Book Image

Python for Offensive PenTest

By : Hussam Khrais
Book Image

Python for Offensive PenTest

By: Hussam Khrais

Overview of this book

Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script. This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment. By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.
Table of Contents (13 chapters)
Title Page
Copyright and Credits
Packt Upsell

Bypassing host-based firewalls

In all our previous chapters, we assumed that any process on the target machine can initiate a session to the internet without any restrictions. Now, in many enterprise networks, they don't rely on the built-in Windows Firewall. Instead, they use an advanced host-based firewall to limit what process can initiate a session to the internet, just like how the access lists work. So, for instance, let's assume that the system administrator has allowed only some business-needed processes to access the internet. For example, let's say that the system administrator allowed the Windows update and the antivirus update, as well as the most common browsers, such as Chrome, Internet Explorer, and Firefox. So, only these processes are allowed to reach over the internet; any other process will be blocked. By implementing such a policy, our backdoor has no chance to survive since it won't be listed in the administrator list by default. Eventually, we don't get any shell to...