CHAPTER 18Pentest Automation with Python

Folks, congratulations! You just reached the end of this book. Rarely do people commit and stay until the end. If you're at this step, then hats off—you have all my respect, and I'm sure that your success in life is inevitable.

This chapter will focus on how to take a simple idea and then implement it in Python. Inventors start with a small idea, and from there, with willingness (after all the failures), they achieve their visions. In this chapter we will walk through how to take an automation idea and use it as a penetration tester. At this stage, you should know the basics of Python. If not, feel free to go back to the previous chapter and practice, because this chapter focuses on the application logic.

Penetration Test Robot

The application that we will use in this chapter is called the Penetration Test Robot ( pentest_robot.py ). This tool will take advantage of the remoting protocols in Windows and Linux OS. To access a Windows system, we can use RDP (port 3389), and to access a Linux OS remotely, we can use SSH (port 22). This tool aims to automate the process and scan a single IP or range and look for these two services. If they're up, then the tool will try to automate a dictionary attack.

Application Workflow

Successful developers often design their application before they start coding. Generally, I use Microsoft Visio for this purpose.

As you can see in Figure 18.1, the user will enter a single IP or a range (in CIDR format), ...

Get Kali Linux Penetration Testing Bible now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.