Learning Penetration Testing with Python

Utilize Python scripting to execute effective and efficient penetration tests
Preview in Mapt

Learning Penetration Testing with Python

Christopher Duffy

1 customer reviews
Utilize Python scripting to execute effective and efficient penetration tests
Mapt Subscription
FREE
$29.99/m after trial
eBook
$28.00
RRP $39.99
Save 29%
Print + eBook
$49.99
RRP $49.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$0.00
$28.00
$49.99
$29.99p/m after trial
RRP $39.99
RRP $49.99
Subscription
eBook
Print + eBook
Start 30 Day Trial

Frequently bought together


Learning Penetration Testing with Python Book Cover
Learning Penetration Testing with Python
$ 39.99
$ 28.00
Python: Web Development with Penetration Testing Book Cover
Python: Web Development with Penetration Testing
$ 124.99
$ 106.25
Buy 2 for $35.00
Save $129.98
Add to Cart
Subscribe and access every Packt eBook & Video.
 
  • 5,000+ eBooks & Videos
  • 50+ New titles a month
  • 1 Free eBook/Video to keep every month
Start Free Trial
 

Book Details

ISBN 139781785282324
Paperback314 pages

Book Description

Python is a powerful new-age scripting platform that allows you to build exploits, evaluate services, automate, and link solutions with ease. Python is a multi-paradigm programming language well suited to both object-oriented application development as well as functional design patterns. Because of the power and flexibility offered by it, Python has become one of the most popular languages used for penetration testing.

This book highlights how you can can evaluate an organization methodically and realistically. Specific tradecraft and techniques are covered that show you exactly when and where industry tools can and should be used and when Python fits a need that proprietary and open source solutions do not.

Initial methodology, and Python fundamentals are established and then built on. Specific examples are created with vulnerable system images, which are available to the community to test scripts, techniques, and exploits. This book walks you through real-world penetration testing challenges and how Python can help.

From start to finish, the book takes you through how to create Python scripts that meet relative needs that can be adapted to particular situations. As chapters progress, the script examples explain new concepts to enhance your foundational knowledge, culminating with you being able to build multi-threaded security tools, link security tools together, automate reports, create custom exploits, and expand Metasploit modules.

Table of Contents

Chapter 1: Understanding the Penetration Testing Methodology
An overview of penetration testing
Understanding what penetration testing is not
Assessment methodologies
The penetration testing execution standard
Penetration testing tools
Summary
Chapter 2: The Basics of Python Scripting
Understanding the difference between interpreted and compiled languages
Python – the good and the bad
A Python interactive interpreter versus a script
Environmental variables and PATH
Understanding dynamically typed languages
The first Python script
Developing scripts and identifying errors
Python formatting
Python variables
Operators
Compound statements
Functions
The Python style guide
Arguments and options
Your first assessor script
Summary
Chapter 3: Identifying Targets with Nmap, Scapy, and Python
Understanding how systems communicate
Understanding Nmap
Nmap libraries for Python
The Scapy library for Python
Summary
Chapter 4: Executing Credential Attacks with Python
The types of credential attacks
Identifying the target
Creating targeted usernames
Testing for users using SMTP VRFY
Summary
Chapter 5: Exploiting Services with Python
Understanding the new age of service exploitation
Understanding the chaining of exploits
Automating the exploit train with Python
Summary
Chapter 6: Assessing Web Applications with Python
Identifying live applications versus open ports
Identifying hidden files and directories with Python
Credential attacks with Burp Suite
Using twill to walk through the source
Understanding when to use Python for web assessments
Summary
Chapter 7: Cracking the Perimeter with Python
Understanding today's perimeter
Understanding the link between accounts and services
Cracking inboxes with Burp Suite
Identifying the attack path
Gaining access through websites
Summary
Chapter 8: Exploit Development with Python, Metasploit, and Immunity
Getting started with registers
Understanding the Windows memory structure
Understanding memory addresses and endianness
Understanding the manipulation of the stack
Understanding immunity
Understanding basic buffer overflow
Writing a basic buffer overflow exploit
Understanding stack adjustments
Understanding the purpose of local exploits
Understanding other exploit scripts
Reversing Metasploit modules
Understanding protection mechanisms
Summary
Chapter 9: Automating Reports and Tasks with Python
Understanding how to parse XML files for reports
Understanding how to create a Python class
Summary
Chapter 10: Adding Permanency to Python Tools
Understanding logging within Python
Understanding the difference between multithreading and multiprocessing
Building industry-standard tools
Summary

What You Will Learn

  • Familiarise yourself with the generation of Metasploit resource files
  • Use the Metasploit Remote Procedure Call (MSFRPC) to automate exploit generation and execution
  • Use Python’s Scapy, network, socket, office, Nmap libraries, and custom modules
  • Parse Microsoft Office spreadsheets and eXtensible Markup Language (XML) data files
  • Write buffer overflows and reverse Metasploit modules to expand capabilities
  • Exploit Remote File Inclusion (RFI) to gain administrative access to systems with Python and other scripting languages
  • Crack an organization’s Internet perimeter
  • Chain exploits to gain deeper access to an organization’s resources
  • Interact with web services with Python

Authors

Table of Contents

Chapter 1: Understanding the Penetration Testing Methodology
An overview of penetration testing
Understanding what penetration testing is not
Assessment methodologies
The penetration testing execution standard
Penetration testing tools
Summary
Chapter 2: The Basics of Python Scripting
Understanding the difference between interpreted and compiled languages
Python – the good and the bad
A Python interactive interpreter versus a script
Environmental variables and PATH
Understanding dynamically typed languages
The first Python script
Developing scripts and identifying errors
Python formatting
Python variables
Operators
Compound statements
Functions
The Python style guide
Arguments and options
Your first assessor script
Summary
Chapter 3: Identifying Targets with Nmap, Scapy, and Python
Understanding how systems communicate
Understanding Nmap
Nmap libraries for Python
The Scapy library for Python
Summary
Chapter 4: Executing Credential Attacks with Python
The types of credential attacks
Identifying the target
Creating targeted usernames
Testing for users using SMTP VRFY
Summary
Chapter 5: Exploiting Services with Python
Understanding the new age of service exploitation
Understanding the chaining of exploits
Automating the exploit train with Python
Summary
Chapter 6: Assessing Web Applications with Python
Identifying live applications versus open ports
Identifying hidden files and directories with Python
Credential attacks with Burp Suite
Using twill to walk through the source
Understanding when to use Python for web assessments
Summary
Chapter 7: Cracking the Perimeter with Python
Understanding today's perimeter
Understanding the link between accounts and services
Cracking inboxes with Burp Suite
Identifying the attack path
Gaining access through websites
Summary
Chapter 8: Exploit Development with Python, Metasploit, and Immunity
Getting started with registers
Understanding the Windows memory structure
Understanding memory addresses and endianness
Understanding the manipulation of the stack
Understanding immunity
Understanding basic buffer overflow
Writing a basic buffer overflow exploit
Understanding stack adjustments
Understanding the purpose of local exploits
Understanding other exploit scripts
Reversing Metasploit modules
Understanding protection mechanisms
Summary
Chapter 9: Automating Reports and Tasks with Python
Understanding how to parse XML files for reports
Understanding how to create a Python class
Summary
Chapter 10: Adding Permanency to Python Tools
Understanding logging within Python
Understanding the difference between multithreading and multiprocessing
Building industry-standard tools
Summary

Book Details

ISBN 139781785282324
Paperback314 pages
Read More
From 1 reviews

Read More Reviews

Recommended for You

Python Machine Learning Book Cover
Python Machine Learning
$ 35.99
$ 25.20
Web Penetration Testing with Kali Linux Book Cover
Web Penetration Testing with Kali Linux
$ 29.99
$ 21.00
Mastering Object-oriented Python Book Cover
Mastering Object-oriented Python
$ 26.99
$ 18.90
Python Network Programming Cookbook Book Cover
Python Network Programming Cookbook
$ 26.99
$ 18.90
Python GUI Programming Cookbook Book Cover
Python GUI Programming Cookbook
$ 35.99
$ 25.20
Python Web Penetration Testing Cookbook Book Cover
Python Web Penetration Testing Cookbook
$ 35.99
$ 25.20