eBook - ePub
Hands-On Penetration Testing with Python
Enhance your ethical hacking skills to build automated and intelligent systems
Furqan Khan
This is a test
Partager le livre
- 502 pages
- English
- ePUB (adapté aux mobiles)
- Disponible sur iOS et Android
eBook - ePub
Hands-On Penetration Testing with Python
Enhance your ethical hacking skills to build automated and intelligent systems
Furqan Khan
DĂ©tails du livre
Aperçu du livre
Table des matiĂšres
Citations
Ă propos de ce livre
Implement defensive techniques in your ecosystem successfully with Python
Key Features
- Identify and expose vulnerabilities in your infrastructure with Python
- Learn custom exploit development.
- Make robust and powerful cybersecurity tools with Python
Book Description
With the current technological and infrastructural shift, penetration testing is no longer a process-oriented activity. Modern-day penetration testing demands lots of automation and innovation; the only language that dominates all its peers is Python. Given the huge number of tools written in Python, and its popularity in the penetration testing space, this language has always been the first choice for penetration testers.
Hands-On Penetration Testing with Python walks you through advanced Python programming constructs. Once you are familiar with the core concepts, you'll explore the advanced uses of Python in the domain of penetration testing and optimization. You'll then move on to understanding how Python, data science, and the cybersecurity ecosystem communicate with one another. In the concluding chapters, you'll study exploit development, reverse engineering, and cybersecurity use cases that can be automated with Python.
By the end of this book, you'll have acquired adequate skills to leverage Python as a helpful tool to pentest and secure infrastructure, while also creating your own custom exploits.
What you will learn
- Get to grips with Custom vulnerability scanner development
- Familiarize yourself with web application scanning automation and exploit development
- Walk through day-to-day cybersecurity scenarios that can be automated with Python
- Discover enterprise-or organization-specific use cases and threat-hunting automation
- Understand reverse engineering, fuzzing, buffer overflows, key-logger development, and exploit development for buffer overflows.
- Understand web scraping in Python and use it for processing web responses
- Explore Security Operations Centre (SOC) use cases
- Get to understand Data Science, Python, and cybersecurity all under one hood
Who this book is for
If you are a security consultant, developer or a cyber security enthusiast with little or no knowledge of Python and want in-depth insight into how the pen-testing ecosystem and python combine to create offensive tools, exploits, automate cyber security use-cases and much more then this book is for you. Hands-On Penetration Testing with Python guides you through the advanced uses of Python for cybersecurity and pen-testing, helping you to better understand security loopholes within your infrastructure.
Foire aux questions
Comment puis-je résilier mon abonnement ?
Il vous suffit de vous rendre dans la section compte dans paramĂštres et de cliquer sur « RĂ©silier lâabonnement ». Câest aussi simple que cela ! Une fois que vous aurez rĂ©siliĂ© votre abonnement, il restera actif pour le reste de la pĂ©riode pour laquelle vous avez payĂ©. DĂ©couvrez-en plus ici.
Puis-je / comment puis-je télécharger des livres ?
Pour le moment, tous nos livres en format ePub adaptĂ©s aux mobiles peuvent ĂȘtre tĂ©lĂ©chargĂ©s via lâapplication. La plupart de nos PDF sont Ă©galement disponibles en tĂ©lĂ©chargement et les autres seront tĂ©lĂ©chargeables trĂšs prochainement. DĂ©couvrez-en plus ici.
Quelle est la différence entre les formules tarifaires ?
Les deux abonnements vous donnent un accĂšs complet Ă la bibliothĂšque et Ă toutes les fonctionnalitĂ©s de Perlego. Les seules diffĂ©rences sont les tarifs ainsi que la pĂ©riode dâabonnement : avec lâabonnement annuel, vous Ă©conomiserez environ 30 % par rapport Ă 12 mois dâabonnement mensuel.
Quâest-ce que Perlego ?
Nous sommes un service dâabonnement Ă des ouvrages universitaires en ligne, oĂč vous pouvez accĂ©der Ă toute une bibliothĂšque pour un prix infĂ©rieur Ă celui dâun seul livre par mois. Avec plus dâun million de livres sur plus de 1 000 sujets, nous avons ce quâil vous faut ! DĂ©couvrez-en plus ici.
Prenez-vous en charge la synthÚse vocale ?
Recherchez le symbole Ăcouter sur votre prochain livre pour voir si vous pouvez lâĂ©couter. Lâoutil Ăcouter lit le texte Ă haute voix pour vous, en surlignant le passage qui est en cours de lecture. Vous pouvez le mettre sur pause, lâaccĂ©lĂ©rer ou le ralentir. DĂ©couvrez-en plus ici.
Est-ce que Hands-On Penetration Testing with Python est un PDF/ePUB en ligne ?
Oui, vous pouvez accĂ©der Ă Hands-On Penetration Testing with Python par Furqan Khan en format PDF et/ou ePUB ainsi quâĂ dâautres livres populaires dans Informatica et Sicurezza informatica. Nous disposons de plus dâun million dâouvrages Ă dĂ©couvrir dans notre catalogue.
Informations
Vulnerability Scanner Python - Part 1
When we talk of port scanning, the tool that automatically comes to mind is Nmap. Nmap has a good reputation and it is arguably the best open source port scanner available. It has tons of features that allow you to carry out a wide variety of scans over the network to discover what hosts are alive, what ports are open, and also which services and service versions are running on the host. It also has an engine (the Nmap scanning engine) that can scan NSE scripts, that is used to discover common vulnerabilities with the running services. In this chapter, we will make use of Python in order to automate the process of port scanning. This chapter will form the basis for our automated vulnerability scanner, and will supplement the subsequent chapter, which will focus on automating service scanning and enumeration.
This chapter covers the following topics:
- Introducing Nmap
- Building a network scanner with Python
Introducing Nmap
Our port scanner will be made on top of Nmap, with additional features and capabilities, such as parallel port scanning a target and pausing and resuming a scan. It will also have a web GUI that we can use to conduct our scans.
Let's take a look at the various properties of Nmap:
- The following screenshot shows the different scan techniques that are available with Nmap:
- The following screenshot shows host discovery and port specification, along with some examples:
- The following screenshot shows service and version detection and OS detection, along with some examples:
- The following screenshot shows the timing and performance, along with some examples:
- The following screenshot shows NSE scripts, along with some examples:
- The following screenshot shows Firewall/IDS evasion and spoofing, along with some examples:
- The following screenshot shows some helpful Nmap output examples:
The preceding screenshots provide a comprehensive list of the Nmap commands that we frequently use in our day-to-day operations. We will not be covering how to run Nmap commands on the Terminal, as it is assumed that this is straightforward.
It should be noted that, from now on, we will be using Kali Linux as our pen-test lab OS. All the Python automation that we will see will therefore be implemented on the Kali Linux box. To install a Kali Linux VM/VirtualBox image, please refer to https://www.osboxes.org/Kali-linux/. To download VirtualBox, refer to https://www.virtualbox.org/wiki/Downloads. Once downloaded, perform the steps shown in the following screenshots.
First, enter a Name for the new virtual machine along with the Type and Version; in our case, this is Linux and Debian (64-bit). After that, allocate the memory size:
Next, choose the virtual hard disk file, as shown in the following screenshot:
Building a network scanner with Python
Now that we are all set up with our VirtualBox image, let's have a look at a simple Python script that will help us to call Nmap and initiate a scan. Later on, we will optimize this script to make it better. We will finish by making it a full-fledged port scanning Python engine with pause, resume, and multiprocessing abilities:
The information produced by the preceding script is hard for the Python code to filter and store. If we want to store all the open ports and services in a dictionary, it would be hard to do that with the preceding method. Let's think about another way in which the information produced can be parsed and processed by the script. We know that the oX flag is used to produce output in XML format. We will use the oX flag to convert the XML string to a Python dictionary as shown in the following sections.
Controlling the Nmap output with the script
In the following example, we reused the same concepts that we studied earlier. We redirected the Nmap output in XML format to the screen. We then collected the output produced as a string and used the import xml.Etree.elementTree Python module as ET in order to convert the XML output to Python dictionaries. Using the following code, we can control Nmap using our program and filter out all the useful information:
We can then store that information in database tables:
Next, run the following commands:
Nmap=NmapPy(["Nmap","-Pn","-sV","-oX","-","127.0.0.1"])
Nmap.scan()
Although the preceding method is good, and gives us granular control over Nmap output, it involves processing and parsing code that we may not want to write every time we conduct a scan with Nmap. An alternative and better approach is to use Python's built-in Nmap wrapper module. We can install Python's Nmap module with pip install, and it does pretty much the same as what we did before, but allows us to avoid writing all the processing and subprocessing logic. It keeps the code clean and more readable. Whenever we wish to have more granular control, we can always fall back to the preceding approach.
Using the Nmap module to conduct Nmap port scanning
Let's now go ahead and install the Python Nmap module as follows:
pip install Nmap
The preceding command will install the Nmap utility. The following section provides an overview as to how the library can be used:
import Nmap # import Nmap.py module
Nmap_obj = Nmap.PortScanner() # instantiate Nmap.PortScanner object
Nmap_obj.scan('192.168.0.143', '1-1024') # scan host 192.1680.143, ports from 1-1024
Nmap_obj.command_line() # get command line used for the scan : Nmap -oX - -p 1-1024 192.1680.143
Nmap_obj.scaninfo() # get Nmap scan informations {'tcp': {'services': '1-1024', 'method': 'connect'}}
Nmap_obj.all_hosts() # get all hosts that were scanned
Nmap_obj['192.1680.143'].hostname() # get one hostname for host 192.1680.143, usualy the user record
Nmap_obj['192.1680.143'].hostnames() # get list of hostnames for host 192.1680.143 as a list of dict
# [{'name':'hostname1', 'type':'PTR'}, {'name':'hostname2', 'type':'user'}]
Nmap_obj['192.1680.143'].hostname() # get hostname for host 192.1680.143
Nmap_obj['192.1680.143'].state() # get state of host 192.1680.143 (up|down|unknown|skipped)
Nmap_obj['192.1680.143'].all_protocols() # get all scanned protocols ['tcp', 'udp'] in (ip|tcp|udp|sctp)
Nmap_obj['192.1680.143']['tcp'].keys() # get all ports for tcp protocol
Nmap_obj['192.1680.143'].all_tcp() # get all ports for tcp protocol (sorted version)
Nmap_obj['192.1680.143'].all_udp() # get all ports for udp protocol (sorted version)
Nmap_obj['192.1680.143'].all_ip() # get all ports for ip protocol (sorted version)
Nmap_obj['192.1680.143'].all_sctp() # get all ports for sctp protocol (sorted version)
Nmap_obj['192.1680.143'].has_tcp(22) # is there any information for port 22/tcp on host 192.1680.143
Nmap_obj['192.1680.143']['tcp'][22] # get infos about port 22 in tcp on host 192.1680.143
Nmap_obj['192.1680.143'].tcp(22) # get infos about port 22 in tcp on host 192.1680.143
Nmap_obj['192.1680.143']['tcp'][22]['state'] # get state of port 22/tcp on host 192.1680.143
This gives a quick start to an excellent utility written by Alexandre Norman. More details of this module can be foun...