Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Python for Offensive PenTest
  • Table Of Contents Toc
Python for Offensive PenTest

Python for Offensive PenTest

By : Khrais
3.4 (7)
Buy this Book
close
close
Python for Offensive PenTest

Python for Offensive PenTest

3.4 (7)
By: Khrais
Buy this Book

Overview of this book

Python is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script. This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment. By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.
Table of Contents (8 chapters)
close
close
close
Preface
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Lock Free Chapter
1
Warming up – Your First Antivirus-Free Persistence Shell
Icon
Warming up – Your First Antivirus-Free Persistence Shell
Icon
Preparing the attacker machine
Icon
Preparing the target machine
Icon
TCP reverse shell
Icon
HTTP reverse shell
Icon
Persistence
Icon
Tuning the connection attempts
Icon
Tips for preventing a shell breakdown
Icon
Countermeasures
Icon
Summary
2
Advanced Scriptable Shell
Icon
Advanced Scriptable Shell
Icon
Dynamic DNS
Icon
Interacting with Twitter
Icon
Replicating Metasploit's screen capturing
Icon
Replicating Metasploit searching for content
Icon
Integrating low-level port scanner
Icon
Summary
3
Password Hacking
Icon
Password Hacking
Icon
Antivirus free keylogger
Icon
Hijacking KeePass password manager
Icon
Man in the browser
Icon
Firefox API hooking with Immunity Debugger
Icon
Python in Firefox proof of concept (PoC)
Icon
Python in Firefox EXE
Icon
Dumping saved passwords out of Google Chrome
Icon
Submitting the recovered password over HTTP session
Icon
Password phishing – DNS poisoning
Icon
Facebook password phishing
Icon
Countermeasures
Icon
Summary
4
Catch Me If You Can!
Icon
Catch Me If You Can!
Icon
Bypassing host-based firewalls
Icon
Bypassing reputation filtering in next generation firewalls
Icon
Bypassing botnet filtering
Icon
Summary
5
Miscellaneous Fun in Windows
chevron up
Icon
Miscellaneous Fun in Windows
Icon
Privilege escalation – weak service file
Icon
Privilege escalation – preparing vulnerable software
Icon
Privilege escalation – backdooring legitimate windows service
Icon
Privilege escalation – creating a new admin account and covering the tracks
Icon
Summary
6
Abuse of Cryptography by Malware
Icon
Abuse of Cryptography by Malware
Icon
Introduction to encryption algorithms
Icon
Protecting your tunnel with AES – stream mode
Icon
Protecting your tunnel with RSA
Icon
Hybrid encryption key
Icon
Summary
7
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

Privilege escalation – preparing vulnerable software

For this demonstration, I will be using a vulnerable software named Photodex taken from an Exploit Database website. You can download this software from https://www.exploit-db.com/exploits/24872/. Once the software is downloaded, install this software on our target machine. Once it's finished, restart the machine.

So now, let's try and create a nonadmin standard account in our target Windows machine by going to Control Panel | Add or remove user accounts | Create a new account. Let's call this one nonadmin. After creating the account log into the nonadmin account and navigate to the Photodex directory created while installation at C:\ drive and at the same time, open the Task Manager.

You will be able to see the service name, which gets created by Photodex software, which is ScsiAccess under the Services tab. To get more information about this service, click on the Services button. In the Services window that opens, find the ScsiAccess,...

CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
Python for Offensive PenTest
End of Chapter 5
Next Chapter
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist download Download options
font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon