Effective Python Penetration Testing

Pen test your system like a pro and overcome vulnerabilities by leveraging Python scripts, libraries, and tools

Effective Python Penetration Testing

This ebook is included in a Mapt subscription
Rejah Rehim

5 customer reviews
Pen test your system like a pro and overcome vulnerabilities by leveraging Python scripts, libraries, and tools
$0.00
$27.20
$39.99
$29.99p/m after trial
RRP $31.99
RRP $39.99
Subscription
eBook
Print + eBook
Start 30 Day Trial
Subscribe and access every Packt eBook & Video.
 
  • 4,000+ eBooks & Videos
  • 40+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 
Preview in Mapt

Book Details

ISBN 139781785280696
Paperback164 pages

Book Description

Penetration testing is a practice of testing a computer system, network, or web application to find weaknesses in security that an attacker can exploit. Effective Python Penetration Testing will help you utilize your Python scripting skills to safeguard your networks from cyberattacks.

We will begin by providing you with an overview of Python scripting and penetration testing. You will learn to analyze network traffic by writing Scapy scripts and will see how to fingerprint web applications with Python libraries such as ProxMon and Spynner.

Moving on, you will find out how to write basic attack scripts, and will develop debugging and reverse engineering skills with Python libraries. Toward the end of the book, you will discover how to utilize cryptography toolkits in Python and how to automate Python tools and libraries.

Table of Contents

Chapter 1: Python Scripting Essentials
Setting up the scripting environment
Installing third-party libraries
Python language essentials
Summary
Chapter 2: Analyzing Network Traffic with Scapy
Sockets modules
Raw socket programming
Investigate network traffic with Scapy
Summary
Chapter 3: Application Fingerprinting with Python
Web scraping
Parsing HTML with lxml
OS fingerprinting
Get the EXIF data of an image
Web application fingerprinting
Summary
Chapter 4: Attack Scripting with Python
Injections
Broken authentication
Cross-site scripting (XSS)
Insecure direct object references
Security misconfiguration
Sensitive data exposure
Missing function level access control
CSRF attacks
Using components with known vulnerabilities
Unvalidated redirects and forwards
Summary
Chapter 5: Fuzzing and Brute-Forcing
Fuzzing
Classification of fuzzers
Fuzzing and brute-forcing passwords
Dictionary attack
SSH brute-forcing
SMTP brute-forcing
Brute-forcing directories and file locations
Brute-force cracking password protected ZIP files
Summary
Chapter 6: Debugging and Reverse Engineering
Reverse engineering
Portable executable analysis
Listing all imported and exported symbols
Disassembling with Capstone
PEfile with Capstone
Debugging
Using PyDBG
Summary
Chapter 7: Crypto, Hash, and Conversion Functions
Cryptographic algorithms
Hash functions
Summary
Chapter 8: Keylogging and Screen Grabbing
Keyloggers
Keyloggers with pyhook
Screen grabbing
Summary
Chapter 9: Attack Automation
Paramiko
python-nmap
W3af REST API
Metasploit scripting with MSGRPC
ClamAV antivirus with Python
OWASP ZAP from Python
Accessing Nessus 6 API with Python
Summary
Chapter 10: Looking Forward
Pentestly
Twisted
Nscan
sqlmap
CapTipper
Immunity Debugger
pytbull
ghost.py
peepdf
Summary

What You Will Learn

  • Write Scapy scripts to investigate network traffic
  • Get to know application fingerprinting techniques with Python
  • Understand the attack scripting techniques
  • Write fuzzing tools with pentesting requirements
  • Learn basic attack scripting methods
  • Utilize cryptographic toolkits in Python
  • Automate pentesting with Python tools and libraries

Authors

Table of Contents

Chapter 1: Python Scripting Essentials
Setting up the scripting environment
Installing third-party libraries
Python language essentials
Summary
Chapter 2: Analyzing Network Traffic with Scapy
Sockets modules
Raw socket programming
Investigate network traffic with Scapy
Summary
Chapter 3: Application Fingerprinting with Python
Web scraping
Parsing HTML with lxml
OS fingerprinting
Get the EXIF data of an image
Web application fingerprinting
Summary
Chapter 4: Attack Scripting with Python
Injections
Broken authentication
Cross-site scripting (XSS)
Insecure direct object references
Security misconfiguration
Sensitive data exposure
Missing function level access control
CSRF attacks
Using components with known vulnerabilities
Unvalidated redirects and forwards
Summary
Chapter 5: Fuzzing and Brute-Forcing
Fuzzing
Classification of fuzzers
Fuzzing and brute-forcing passwords
Dictionary attack
SSH brute-forcing
SMTP brute-forcing
Brute-forcing directories and file locations
Brute-force cracking password protected ZIP files
Summary
Chapter 6: Debugging and Reverse Engineering
Reverse engineering
Portable executable analysis
Listing all imported and exported symbols
Disassembling with Capstone
PEfile with Capstone
Debugging
Using PyDBG
Summary
Chapter 7: Crypto, Hash, and Conversion Functions
Cryptographic algorithms
Hash functions
Summary
Chapter 8: Keylogging and Screen Grabbing
Keyloggers
Keyloggers with pyhook
Screen grabbing
Summary
Chapter 9: Attack Automation
Paramiko
python-nmap
W3af REST API
Metasploit scripting with MSGRPC
ClamAV antivirus with Python
OWASP ZAP from Python
Accessing Nessus 6 API with Python
Summary
Chapter 10: Looking Forward
Pentestly
Twisted
Nscan
sqlmap
CapTipper
Immunity Debugger
pytbull
ghost.py
peepdf
Summary

Book Details

ISBN 139781785280696
Paperback164 pages
Read More
From 5 reviews

Read More Reviews