Book Image

Python for Offensive PenTest

By : Hussam Khrais
Book Image

Python for Offensive PenTest

By: Hussam Khrais

Overview of this book

Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script. This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment. By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.
Table of Contents (13 chapters)
Title Page
Copyright and Credits
Packt Upsell

Integrating low-level port scanner

During penetration testing, sometimes you encounter a scenario where your client is using some kind of an internal server that is not accessible through the internet. And just because of this they think it's secure. In this section, we will see how we can integrate a simple port scanner with our script to prevent a possible attack.

Usually, once you get into your target machine, you start looking for other possible targets. For example, if we were able to access machine A, then we can extend our attack and scan machine B to see what ports and services are running on that machine. The other usages are to make the target scan an online server on our behalf to hide our activities. Now, let's get to the coding part. We will build a basic low-level scanner. It's named low-level because we will use the built-in socket library and then build on it. The formula or the format for sending scan requests is scan followed by a space, then the IP address followed by a...