Mastering Python for Networking and Security
eBook - ePub

Mastering Python for Networking and Security

Leverage Python scripts and libraries to overcome networking and security issues

José Ortega

Buch teilen
  1. 426 Seiten
  2. English
  3. ePUB (handyfreundlich)
  4. Über iOS und Android verfügbar
eBook - ePub

Mastering Python for Networking and Security

Leverage Python scripts and libraries to overcome networking and security issues

José Ortega

Angaben zum Buch
Buchvorschau
Inhaltsverzeichnis
Quellenangaben

Über dieses Buch

Master Python scripting to build a network and perform security operations

Key Features

  • Learn to handle cyber attacks with modern Python scripting
  • Discover various Python libraries for building and securing your network
  • Understand Python packages and libraries to secure your network infrastructure

Book Description

It's becoming more and more apparent that security is a critical aspect of IT infrastructure. A data breach is a major security incident, usually carried out by just hacking a simple network line. Increasing your network's security helps step up your defenses against cyber attacks. Meanwhile, Python is being used for increasingly advanced tasks, with the latest update introducing many new packages. This book focuses on leveraging these updated packages to build a secure network with the help of Python scripting. This book covers topics from building a network to the different procedures you need to follow to secure it. You'll first be introduced to different packages and libraries, before moving on to different ways to build a network with the help of Python scripting. Later, you will learn how to check a network's vulnerability using Python security scripting, and understand how to check vulnerabilities in your network. As you progress through the chapters, you will also learn how to achieve endpoint protection by leveraging Python packages along with writing forensic scripts. By the end of this book, you will be able to get the most out of the Python language to build secure and robust networks that are resilient to attacks.

What you will learn

  • Develop Python scripts for automating security and pentesting tasks
  • Discover the Python standard library s main modules used for performing security-related tasks
  • Automate analytical tasks and the extraction of information from servers
  • Explore processes for detecting and exploiting vulnerabilities in servers
  • Use network software for Python programming
  • Perform server scripting and port scanning with Python
  • Identify vulnerabilities in web applications with Python
  • Use Python to extract metadata and forensics

Who this book is for

This book is ideal for network engineers, system administrators, or any security professional looking at tackling networking and security challenges. Programmers with some prior experience in Python will get the most out of this book. Some basic understanding of general programming structures and Python is required.

]]>

Häufig gestellte Fragen

Wie kann ich mein Abo kündigen?
Gehe einfach zum Kontobereich in den Einstellungen und klicke auf „Abo kündigen“ – ganz einfach. Nachdem du gekündigt hast, bleibt deine Mitgliedschaft für den verbleibenden Abozeitraum, den du bereits bezahlt hast, aktiv. Mehr Informationen hier.
(Wie) Kann ich Bücher herunterladen?
Derzeit stehen all unsere auf Mobilgeräte reagierenden ePub-Bücher zum Download über die App zur Verfügung. Die meisten unserer PDFs stehen ebenfalls zum Download bereit; wir arbeiten daran, auch die übrigen PDFs zum Download anzubieten, bei denen dies aktuell noch nicht möglich ist. Weitere Informationen hier.
Welcher Unterschied besteht bei den Preisen zwischen den Aboplänen?
Mit beiden Aboplänen erhältst du vollen Zugang zur Bibliothek und allen Funktionen von Perlego. Die einzigen Unterschiede bestehen im Preis und dem Abozeitraum: Mit dem Jahresabo sparst du auf 12 Monate gerechnet im Vergleich zum Monatsabo rund 30 %.
Was ist Perlego?
Wir sind ein Online-Abodienst für Lehrbücher, bei dem du für weniger als den Preis eines einzelnen Buches pro Monat Zugang zu einer ganzen Online-Bibliothek erhältst. Mit über 1 Million Büchern zu über 1.000 verschiedenen Themen haben wir bestimmt alles, was du brauchst! Weitere Informationen hier.
Unterstützt Perlego Text-zu-Sprache?
Achte auf das Symbol zum Vorlesen in deinem nächsten Buch, um zu sehen, ob du es dir auch anhören kannst. Bei diesem Tool wird dir Text laut vorgelesen, wobei der Text beim Vorlesen auch grafisch hervorgehoben wird. Du kannst das Vorlesen jederzeit anhalten, beschleunigen und verlangsamen. Weitere Informationen hier.
Ist Mastering Python for Networking and Security als Online-PDF/ePub verfügbar?
Ja, du hast Zugang zu Mastering Python for Networking and Security von José Ortega im PDF- und/oder ePub-Format sowie zu anderen beliebten Büchern aus Computer Science & Cyber Security. Aus unserem Katalog stehen dir über 1 Million Bücher zur Verfügung.

Information

Verlag
Packt Publishing
Jahr
2018
ISBN
9781788990707
Thema
Computer Science
Thema
Cyber Security

Identifying Server Vulnerabilities in Web Applications

This chapter covers the main vulnerabilities in web applications and the tools we can find in the python ecosystem, such as w3af as a vulnerabilities scanner in web applications, and sqlmap for detecting sql vulnerabilities. Regarding server vulnerabilities, we cover testing heartbleed and SSL vulnerabiliies in servers with openssl activated.
The following topics will be covered in this chapter:
  • Vulnerabilities in web applications with OWASP
  • w3af as a vulnerabilities scanner in web applications
  • How to discover sql vulnerabilities with python tools
  • Python script for testing heartbleed and SSL/TLS vulnerabilities

Technical requirements

Examples and source code for this chapter are available in the GitHub repository in the chapter11 folder:
https://github.com/PacktPublishing/Mastering-Python-for-Networking-and-Security
You will need to install Python distribution in your local machine with at least 4 GB memory.
Scripts can be executed with Python 2.7 and 3.x versions and w3af is tested in a Unix distribution such as Ubuntu.

Introducing vulnerabilities in web applications with OWASP

Open Web Application Security Project (OWASP) Top 10 is a list of the 10 most critical web-application security risks. In this section, we will comment on the OWASP top 10 vulnerabilities and explain in detail the cross-site scripting (XSS) vulnerability.

Introduction to OWASP

The Open Web Application Security Project is an excellent resource to learn about ways to protect your web apps from bad behaviors. There are many kinds of application-security vulnerabilities. OWASP ranked the top ten application security risks at OWASP Top Ten Project: https://www.owasp.org/index.php/Category:OWASP_Top_Ten_2017_Project.
The full classification can be found in the shared OWASP.xlsx Excel file located in the GitHub repository inside the chapter folder:
Here we can highlight the following codes:
  • OTG-INFO-001 Information leak: We can make use of search engines such as Bing, Google, and Shodan in search of information leaks using the operators or dorks that these search engines provide. We could, for example, see what information Shodan gives us, for that we carry out the search of the IP or domain, and with the service of Shodan we can see the services that it has exposed and open ports.
  • OTG-INFO-002 Web server fingerprinting: We will try to find out what kind of server our target website is working on, for that we use the whatweb tool that we can find in the Kali Linux distribution.
  • OTG-INFO-003 Metadata found in server files: At this point, we can use tools such as Foca or Metagoofil to extract metadata in documents published on the website.
  • OTG-INFO-004 Enumeration of subdomains and server applications: We will use tools that give us information about possible subdomains, DNS servers, services, and ports opened in server applications.
  • OTG-INFO-005 Comments and Metadata of the Web: We can find leak information in the comments on the web that programmers use to debug the code.
  • OTG-INFO-006 and OTG-INFO-007 Identify entry points and Website Map: We can detect all the endpoints of entry of the web (requests and answers with GET and POST), for which we are going to use a reverse web proxy (ZAP, Burp, or WebScarab) and use its Spider in such a way that it generates a map complete of the web and its entry points.
  • OTG-INFO-008 Fingerprinting Web Application Framework: It is about finding out what type of framework has been used to develop the web, for example, programming language and technology. We can find all this information in the HTTP headers, cookies, HTML code, and different files and folders. When we used whatweb tool, we could see that JQuery was using other specific technologies that the CMS used.
  • OTG-INFO-009 Fingerprinting Web Application: It is about finding out whether some kind of CMS has been used to develop the Web: WordPress, Joomla, or another type of CMS.
  • OTG-INFO-0010 Server Architecture: We can check whether there is any kind of firewall in the middle of the communication. For this task, we can do some type of port scanning and see whether there is no Web Application Firewall, for example, due to port 80 being unfiltered.

OWASP common attacks

Let's look at some of the most common attacks:
  • SQL Injection: The injection of SQL code occurs when data supplied by the user is sent unfiltered to an interpreter as part of a query in order to modify the original behavior, to execute commands or arbitrary queries in the database. The attacker sends raw SQL statements in the request. If your server uses some of the request content to build SQL queries, it might perform the attacker's request on the database. In Python, though, if you use SQLAlchemy and avoid raw SQL statements altogether, you will be safe. If you use raw SQL, make sure every variable is correctly quoted. We can find more information and owasp documentation about this kind of injection at https://www.owasp.org/index.php/SQL_Injection.
  • Cross Site Scripting (XSS): This attack happens only on web pages that display some HTML. The attacker uses some of the query attributes to try to inject their piece of javascript code on the page to trick the user into performing some actions thinking they are on the legitimate website. XSS allows attackers to execute scripts in the victim's browser, allowing them to hijack user sessions, destroy websites, or direct the user to a malicious site (https://www.owasp.org/index.php/XSS).
  • Cross-Site Request Forgery (XSRF/CSRF): This attack is based on attacking a service by reusing the user's credentials from another website. The t...

Inhaltsverzeichnis