Python Penetration Testing Cookbook

✍ Scribed by Rehim, Rejah

Publisher: Packt Publishing
Year: 2017
Tongue: English
Leaves: 334
Edition: 1st edition
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

Over 50 hands-on recipes to help you pen test networks using Python, discover vulnerabilities, and find a recovery pathAbout This Book Learn to detect and avoid various types of attack that put system privacy at risk Enhance your knowledge of wireless application concepts and information gathering through practical recipes Learn a pragmatic way to penetration-test using Python, build efficient code, and save time Who This Book Is ForIf you are a developer with prior knowledge of using Python for penetration testing and if you want an overview of scripting tasks to consider while penetration testing, this book will give you a lot of useful code for your toolkit.What You Will Learn Learn to configure Python in different environment setups. Find an IP address from a web page using BeautifulSoup and Scrapy Discover different types of packet sniffing script to sniff network packets Master layer-2 and TCP/ IP attacks Master techniques for exploit development for Windows and Linux Incorporate various network- and packet-sniffing techniques using Raw sockets and Scrapy In DetailPenetration testing is the use of tools and code to attack a system in order to assess its vulnerabilities to external threats. Python allows pen testers to create their own tools. Since Python is a highly valued pen-testing language, there are many native libraries and Python bindings available specifically for pen-testing tasks.Python Penetration Testing Cookbook begins by teaching you how to extract information from web pages. You will learn how to build an intrusion detection system using network sniffing techniques. Next, you will find out how to scan your networks to ensure performance and quality, and how to carry out wireless pen testing on your network to avoid cyber attacks. After that, we’ll discuss the different kinds of network attack. Next, you’ll get to grips with designing your own torrent detection program. We’ll take you through common vulnerability scenarios and then cover buffer overflow exploitation so you can detect insecure coding. Finally, you’ll master PE code injection methods to safeguard your network.Style and approachThis book takes a recipe-based approach to solving real-world problems in pen testing. It is structured in stages from the initial assessment of a system through exploitation to post-exploitation tests, and provides scripts that can be used or modified for in-depth penetration testing.

✦ Table of Contents

Preface......Page 20
What this book covers......Page 21
What you need for this book......Page 24
Who this book is for......Page 25
Sections......Page 26
Getting ready......Page 27
How to do it…......Page 28
Conventions......Page 29
Reader feedback......Page 30
Customer support......Page 31
Downloading the example code......Page 32
Downloading the color images of this book......Page 33
Errata......Page 34
Piracy......Page 35
Questions......Page 36
Why Python in Penetration Testing?......Page 37
Introduction......Page 38
Why Python is a great option for security scripting......Page 39
Getting ready......Page 40
How to do it.........Page 41
Python can be used in both and interpreted and compiled forms......Page 42
Syntax and indented layout......Page 43
Simple learning curve......Page 44
Powerful third-party libraries......Page 45
Cross-platform (code anywhere)......Page 46
Python 3 language basics and differences......Page 47
Getting ready......Page 48
How to do it.........Page 49
Python 2......Page 50
Python 3......Page 51
Python 2.7......Page 52
Key differences between Python 2.7 and Python 3......Page 53
Setting Up a Python Environment......Page 54
Introduction......Page 55
Setting up a Python environment in Linux......Page 56
Getting ready......Page 57
How to do it.........Page 58
Installing Python......Page 59
Setting up a virtual environment......Page 61
Setting up the editor or IDE......Page 63
Setting up a Python environment in macOS......Page 65
Getting ready......Page 66
How to do it.........Page 67
Installing Python......Page 68
Setting up a Python environment in Windows......Page 69
How to do it.........Page 70
Web Scraping with Python......Page 72
Introduction......Page 73
Download web pages with Python scripts......Page 74
Getting ready......Page 75
How to do it.........Page 76
With Python 2......Page 77
With Python 3......Page 78
Changing the user agent......Page 80
How to do it.........Page 81
Downloading files......Page 82
Getting ready......Page 83
How to do it.........Page 84
Using a regular expression to get the information from the downloaded web pages......Page 85
How to do it.........Page 86
Requesting and downloading dynamic website pages......Page 88
Escaping invalid characters......Page 89
How to do it.........Page 90
Dynamic GET requests......Page 91
How to do it.........Page 92
Data Parsing with Python......Page 93
Introduction......Page 94
Parsing HTML tables......Page 95
Getting ready......Page 96
How to do it.........Page 97
Extracting data from HTML documents......Page 99
Getting ready......Page 100
How to do it.........Page 101
Parsing XML data......Page 102
Getting ready......Page 103
How to do it.........Page 104
Web Scraping with Scrapy and BeautifulSoup......Page 106
Introduction......Page 107
Web spiders with Scrapy......Page 108
Getting ready......Page 109
How to do it.........Page 110
Scrapy shell......Page 116
How to do it.........Page 117
Link extractor with Scrapy......Page 119
How to do it.........Page 120
Scraping after logging into websites using Scrapy......Page 122
Getting ready......Page 123
How to do it.........Page 124
Network Scanning with Python......Page 125
Introduction......Page 126
Simple port scanner......Page 127
Getting ready......Page 128
How to do it.........Page 129
IP range/network scanner......Page 132
Getting ready......Page 133
How to do it.........Page 134
Stealth scanning......Page 136
Getting ready......Page 137
How to do it.........Page 138
FIN scanning......Page 141
How to do it.........Page 142
XMAS scanning......Page 144
How to do it.........Page 145
TCP ACK scanning......Page 146
How to do it.........Page 147
LanScan......Page 149
Getting ready......Page 150
How to do it.........Page 151
Network Sniffing with Python......Page 152
Introduction......Page 153
Packet sniffer in Python......Page 154
Getting ready......Page 155
How to do it.........Page 156
Parsing the packet......Page 159
How to do it.........Page 161
PyShark......Page 167
Getting ready......Page 168
How to do it.........Page 169
Scapy Basics......Page 173
Introduction......Page 174
Creating a packet with Scapy......Page 175
Getting ready......Page 176
How to do it.........Page 178
Sending and receiving packets with Scapy......Page 181
How to do it.........Page 182
Layering packets......Page 184
How to do it.........Page 185
Reading and writing to pcap files......Page 188
How to do it.........Page 189
Sniffing packets......Page 191
How to do it.........Page 192
ARP man-in-the-middle tool with Scapy......Page 194
How to do it.........Page 195
Wi-Fi Sniffing......Page 198
Introduction......Page 199
Finding Wi-Fi devices......Page 200
Getting ready......Page 201
How to do it.........Page 205
Linux......Page 206
macOS......Page 207
Finding SSIDs......Page 210
How to do it.........Page 211
Exposing hidden SSIDs......Page 212
How to do it.........Page 213
Dictionary attack on hidden SSIDs......Page 214
How to do it.........Page 215
Fake access points with Scapy......Page 216
How to do it.........Page 217
Layer 2 Attacks......Page 219
Introduction......Page 220
ARP Watcher......Page 221
How to do it.........Page 222
ARP cache poisoning......Page 224
Getting ready......Page 225
Linux......Page 226
macOS......Page 227
How to do it.........Page 228
MAC flooder......Page 231
How to do it.........Page 232
VLAN hopping......Page 234
How to do it.........Page 235
ARP spoofing over VLAN hopping......Page 237
How to do it.........Page 238
DHCP starvation......Page 240
How to do it.........Page 242
TCP/IP Attacks......Page 245
Introduction......Page 246
IP spoofing......Page 247
How to do it.........Page 248
SYN flooding......Page 251
How to do it.........Page 252
Password sniffer with Python over LAN......Page 254
How to do it.........Page 255
Introduction to Exploit Development......Page 257
Introduction......Page 258
CPU registers......Page 259
Getting ready......Page 260
General purpose registers......Page 261
Special purpose registers......Page 262
How to do it.........Page 263
Memory dump......Page 265
How to do it.........Page 266
CPU instructions......Page 268
How to do it.........Page 269
Windows Exploit Development......Page 271
Introduction......Page 272
Windows memory layout......Page 273
Getting ready......Page 274
The stack......Page 275
The heap......Page 276
Program image and dynamic link libraries......Page 277
Process Environment Block (PEB)......Page 278
Thread Environment Block (TEB)......Page 279
How to do it.........Page 280
Buffer overflow with saved return pointer overwrite......Page 284
Getting ready......Page 285
Installing Mona......Page 286
How to do it.........Page 287
Structured Exception Handling......Page 296
Getting ready......Page 297
How to do it.........Page 298
Egg hunters......Page 304
Getting ready......Page 305
How to do it.........Page 306
Linux Exploit Development......Page 314
Introduction......Page 315
Format string exploitation......Page 316
Getting ready......Page 317
Global offset table......Page 318
Generating shell code......Page 319
How to do it.........Page 320
Buffer overflow......Page 331
How to do it.........Page 332

📜 SIMILAR VOLUMES

Python Web Penetration Testing Cookbook

📁 Python Web Penetration Testing Cookbook

✍ Buchanan C., Ip T., Mabbitt A. et al. 📂 Library 🌐 English

Buchanan C., Ip T., Mabbitt A., May B., Mound D.<div class="bb-sep"></div>Packt Publishing, 2015. — 228 p. — ISBN: 1784392936, 9781784392932<div class="bb-sep"></div>This book is for testers looking for quick access to powerful, modern tools and customizable scripts to kick-start the creation of the

Learning Python Web Penetration Testing:

📁 Learning Python Web Penetration Testing: Automate web penetration testing activities using Python

✍ Christian Martorella 📂 Library 📅 2018 🏛 Packt Publishing 🌐 English

<p><span>Leverage the simplicity of Python and available libraries to build web security testing tools for your application</span></p><h4><span>Key Features</span></h4><ul><li><span><span> Understand the web application penetration testing methodology and toolkit using Python</span></span></li><li><

Learning Python Web Penetration Testing:

📁 Learning Python Web Penetration Testing: Automate web penetration testing activities using Python

✍ Christian Martorella 📂 Library 📅 2018 🏛 Packt Publishing 🌐 English

This book will walk you through the web application penetration testing methodology, showing you how to write your own tools with Python for every main activity in the process. It will show you how to test for security vulnerabilities in web applications just like security professionals and hackers

Python Testing Cookbook

📁 Python Testing Cookbook

✍ Greg L. Turnquist 📂 Library 📅 2011 🏛 Packt Publishing 🌐 English

This cookbook is written as a collection of code recipes containing step-by-step directions on how to install or build different types of Python test tools to solve different problems. Each recipe contains explanations of how it works along with answers to common questions and cross references to ot

Python Testing Cookbook

📁 Python Testing Cookbook

✍ Greg Lee Turnquist 📂 Library 📅 2011 🏛 Packt Pub Limited 🌐 English

Python Testing Cookbook

📁 Python Testing Cookbook

✍ Turnquist, Greg L. 📂 Library 📅 2011 🏛 Packt Publishing 🌐 English

Making your life easier with automated testing of Python is the sole aim of this book. Because it’s a cookbook, you can take things at your own pace, in your own order, and learn practical application rather than nebulous theory. Learn to write tests at every level using a variety of Python testing