Book Image

Python for Security and Networking - Third Edition

By : José Ortega
4 (2)
Book Image

Python for Security and Networking - Third Edition

4 (2)
By: José Ortega

Overview of this book

Python’s latest updates add numerous libraries that can be used to perform critical security-related missions, including detecting vulnerabilities in web applications, taking care of attacks, and helping to build secure and robust networks that are resilient to them. This fully updated third edition will show you how to make the most of them and improve your security posture. The first part of this book will walk you through Python scripts and libraries that you’ll use throughout the book. Next, you’ll dive deep into the core networking tasks where you will learn how to check a network’s vulnerability using Python security scripting and understand how to check for vulnerabilities in your network – including tasks related to packet sniffing. You’ll also learn how to achieve endpoint protection by leveraging Python packages along with writing forensics scripts. The next part of the book will show you a variety of modern techniques, libraries, and frameworks from the Python ecosystem that will help you extract data from servers and analyze the security in web applications. You’ll take your first steps in extracting data from a domain using OSINT tools and using Python tools to perform forensics tasks. By the end of this book, you will be able to make the most of Python to test the security of your network and applications.

Related Content you might be interested in

Current Title:

Small book image
Python for Security and Networking - Third Edition
José Ortega
Jun, 2023 | 586 pages
Small book image
Mastering Python for Networking and Security
Joseacute Ortega
Sep, 2018 | 426 pages
Small book image
Learning Python Networking,
Sam Washington | Joseacute Ortega | M O Faruque Sarker
Mar, 2019 | 490 pages
Small book image
Python Penetration Testing Essentials.
Mohit Raj
May, 2018 | 230 pages
Table of Contents (23 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
1
Section 1: Python Environment and System Programming Tools
Section 1: Python Environment and System Programming Tools
Free Chapter
2
Working with Python Scripting
Working with Python Scripting
Technical requirements
Learn about data structures and collections in Python
Working with functions, classes, and objects in Python
Working with files in Python
Python modules and packages
Managing dependencies and virtual environments
Development environments for Python scripting
Summary
Questions
Further reading
3
System Programming Packages
System Programming Packages
Technical requirements
Working with the filesystem in Python
Executing commands with the subprocess module
Managing threads in Python
Multithreading and concurrency in Python
Summary
Questions
Further reading
4
Section 2: Network Scripting and Packet Sniffing with Python
Section 2: Network Scripting and Packet Sniffing with Python
5
Socket Programming
Socket Programming
Technical requirements
Understanding the socket package for network requests
Port scanning with sockets
Implementing a reverse shell with sockets
Implementing a simple TCP client and TCP server
Implementing a simple UDP client and UDP server
Implementing an HTTP server in Python
Implementing secure sockets with the TLS and SSL modules
Summary
Questions
Further reading
6
HTTP Programming and Web Authentication
HTTP Programming and Web Authentication
Technical requirements
Building an HTTP client with urllib.request
Get request and response headers
Building an HTTP client with requests
Authentication mechanisms with Python
Implementing OAuth clients in Python with the requests-oauthlib module
Implementing a client with requests_oauthlib
Implementing JSON Web Tokens (JWTs) in Python
Summary
Questions
Further reading
7
Analyzing Network Traffic and Packet Sniffing
Analyzing Network Traffic and Packet Sniffing
Technical requirements
Capturing and injecting packets with pcapy-ng
Capturing and injecting packets with scapy
Port scanning and traceroute with scapy
Reading pcap files with scapy
Packet-sniffing with scapy
Working with scapy to detect ARP spoofing attacks
Summary
Questions
Further reading
8
Section 3: Server Scripting and Port Scanning with Python
Section 3: Server Scripting and Port Scanning with Python
9
Gathering Information from Servers with OSINT Tools
Gathering Information from Servers with OSINT Tools
Technical requirements
Introducing Open Source Intelligence (OSINT)
Getting information using Google Dorks
Getting information using SpiderFoot
Getting information on DNS servers with DNSPython and DNSRecon
Getting vulnerable addresses in servers with fuzzing
Summary
Questions
Further reading
10
Interacting with FTP, SFTP, and SSH Servers
Interacting with FTP, SFTP, and SSH Servers
Technical requirements
Connecting to FTP servers
Building an anonymous FTP scanner with Python
Connecting with SSH servers with paramiko and pysftp
Implementing an SSH server with paramiko
Checking the security of SSH servers
Summary
Questions
Further reading
11
Working with Nmap Scanner
Working with Nmap Scanner
Technical requirements
Introducing port scanning with Nmap
Synchronous and asynchronous scanning with python-nmap
Discovering services and vulnerabilities with Nmap scripts
Port scanning via online services
Summary
Questions
Further reading
12
Section 4: Server Vulnerabilities and Security in Web Applications
Section 4: Server Vulnerabilities and Security in Web Applications
13
Interacting with Vulnerability Scanners
Interacting with Vulnerability Scanners
Technical requirements
Introducing the OpenVAS vulnerability scanner
Accessing OpenVAS with Python
Introducing OWASP ZAP as an automated security testing tool
Interacting with OWASP ZAP using Python
WriteHat as a pentesting reports tool
Summary
Questions
Further reading
14
Interacting with Server Vulnerabilities in Web Applications
Interacting with Server Vulnerabilities in Web Applications
Technical requirements
Understanding vulnerabilities in web applications with OWASP
Analyzing and discovering vulnerabilities in CMS web applications
Discovering vulnerabilities in Tomcat server applications
Discovering SQL vulnerabilities with Python tools
Automating the process of detecting vulnerabilities in web applications
Summary
Questions
Further reading
15
Obtain Information from Vulnerabilities Databases
Obtain Information from Vulnerabilities Databases
Technical requirements
Identify and understand vulnerabilities and exploits
Searching for vulnerabilities in the NVD
Searching for vulnerabilities in the Vulners database
Searching for vulnerabilities with Pompem
Summary
Questions
Further reading
16
Section 5: Python Forensics
Section 5: Python Forensics
17
Extracting Geolocation and Metadata from Documents, Images, and Browsers
Extracting Geolocation and Metadata from Documents, Images, and Browsers
Technical requirements
Extracting geolocation information
Python modules for extracting geolocation information
Extracting metadata from images
Extracting metadata from PDF documents
Extracting metadata with PyPDF2
Extracting metadata with PyMuPDF
Identifying the technology used by a website
Extracting metadata from web browsers
Summary
Questions
Further reading
18
Python Tools for Brute-Force Attacks
Python Tools for Brute-Force Attacks
Technical requirements
Dictionary builders for brute-force attacks
Password list generator
Tools for brute-force attacks in Python
Executing brute-force attacks for web applications
Executing brute-force attacks for ZIP files
Summary
Questions
Further reading
19
Cryptography and Code Obfuscation
Cryptography and Code Obfuscation
Technical requirements
Encrypting and decrypting information with pycryptodome
Encrypting and decrypting information with cryptography
Generating keys securely with the secrets and hashlib modules
Python tools for code obfuscation
Summary
Questions
Further reading
20
Assessments – Answers to the End-of-Chapter Questions
Assessments – Answers to the End-of-Chapter Questions
21
Other Books You May Enjoy
Other Books You May Enjoy
22
Index
Index

Working with scapy to detect ARP spoofing attacks

ARP spoofing, also known as ARP poisoning, is a type of attack in which a malicious user sends forged ARP messages over a LAN. This results in matching an attacker’s MAC address to the IP address of a legitimate computer or server on a network.

This attack allows us to poison our victim’s ARP cache tables and to execute attacks such as Man in the Middle (MITM), Denial of Service (DoS) or Session Hijacking among other techniques.

This attack consists of sending false ARP messages and the purpose is to associate the attacker’s MAC address with the IP address of another node, such as the default gateway. The aim is to send a packet to the victim’s computer (referenced by the IP and MAC addresses), associating the gateway IP with our MAC address (the attacking computer). As a result, the ARP tables of the victim computer are modified with the MAC addresses of the attacking computer.

Among the main...

Previous Section
End of Section 8
Next Section