Book Image

Hands-On Penetration Testing with Python

By : Furqan Khan
Book Image

Hands-On Penetration Testing with Python

By: Furqan Khan

Overview of this book

With the current technological and infrastructural shift, penetration testing is no longer a process-oriented activity. Modern-day penetration testing demands lots of automation and innovation; the only language that dominates all its peers is Python. Given the huge number of tools written in Python, and its popularity in the penetration testing space, this language has always been the first choice for penetration testers. Hands-On Penetration Testing with Python walks you through advanced Python programming constructs. Once you are familiar with the core concepts, you’ll explore the advanced uses of Python in the domain of penetration testing and optimization. You’ll then move on to understanding how Python, data science, and the cybersecurity ecosystem communicate with one another. In the concluding chapters, you’ll study exploit development, reverse engineering, and cybersecurity use cases that can be automated with Python. By the end of this book, you’ll have acquired adequate skills to leverage Python as a helpful tool to pentest and secure infrastructure, while also creating your own custom exploits.
Table of Contents (18 chapters)

Summary

In this chapter, we discussed reverse engineering in Linux. We also studied fuzzing using Python. We looked at assembly language and mnemonics within the context of Linux debuggers (edb and gdb). We discussed stack buffer overflows in great detail, and we learned about the concepts of Heap buffer overflow and string format vulnerabilities. I would highly recommend spending a good amount of time on these ideas and exploring them on different operating system versions and vulnerable applications. By the end of this chapter, you should have a fair understanding of buffer overflow vulnerabilities and reversing in a Linux environment.

In the next chapter, we will discuss reverse engineering and buffer overflow vulnerabilities in the Windows environment. We will demonstrate exploitation using a real-world application.