Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Effective Python Penetration Testing
  • Table Of Contents Toc
  • Feedback & Rating feedback
Effective Python Penetration Testing

Effective Python Penetration Testing

By : Rejah Rehim
4 (1)
Buy this Book
close
close
Effective Python Penetration Testing

Effective Python Penetration Testing

4 (1)
By: Rejah Rehim
Buy this Book

Overview of this book

Penetration testing is a practice of testing a computer system, network, or web application to find weaknesses in security that an attacker can exploit. Effective Python Penetration Testing will help you utilize your Python scripting skills to safeguard your networks from cyberattacks. We will begin by providing you with an overview of Python scripting and penetration testing. You will learn to analyze network traffic by writing Scapy scripts and will see how to fingerprint web applications with Python libraries such as ProxMon and Spynner. Moving on, you will find out how to write basic attack scripts, and will develop debugging and reverse engineering skills with Python libraries. Toward the end of the book, you will discover how to utilize cryptography toolkits in Python and how to automate Python tools and libraries.
Table of Contents (11 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Conventions
Icon
Reader feedback
Icon
Customer support
Lock Free Chapter
1
1. Python Scripting Essentials
chevron up
Icon
1. Python Scripting Essentials
Icon
Setting up the scripting environment
Icon
Installing third-party libraries
Icon
Python language essentials
Icon
Summary
2
2. Analyzing Network Traffic with Scapy
Icon
2. Analyzing Network Traffic with Scapy
Icon
Sockets modules
Icon
Raw socket programming
Icon
Investigate network traffic with Scapy
Icon
Summary
3
3. Application Fingerprinting with Python
Icon
3. Application Fingerprinting with Python
Icon
Web scraping
Icon
Parsing HTML with lxml
Icon
OS fingerprinting
Icon
Get the EXIF data of an image
Icon
Web application fingerprinting
Icon
Summary
4
4. Attack Scripting with Python
Icon
4. Attack Scripting with Python
Icon
Injections
Icon
Broken authentication
Icon
Cross-site scripting (XSS)
Icon
Insecure direct object references
Icon
Security misconfiguration
Icon
Sensitive data exposure
Icon
Missing function level access control
Icon
CSRF attacks
Icon
Using components with known vulnerabilities
Icon
Unvalidated redirects and forwards
Icon
Summary
5
5. Fuzzing and Brute-Forcing
Icon
5. Fuzzing and Brute-Forcing
Icon
Fuzzing
Icon
Classification of fuzzers
Icon
Fuzzing and brute-forcing passwords
Icon
Dictionary attack
Icon
SSH brute-forcing
Icon
SMTP brute-forcing
Icon
Brute-forcing directories and file locations
Icon
Brute-force cracking password protected ZIP files
Icon
Summary
6
6. Debugging and Reverse Engineering
Icon
6. Debugging and Reverse Engineering
Icon
Reverse engineering
Icon
Portable executable analysis
Icon
Listing all imported and exported symbols
Icon
Disassembling with Capstone
Icon
PEfile with Capstone
Icon
Debugging
Icon
Using PyDBG
Icon
Summary
7
7. Crypto, Hash, and Conversion Functions
Icon
7. Crypto, Hash, and Conversion Functions
Icon
Cryptographic algorithms
Icon
Hash functions
Icon
Summary
8
8. Keylogging and Screen Grabbing
Icon
8. Keylogging and Screen Grabbing
Icon
Keyloggers
Icon
Keyloggers with pyhook
Icon
Screen grabbing
Icon
Summary
9
9. Attack Automation
Icon
9. Attack Automation
Icon
Paramiko
Icon
python-nmap
Icon
W3af REST API
Icon
Metasploit scripting with MSGRPC
Icon
ClamAV antivirus with Python
Icon
OWASP ZAP from Python
Icon
Accessing Nessus 6 API with Python
Icon
Summary
10
10. Looking Forward
Icon
10. Looking Forward
Icon
Pentestly
Icon
Twisted
Icon
Nscan
Icon
sqlmap
Icon
CapTipper
Icon
Immunity Debugger
Icon
pytbull
Icon
ghost.py
Icon
peepdf
Icon
Summary

Chapter 1. Python Scripting Essentials

Python is still the leading language in the world of penetration testing (pentesting) and information security. Python-based tools include all kinds of tools (used for inputting massive amounts of random data to find errors and security loop holes), proxies, and even the exploit frameworks. If you are interested in tinkering with pentesting tasks, Python is the best language to learn because of its large number of reverse engineering and exploitation libraries.

Over the years, Python has received numerous updates and upgrades. For example, Python 2 was released in 2000 and Python 3 in 2008. Unfortunately, Python 3 is not backward compatible, hence most of the programs written in Python 2 will not work in Python 3. Even though Python 3 was released in 2008, most of the libraries and programs still use Python 2. To do better penetration testing, the tester should be able to read, write, and rewrite Python scripts.

Python being a scripting language, security experts have preferred Python as a language to develop security toolkits. Its human-readable code, modular design, and large number of libraries provide a start for security experts and researchers to create sophisticated tools with it. Python comes with a vast library (standard library) which accommodates almost everything, from simple I/O to platform-specific API  calls. Many of the default and user-contributed libraries and modules can help us in penetration testing with building tools to achieve interesting tasks.

In this chapter, we will cover the following:

  • Setting up the scripting environment in different operating systems
  • Installing third party Python libraries
  • Working with virtual environments
  • Python language basics
Visually different images
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Effective Python Penetration Testing
End of Section 1
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon