penetration Testing Cookbook

Search

Your notes and bookmarks