Book Image

Effective Python Penetration Testing

By : Rejah Rehim
Book Image

Effective Python Penetration Testing

By: Rejah Rehim

Overview of this book

Penetration testing is a practice of testing a computer system, network, or web application to find weaknesses in security that an attacker can exploit. Effective Python Penetration Testing will help you utilize your Python scripting skills to safeguard your networks from cyberattacks. We will begin by providing you with an overview of Python scripting and penetration testing. You will learn to analyze network traffic by writing Scapy scripts and will see how to fingerprint web applications with Python libraries such as ProxMon and Spynner. Moving on, you will find out how to write basic attack scripts, and will develop debugging and reverse engineering skills with Python libraries. Toward the end of the book, you will discover how to utilize cryptography toolkits in Python and how to automate Python tools and libraries.
Table of Contents (16 chapters)
Effective Python Penetration Testing
About the Author
About the Reviewer

OS fingerprinting

A common process in pentesting is to identify the operating system used by the host. Usually, this involves tools like hping or Nmap, and in most cases these tools are quite aggressive to obtain such information and may generate alarms on the target host. OS fingerprinting mainly falls into two categories: active OS fingerprinting and passive OS fingerprinting.

Active fingerprinting is the method of sending packets to a remote host and analyzing corresponding responses. In passive fingerprinting, it analyzes packets from a host, so it does not send any traffic to the host and acts as a sniffer. In passive fingerprinting, it sniffs TCP/IP ports, so it avoids detection or being stopped by a firewall. Passive fingerprinting determines the target OS by analyzing the initial Time to Live (TTL) in IP headers packets, and with the TCP window size in the first packet of a TCP session. The first packet of TCP session is usually either a SYN (synchronize) or SYN/ACK (synchronize and...