Python Penetration Testing Essentials

Credits

About the Author

About the Reviewers

www.PacktPub.com

Support files, eBooks, discount offers, and more

Why subscribe?

Free access for Packt account holders

Preface

What this book covers

What you need for this book

Who this book is for

Conventions

Reader feedback

Customer support

Downloading the example code

Errata

Piracy

Questions

1. Python with Penetration Testing and Networking

Introducing the scope of pentesting

The need for pentesting

Components to be tested

Qualities of a good pentester

Defining the scope of pentesting

Approaches to pentesting

Introducing Python scripting

Understanding the tests and tools you'll need

Learning the common testing platforms with Python

Network sockets

Server socket methods

Client socket methods

General socket methods

Moving on to the practical

Socket exceptions

Useful socket methods

Summary

2. Scanning Pentesting

How to check live systems in a network and the concept of a live system

Ping sweep

The TCP scan concept and its implementation using a Python script

How to create an efficient IP scanner

What are the services running on the target machine?

The concept of a port scanner

How to create an efficient port scanner

Summary

3. Sniffing and Penetration Testing

Introducing a network sniffer

Passive sniffing

Active sniffing

Implementing a network sniffer using Python

Format characters

Learning about packet crafting

Introducing ARP spoofing and implementing it using Python

The ARP request

The ARP reply

The ARP cache

Testing the security system using custom packet crafting and injection

Network disassociation

A half-open scan

The FIN scan

ACK flag scanning

Ping of death

Summary

4. Wireless Pentesting

Wireless SSID finding and wireless traffic analysis by Python

Detecting clients of an AP

Wireless attacks

The deauthentication (deauth) attacks

The MAC flooding attack

How the switch uses the CAM tables

The MAC flood logic

Summary

5. Foot Printing of a Web Server and a Web Application

The concept of foot printing of a web server

Introducing information gathering

Checking the HTTP header

Information gathering of a website from SmartWhois by the parser BeautifulSoup

Banner grabbing of a website

Hardening of a web server

Summary

6. Client-side and DDoS Attacks

Introducing client-side validation

Tampering with the client-side parameter with Python

Effects of parameter tampering on business

Introducing DoS and DDoS

Single IP single port

Single IP multiple port

Multiple IP multiple port

Detection of DDoS

Summary

7. Pentesting of SQLI and XSS

Introducing the SQL injection attack

Types of SQL injections

Simple SQL injection

Blind SQL injection

Understanding the SQL injection attack by a Python script

Learning about Cross-Site scripting

Persistent or stored XSS

Nonpersistent or reflected XSS

Summary

Index

Copyright © 2015 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing, and its dealers and distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

First published: January 2015

Production reference: 1220115

Published by Packt Publishing Ltd.

Livery Place

35 Livery Street

Birmingham B3 2PB, UK.

ISBN 978-1-78439-858-3

Author

Mohit

Reviewers

Milinda Perera

Rejah Rehim

Ishbir Singh

Commissioning Editor

Sarah Crofton

Acquisition Editor

Sonali Vernekar

Content Development Editor

Merwyn D'souza

Technical Editors

Vivek Arora

Indrajit A. Das

Copy Editors

Karuna Narayanan

Alfida Paiva

Project Coordinator

Neha Bhatnagar

Proofreaders

Ameesha Green

Kevin McGowan

Indexers

Rekha Nair

Tejal Soni

Graphics

Sheetal Aute

Production Coordinator

Shantanu N. Zagade

Cover Work

Shantanu N. Zagade

Mohit (also known as Mohit Raj) is an application developer and Python programmer, with a keen interest in the field of information security. He has done his bachelor of technology in computer science from Kurukshetra University, Kurukshetra, and master of engineering (2012) in computer science from Thapar University, Patiala. He has written a thesis as well as a research paper on session hijacking, named COMPARATIVE ANALYSIS OF SESSION HIJACKING ON DIFFERENT OPERATING SYSTEMS, under the guidance of Dr Maninder Singh. He has also done the CCNA and Certified Ethical Hacking course from EC-Council (CEH) and has procured a CEH certification. He has published his article, How to disable or change web-server signature, in the eForensics magazine in December 2013. He has published another article on wireless hacking, named Beware: Its Easy to Launch a Wireless Deauthentication Attack! in Open Source For You in July 2014. He is also a certified Certified Security Analyst (ECSA). He has been working in IBM India for more than 2 years. He is also a freelance professional trainer for CEH and Python in CODEC Networks. Apart from this, he is familiar with Red Hat and CentOS Linux to a great extent, and also has a lot of practical experience of Red Hat. He can be contacted at <mohitraj.cs@gmail....