book

Learning Penetration Testing with Python

Name: Learning Penetration Testing with Python
Author: Christopher Duffy
ISBN: 9781785282324

by Christopher Duffy

September 2015

Beginner

314 pages

7h 44m

English

Packt Publishing

Read now

Unlock full access

Learning Penetration Testing with Python
Table of Contents
Learning Penetration Testing with Python
Credits
Disclaimer
About the Author
Acknowlegements
About the Reviewers
www.PacktPub.com
Support files, eBooks, discount offers, and moreWhy subscribe?Free access for Packt account holders
Preface
What this book covers

What you need for this book
Who this book is for
Conventions
Reader feedback
Customer support
Downloading the example codeDownloading the color images of this bookErrataPiracyQuestions
1. Understanding the Penetration Testing Methodology
An overview of penetration testing
Understanding what penetration testing is not
Vulnerability assessmentsReverse engineering engagementsHacking
Assessment methodologies
The penetration testing execution standard
Pre-engagement interactionsWhite Box TestingGrey Box TestingBlack Box TestingDouble Blind TestingIntelligence gatheringThreat modelingVulnerability analysisExploitationPost exploitationReportingAn example engagement
Penetration testing tools
NMAPMetasploitVeilBurp SuiteHydraJohn the RipperCracking Windows passwords with JohnoclHashcatOphcrackMimikatz and IncognitoSMBexecCewlRespondertheHarvester and Recon-NGpwdump and fgdumpNetcatSysinternals tools
Summary
2. The Basics of Python Scripting
Understanding the difference between interpreted and compiled languages
Python – the good and the bad
A Python interactive interpreter versus a script
Environmental variables and PATH
Understanding dynamically typed languages
The first Python script
Developing scripts and identifying errors
Reserved words, keywords, and built-in functionsGlobal and local variablesUnderstanding a namespaceModules and imports
Python formatting
Indentation
Python variables
Debugging variable valuesString variablesNumber variablesConverting string and number variablesList variablesTuple variablesDictionary variablesUnderstanding default values and constructorsPassing a variable to a string
Operators
Comparison operatorsAssignment operatorsArithmetic operatorsLogical and membership operators
Compound statements
The if statementsPython loopsThe while loopThe for loopThe break conditionConditional handlers
Functions
The impact of dynamically typed languages on functions on functionsCurly bracketsHow to comment your code
The Python style guide
ClassesFunctionsVariables and instance names
Arguments and options
Your first assessor script
Summary
3. Identifying Targets with Nmap, Scapy, and Python
Understanding how systems communicateThe Ethernet frame architectureLayer 2 in Ethernet networksLayer 2 in wireless networksThe IP packet architectureThe TCP header architectureUnderstanding how TCP worksThe TCP three-way handshakeThe UDP header architectureUnderstanding how UDP works
Understanding Nmap
Inputting the target ranges for NmapExecuting the different scan typesExecuting TCP full connection scansExecuting SYN scansExecuting ACK scansExecuting UDP scansExecuting combined UDP and TCP scansSkipping the operating system scansDifferent output typesUnderstanding the Nmap Grepable outputUnderstanding the Nmap XML outputThe Nmap scripting engineBeing efficient with Nmap scansDetermining your interface details with the netifaces library
Nmap libraries for Python
The Scapy library for Python
Summary
4. Executing Credential Attacks with Python
The types of credential attacksDefining the online credential attackDefining the offline credential attack
Identifying the target
Creating targeted usernames
Generating and verifying usernames with help from the U.S. censusGenerating the usernames
Testing for users using SMTP VRFY
Creating the SMTP VRFY script
Summary
5. Exploiting Services with Python
Understanding the new age of service exploitation
Understanding the chaining of exploits
Checking for weak, default, or known passwordsGaining root access to the systemUnderstanding the cracking of Linux hashesTesting for the synchronization of account credentials
Automating the exploit train with Python
Summary
6. Assessing Web Applications with Python
Identifying live applications versus open ports
Identifying hidden files and directories with Python
Credential attacks with Burp Suite
Using twill to walk through the source
Understanding when to use Python for web assessments
Understanding when to use specific librariesBeing efficient during web assessments
Summary
7. Cracking the Perimeter with Python
Understanding today's perimeterClear-text protocolsWeb applicationsEncrypted remote access servicesVirtual Private Networks (VPNs)Mail servicesDomain Name Service (DNS)User Datagram Protocol (UDP) services
Understanding the link between accounts and services
Cracking inboxes with Burp Suite
Identifying the attack path
Understanding the limitations of perimeter scanningDownloading backup files from a TFTP serverDetermining the backup filenamesCracking Cisco MD5 hashes
Gaining access through websites
The execution of file inclusion attacksVerifying an RFI vulnerabilityExploiting the hosts through RFI
Summary
8. Exploit Development with Python, Metasploit, and Immunity
Getting started with registersUnderstanding general purpose registersThe EAXThe EBXThe ECXThe EDXUnderstanding special purpose registersThe EBPThe EDIThe EIPThe ESP
Understanding the Windows memory structure
Understanding the stack and the heapUnderstanding the program image and dynamic-link librariesUnderstanding the process environment blockUnderstanding the thread environment blockKernel
Understanding memory addresses and endianness
Understanding the manipulation of the stack
Understanding immunity
Understanding basic buffer overflow
Writing a basic buffer overflow exploit
Understanding stack adjustments
Understanding the purpose of local exploits
Understanding other exploit scripts
Exploiting standalone binaries by executing scriptsExploiting systems by TCP serviceExploiting systems by UDP service
Reversing Metasploit modules
Understanding protection mechanisms
Summary
9. Automating Reports and Tasks with Python
Understanding how to parse XML files for reports
Understanding how to create a Python class
Creating a Python script to parse an Nmap XMLCreating a Python script to generate Excel spreadsheets
Summary
10. Adding Permanency to Python Tools
Understanding logging within Python
Understanding the difference between multithreading and multiprocessing
Creating a multithreaded script in PythonCreating a multiprocessing script in Python
Building industry-standard tools
Summary
Index

Overview

Become proficient in using Python as a powerful tool for penetration testing. This book provides both foundational knowledge and advanced techniques for utilizing Python in a security testing context, guiding you through creating scripts, automating tasks, and solving real-world challenges in cybersecurity.

What this Book will help me do

Generate and manipulate Metasploit resource files efficiently.
Leverage Python libraries like Scapy and Nmap for networking tasks.
Perform advanced data parsing with technologies like XML and Microsoft Office files.
Design and implement buffer overflow attacks and custom exploit modules.
Construct multi-threaded security tools and enhance automation in penetration tests.

Author(s)

Christopher Duffy is an experienced cybersecurity professional specializing in penetration testing and Python-based security tool development. With years of practical expertise, Christopher brings a hands-on and approachable teaching style to help readers master the technical and conceptual aspects of Python-enhanced penetration testing.

Who is it for?

This book is for security professionals and researchers who have some familiarity with operating systems and penetration testing concepts, as well as those looking to enhance their knowledge of Python programming to improve their penetration testing capabilities. Whether you're a beginner to scripting or an experienced coder aiming to apply Python in security assessments, this book is an ideal match for your goals.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781785282324

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills