Book Image

Effective Python Penetration Testing

By : Rejah Rehim
Book Image

Effective Python Penetration Testing

By: Rejah Rehim

Overview of this book

Penetration testing is a practice of testing a computer system, network, or web application to find weaknesses in security that an attacker can exploit. Effective Python Penetration Testing will help you utilize your Python scripting skills to safeguard your networks from cyberattacks. We will begin by providing you with an overview of Python scripting and penetration testing. You will learn to analyze network traffic by writing Scapy scripts and will see how to fingerprint web applications with Python libraries such as ProxMon and Spynner. Moving on, you will find out how to write basic attack scripts, and will develop debugging and reverse engineering skills with Python libraries. Toward the end of the book, you will discover how to utilize cryptography toolkits in Python and how to automate Python tools and libraries.
Table of Contents (16 chapters)
Effective Python Penetration Testing
About the Author
About the Reviewer


SQL Injection is the method where an attacker may create or alter SQL commands in order to disclose data in the database. This can be effective on an application that takes user input and combines it with static parameters to build a SQL query without proper validation.

Likewise, all types of injection attacks can be done with manipulating input data to the application. With Python, we could inject some attack vectors to the application and analyze the output to verify the possibility of the attack. Mechanize is a very useful Python module for navigating through web forms, which provide a stateful programmatic web-browsing experience with Python.

We could use mechanize to submit forms and analyze the response:

import mechanize 
 # Import module 
# Set the URL 
url = "" 
request = mechanize.Browser() 
# Selected the first form in the page...