eBook - ePub
Mastering Python for Networking and Security
Leverage Python scripts and libraries to overcome networking and security issues
José Ortega
This is a test
Share book
- 426 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Mastering Python for Networking and Security
Leverage Python scripts and libraries to overcome networking and security issues
José Ortega
Book details
Book preview
Table of contents
Citations
About This Book
Master Python scripting to build a network and perform security operations
Key Features
- Learn to handle cyber attacks with modern Python scripting
- Discover various Python libraries for building and securing your network
- Understand Python packages and libraries to secure your network infrastructure
Book Description
It's becoming more and more apparent that security is a critical aspect of IT infrastructure. A data breach is a major security incident, usually carried out by just hacking a simple network line. Increasing your network's security helps step up your defenses against cyber attacks. Meanwhile, Python is being used for increasingly advanced tasks, with the latest update introducing many new packages. This book focuses on leveraging these updated packages to build a secure network with the help of Python scripting. This book covers topics from building a network to the different procedures you need to follow to secure it. You'll first be introduced to different packages and libraries, before moving on to different ways to build a network with the help of Python scripting. Later, you will learn how to check a network's vulnerability using Python security scripting, and understand how to check vulnerabilities in your network. As you progress through the chapters, you will also learn how to achieve endpoint protection by leveraging Python packages along with writing forensic scripts. By the end of this book, you will be able to get the most out of the Python language to build secure and robust networks that are resilient to attacks.
What you will learn
- Develop Python scripts for automating security and pentesting tasks
- Discover the Python standard library s main modules used for performing security-related tasks
- Automate analytical tasks and the extraction of information from servers
- Explore processes for detecting and exploiting vulnerabilities in servers
- Use network software for Python programming
- Perform server scripting and port scanning with Python
- Identify vulnerabilities in web applications with Python
- Use Python to extract metadata and forensics
Who this book is for
This book is ideal for network engineers, system administrators, or any security professional looking at tackling networking and security challenges. Programmers with some prior experience in Python will get the most out of this book. Some basic understanding of general programming structures and Python is required.
]]>
Frequently asked questions
How do I cancel my subscription?
Can/how do I download books?
At the moment all of our mobile-responsive ePub books are available to download via the app. Most of our PDFs are also available to download and we're working on making the final remaining ones downloadable now. Learn more here.
What is the difference between the pricing plans?
Both plans give you full access to the library and all of Perlego’s features. The only differences are the price and subscription period: With the annual plan you’ll save around 30% compared to 12 months on the monthly plan.
What is Perlego?
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Do you support text-to-speech?
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Is Mastering Python for Networking and Security an online PDF/ePUB?
Yes, you can access Mastering Python for Networking and Security by José Ortega in PDF and/or ePUB format, as well as other popular books in Computer Science & Cyber Security. We have over one million books available in our catalogue for you to explore.
Information
Identifying Server Vulnerabilities in Web Applications
This chapter covers the main vulnerabilities in web applications and the tools we can find in the python ecosystem, such as w3af as a vulnerabilities scanner in web applications, and sqlmap for detecting sql vulnerabilities. Regarding server vulnerabilities, we cover testing heartbleed and SSL vulnerabiliies in servers with openssl activated.
The following topics will be covered in this chapter:
- Vulnerabilities in web applications with OWASP
- w3af as a vulnerabilities scanner in web applications
- How to discover sql vulnerabilities with python tools
- Python script for testing heartbleed and SSL/TLS vulnerabilities
Technical requirements
Examples and source code for this chapter are available in the GitHub repository in the chapter11 folder:
https://github.com/PacktPublishing/Mastering-Python-for-Networking-and-Security
You will need to install Python distribution in your local machine with at least 4 GB memory.
Scripts can be executed with Python 2.7 and 3.x versions and w3af is tested in a Unix distribution such as Ubuntu.
Introducing vulnerabilities in web applications with OWASP
Open Web Application Security Project (OWASP) Top 10 is a list of the 10 most critical web-application security risks. In this section, we will comment on the OWASP top 10 vulnerabilities and explain in detail the cross-site scripting (XSS) vulnerability.
Introduction to OWASP
The Open Web Application Security Project is an excellent resource to learn about ways to protect your web apps from bad behaviors. There are many kinds of application-security vulnerabilities. OWASP ranked the top ten application security risks at OWASP Top Ten Project: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_2017_Project.
The full classification can be found in the shared OWASP.xlsx Excel file located in the GitHub repository inside the chapter folder:
Here we can highlight the following codes:
- OTG-INFO-001 Information leak: We can make use of search engines such as Bing, Google, and Shodan in search of information leaks using the operators or dorks that these search engines provide. We could, for example, see what information Shodan gives us, for that we carry out the search of the IP or domain, and with the service of Shodan we can see the services that it has exposed and open ports.
- OTG-INFO-002 Web server fingerprinting: We will try to find out what kind of server our target website is working on, for that we use the whatweb tool that we can find in the Kali Linux distribution.
- OTG-INFO-003 Metadata found in server files: At this point, we can use tools such as Foca or Metagoofil to extract metadata in documents published on the website.
- OTG-INFO-004 Enumeration of subdomains and server applications: We will use tools that give us information about possible subdomains, DNS servers, services, and ports opened in server applications.
- OTG-INFO-005 Comments and Metadata of the Web: We can find leak information in the comments on the web that programmers use to debug the code.
- OTG-INFO-006 and OTG-INFO-007 Identify entry points and Website Map: We can detect all the endpoints of entry of the web (requests and answers with GET and POST), for which we are going to use a reverse web proxy (ZAP, Burp, or WebScarab) and use its Spider in such a way that it generates a map complete of the web and its entry points.
- OTG-INFO-008 Fingerprinting Web Application Framework: It is about finding out what type of framework has been used to develop the web, for example, programming language and technology. We can find all this information in the HTTP headers, cookies, HTML code, and different files and folders. When we used whatweb tool, we could see that JQuery was using other specific technologies that the CMS used.
- OTG-INFO-009 Fingerprinting Web Application: It is about finding out whether some kind of CMS has been used to develop the Web: WordPress, Joomla, or another type of CMS.
- OTG-INFO-0010 Server Architecture: We can check whether there is any kind of firewall in the middle of the communication. For this task, we can do some type of port scanning and see whether there is no Web Application Firewall, for example, due to port 80 being unfiltered.
OWASP common attacks
Let's look at some of the most common attacks:
- SQL Injection: The injection of SQL code occurs when data supplied by the user is sent unfiltered to an interpreter as part of a query in order to modify the original behavior, to execute commands or arbitrary queries in the database. The attacker sends raw SQL statements in the request. If your server uses some of the request content to build SQL queries, it might perform the attacker's request on the database. In Python, though, if you use SQLAlchemy and avoid raw SQL statements altogether, you will be safe. If you use raw SQL, make sure every variable is correctly quoted. We can find more information and owasp documentation about this kind of injection at https://www.owasp.org/index.php/SQL_Injection.
- Cross Site Scripting (XSS): This attack happens only on web pages that display some HTML. The attacker uses some of the query attributes to try to inject their piece of javascript code on the page to trick the user into performing some actions thinking they are on the legitimate website. XSS allows attackers to execute scripts in the victim's browser, allowing them to hijack user sessions, destroy websites, or direct the user to a malicious site (https://www.owasp.org/index.php/XSS).
- Cross-Site Request Forgery (XSRF/CSRF): This attack is based on attacking a service by reusing the user's credentials from another website. The t...