Book Image

Python for Offensive PenTest

By : Hussam Khrais
Book Image

Python for Offensive PenTest

By: Hussam Khrais

Overview of this book

Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script. This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment. By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.
Table of Contents (13 chapters)
Title Page
Copyright and Credits
Packt Upsell

Bypassing botnet filtering

If you have read the previous sections in order, then at this point you should be able to grab a command over Twitter without the need to log into Twitter and submit a text into a Google form, also without logging into the Google account. Lastly, you should be able to upload files to SourceForge. So, you might be asking: what can a hacker do with these services?

Well, they can send a command such as ipconfig as a tweet and then they can make multiple infected targets to parse the tweet and execute the commands. After executing the commands, we get the execution results, which can be submitted to a Google form. Alternatively, if the command syntax or format was containing the grab keyword, then the target will upload the files into our SourceForge repository.

Now, in modern firewalls, the botnet filtering feature is looking for a certain criteria or parameter, like the application or protocol being used by the modern botnets such as IRC, Dynamic DNS, as well as the...