Book Image

Effective Python Penetration Testing

By : Rejah Rehim
Book Image

Effective Python Penetration Testing

By: Rejah Rehim

Overview of this book

Penetration testing is a practice of testing a computer system, network, or web application to find weaknesses in security that an attacker can exploit. Effective Python Penetration Testing will help you utilize your Python scripting skills to safeguard your networks from cyberattacks. We will begin by providing you with an overview of Python scripting and penetration testing. You will learn to analyze network traffic by writing Scapy scripts and will see how to fingerprint web applications with Python libraries such as ProxMon and Spynner. Moving on, you will find out how to write basic attack scripts, and will develop debugging and reverse engineering skills with Python libraries. Toward the end of the book, you will discover how to utilize cryptography toolkits in Python and how to automate Python tools and libraries.
Table of Contents (16 chapters)
Effective Python Penetration Testing
About the Author
About the Reviewer


Running commands in remote systems via SSH is one of the most common components of automation. The Python module paramiko makes this easy by providing a programmatic interface to SSH. Paramiko gives you an easy way to use SSH functions in Python through an imported library. This allows us to drive SSH tasks, which you would normally perform manually.

Establish SSH connection with paramiko

The main class of paramiko is paramiko.SSHClient, which provides a basic interface to initiate server connections:

This will create a new SSHClient instance, and we then call the connect() method, which connects to the SSH server.

When we connect to a remote machine with any SSH client, that remote host's key will be automatically stored in the .ssh/known_hosts file in our home directory. So, the first time we connect to a remote system, we will get a message, as follows:

When you type yes for this message, it will add an entry in the known_hosts file. By accepting this message, a level of trust is...