book

Python for Security and Networking - Third Edition

by José Manuel Ortega

June 2023

Intermediate to advanced

586 pages

12h 35m

English

Packt Publishing

Read now

Unlock full access

Who this book is forWhat this book coversTo get the most out of this bookGet in touch
Technical requirementsLearn about data structures and collections in PythonPython listsAdding elements to a listReversing a listSearching elements in a listPython tuplesPython dictionariesRemove an item from a dictionary in PythonWorking with functions, classes, and objects in PythonPython functionsPython classesPython inheritanceAdvantages of Python inheritanceWorking with files in PythonReading and writing files in PythonLearn and understand exceptions management in PythonPython modules and packagesWhat is a module in Python?How to import modules in PythonGetting information from modulesDifference between a Python module and a Python packageManaging parameters in PythonManaging parameters with OptionParserManaging dependencies and virtual environmentsManaging dependencies in a Python projectInstall Python modulesGenerating the requirements.txt fileWorking with virtual environmentsConfiguring virtualenvDevelopment environments for Python scriptingSetting up a development environmentDebugging with Python IDLEPyCharmDebugging with PyCharmSummaryQuestionsFurther reading
Technical requirementsInteract with the operating system in PythonWorking with the filesystem in PythonWorking with files and directoriesReading a ZIP file using PythonExecuting commands with the subprocess moduleSetting up a virtualenv with subprocessManaging threads in PythonCreating a simple threadWorking with the threading moduleMultiprocessing in PythonMultithreading and concurrency in PythonMultithreading in PythonConcurrency in Python with ThreadPoolExecutorExecuting ThreadPoolExecutor with a context managerSummaryQuestionsFurther reading
Technical requirementsUnderstanding the socket package for network requestsNetwork sockets in PythonThe socket moduleServer and client socket methodsGathering information with socketsManaging socket exceptionsBasic client with the socket modulePort scanning with socketsImplementing a port scannerAdvanced port scannerImplementing a reverse shell with socketsImplementing a simple TCP client and TCP serverImplementing a server and client with socketsImplementing the TCP serverImplementing the TCP clientImplementing a simple UDP client and UDP serverImplementing the UDP serverImplementing the UDP clientImplementing an HTTP server in PythonTesting the HTTP serverSending files via socketsImplementing secure sockets with the TLS and SSL modulesSummaryQuestionsFurther reading
Technical requirementsBuilding an HTTP client with urllib.requestIntroducing the HTTP protocolIntroducing the urllib moduleGet request and response headersExtracting emails from a URL with urllib.requestDownloading files with urllib.requestHandling exceptions with urllib.requestBuilding an HTTP client with requestsGetting images and links from a URL with requestsMaking requests with the REST APIManaging a proxy with requestsManaging exceptions with requestsAuthentication mechanisms with PythonHTTP basic authentication with the requests moduleHTTP digest authentication with the requests moduleImplementing OAuth clients in Python with the requests-oauthlib moduleOAuth rolesOAuth workflowImplementing a client with requests_oauthlibImplementing JSON Web Tokens (JWTs) in PythonHow does a JSON Web Token work?Working with PyJWTSummaryQuestionsFurther reading
Technical requirementsCapturing and injecting packets with pcapy-ngCapturing packets with pcapy-ngReading headers from packetsReading pcap files with pcapy-ngCapturing and injecting packets with scapyIntroduction to scapyScapy commandsSending packets with scapyNetwork discovery with scapyPort scanning and traceroute with scapyPort scanning with scapyTraceroute with scapyReading pcap files with scapyRead DHCP requestsWriting a pcap filePacket-sniffing with scapyNetwork forensics with scapyWorking with scapy to detect ARP spoofing attacksDetection of false ARP attacks using ScapySummaryQuestionsFurther reading
Technical requirementsIntroducing Open Source Intelligence (OSINT)Google Dorks and the Google Hacking DatabaseMaltegoPhotonThe HarvesterCensyscrt.shDnsDumpsterWaybackMachineOSINT frameworkBlackbirdThe Shodan search engineThe BinaryEdge search engineGetting information using Google DorksGoogle DorksKatana: a Python Tool for Google HackingDorks hunterGetting information using SpiderFootSpiderFoot modulesGetting information on DNS servers with DNSPython and DNSReconThe DNS protocolThe DNSPython moduleDNSReconGetting vulnerable addresses in servers with fuzzingThe fuzzing processWeb fuzzingUnderstanding and using the FuzzDB projectIdentifying predictable login pages with the FuzzDB projectDiscovering SQL injection with the FuzzDB projectWfuzzSummaryQuestionsFurther reading

Technical requirementsConnecting to FTP serversFTP protocolUsing the Python ftplib moduleTransferring files with FTPOther ftplib functionsUsing ftplib to brute-force FTP user credentialsBuilding an anonymous FTP scanner with PythonConnecting with SSH servers with paramiko and pysftpExecuting an SSH server on Debian LinuxIntroducing the paramiko moduleEstablishing an SSH connection with paramikoUsing AutoAddPolicyRunning commands with paramikoUsing paramiko to brute-force SSH user credentialsEstablishing an SSH connection with pysftpImplementing an SSH server with paramikoChecking the security of SSH serversInstalling and executing ssh-auditRebex SSH CheckSummaryQuestionsFurther reading
Technical requirementsIntroducing port scanning with NmapScanning types with nmapPort scanning with python-nmapExtracting information with nmapSynchronous and asynchronous scanning with python-nmapImplementing synchronous scanningImplementing asynchronous scanningDiscovering services and vulnerabilities with Nmap scriptsExecuting Nmap scripts to discover servicesExecuting Nmap scripts to discover vulnerabilitiesDetecting vulnerabilities with Nmap-vulners scriptDetecting vulnerabilities with the Nmap-vulscan scriptPort scanning via online servicesScanless port scannerSummaryQuestionsFurther reading
Technical requirementsIntroducing the OpenVAS vulnerability scannerInstalling the OpenVAS vulnerability scannerUnderstanding the web interfaceScanning a target using OpenVASCreating the targetCreating the taskAnalyzing reportsVulnerabilities databasesAccessing OpenVAS with PythonIntroducing OWASP ZAP as an automated security testing toolUsing OWASP ZAPInteracting with OWASP ZAP using PythonWriteHat as a pentesting reports toolSummaryQuestionsFurther reading
Technical requirementsUnderstanding vulnerabilities in web applications with OWASPTesting Cross-Site Scripting (XSS) vulnerabilitiesAnalyzing and discovering vulnerabilities in CMS web applicationsUsing CMSmapVulnx as a CMS scannerDiscovering vulnerabilities in Tomcat server applicationsInstalling the Tomcat serverTesting the Tomcat server with ApacheTomcatScannerFinding vulnerable Tomcat servers in the Censys search engineScanning vulnerabilities with the Nmap port scannerDiscovering SQL vulnerabilities with Python toolsIntroduction to SQL injectionIdentifying websites vulnerable to SQL injectionIntroducing sqlmapUsing sqlmap to test a website for a SQL injection vulnerabilityScanning for SQL injection vulnerabilities with sqlifinderScanning for SQL injection vulnerabilities with the Nmap port scannerAutomating the process of detecting vulnerabilities in web applicationsDetecting an open redirect vulnerabilityDetecting vulnerabilities with FuxploiderSummaryQuestionsFurther reading
Technical requirementsIdentify and understand vulnerabilities and exploitsWhat is an exploit?Vulnerability formatsSearching for vulnerabilities in the NVDIntroducing NIST’s NVDSearching for vulnerabilitiesSearching for vulnerabilities in the Vulners databaseSearching for vulnerabilities with PompemSummaryQuestionsFurther reading
Technical requirementsExtracting geolocation informationPython modules for extracting geolocation informationExtracting metadata from imagesIntroduction to EXIF and the PIL moduleGetting the EXIF data from an imageExtracting metadata from PDF documentsExtracting metadata with PyPDF2Extracting metadata with PyMuPDFIdentifying the technology used by a websiteWappalyzerWebApp Information Gatherer (WIG)Extracting metadata from web browsersFirefox forensics with PythonChrome forensics with PythonChrome forensics with HindsightSummaryQuestionsFurther reading
Technical requirementsDictionary builders for brute-force attacksBrute-force dictionary generation with pydictorPassword list generatorTools for brute-force attacks in PythonObtaining subdomains by brute forceBrute-force attacks with BruteSprayBrute-force attacks with CerbrutusExecuting brute-force attacks for web applicationsExecuting a WordPress siteExecuting brute-force attacks for ZIP filesHandling ZIP files in PythonExecuting brute-force attacks for password-protected ZIP filesSummaryQuestionsFurther reading
Technical requirementsIntroduction to cryptographyEncrypting and decrypting information with pycryptodomeIntroduction to pycryptodomeEncrypting and decrypting with the DES algorithmEncrypting and decrypting with the AES algorithmGenerating RSA signatures using pycryptodomeEncrypting and decrypting information with cryptographyIntroduction to the cryptography moduleSymmetric encryption with the fernet packageSymmetric encryption with the ciphers packageGenerating keys securely with the secrets and hashlib modulesGenerating keys securely with the secrets moduleGenerating keys securely with the hashlib moduleChecking the integrity of a filePython tools for code obfuscationCode obfuscation with pyarmorSummaryQuestionsFurther reading

Content preview from Python for Security and Networking - Third Edition

6 Gathering Information from Servers with OSINT Tools

This chapter will introduce you to the modules that allow extracting information from publicly exposed servers using Open Source Intelligence (OSINT) tools. The information collected, such as a domain, a hostname, or a web service, will be very useful while carrying out the pentesting or audit process.

We will review tools like Google Dorks, SpiderFoot, dnspython, DNSRecon, and other tools for applying fuzzing processes with Python. OSINT reconnaissance and application fuzzing have different purposes. OSINT is typically a passive exercise aimed at gathering information that can then be leveraged for attacks, while fuzzing consists of automated injection attacks. At this point, we could use ...