Book Image

Python Penetration Testing Essentials - Second Edition

By : Mohit Raj
Book Image

Python Penetration Testing Essentials - Second Edition

By: Mohit Raj

Overview of this book

This book gives you the skills you need to use Python for penetration testing (pentesting), with the help of detailed code examples. We start by exploring the basics of networking with Python and then proceed to network hacking. Then, you will delve into exploring Python libraries to perform various types of pentesting and ethical hacking techniques. Next, we delve into hacking the application layer, where we start by gathering information from a website. We then move on to concepts related to website hacking—such as parameter tampering, DDoS, XSS, and SQL injection. By reading this book, you will learn different techniques and methodologies that will familiarize you with Python pentesting techniques, how to protect yourself, and how to create automated programs to find the admin console, SQL injection, and XSS attacks.
Table of Contents (11 chapters)

Fake OS-signature reply to nmap

In this section, we are going to create a fake OS signature. By using the following nmap, we can identify the OS of the victim machine:

nmap -O <ip-address>: The nmap sends seven TCP/IP-crafted packets and evaluates the response with its own OS signature databases. For more details, you can read the web page at https://nmap.org/misc/defeat-nmap-osdetect.html.

The nmap needs at least one open and one closed port to identify the OS. Again, we are going to use all the previous codes. The ports 445 and 135 acts as open ports and 80 act as a closed port.

Let's run nmap as shown in the following screenshot:

It is giving a different OS, not Debian. You can make the code more complicated by learning the nmap OS detection algorithm.