Book Image

Effective Python Penetration Testing

By : Rejah Rehim
Book Image

Effective Python Penetration Testing

By: Rejah Rehim

Overview of this book

Penetration testing is a practice of testing a computer system, network, or web application to find weaknesses in security that an attacker can exploit. Effective Python Penetration Testing will help you utilize your Python scripting skills to safeguard your networks from cyberattacks. We will begin by providing you with an overview of Python scripting and penetration testing. You will learn to analyze network traffic by writing Scapy scripts and will see how to fingerprint web applications with Python libraries such as ProxMon and Spynner. Moving on, you will find out how to write basic attack scripts, and will develop debugging and reverse engineering skills with Python libraries. Toward the end of the book, you will discover how to utilize cryptography toolkits in Python and how to automate Python tools and libraries.
Table of Contents (11 chapters)

Portable executable analysis


Any UNIX or Windows binary executable file will have a header to describe its structure. This includes the base address of its code, data sections, and a list of functions that can be exported from the executable. When an executable file is executed by the operating system, first of all the operating system reads its header information and then loads the binary data from the binary file to populate the contents of the code and data sections of the address for the corresponding process.

A Portable Executable (PE) file is the file type that a Windows operating system can execute or run. The files that we run on Windows systems are Windows PE files; these can have EXE, DLL (Dynamic Link Library), and SYS (Device Driver) extensions. Also, they contain the PE file format.

Binary executable files on Windows have the following structure:

  • DOS Header (64 bytes)

  • PE Header

  • Sections (code and data)

We will now examine each of them in detail.

DOS header

The DOS Header starts with...