eBook - ePub
Hands-On Penetration Testing with Python
Enhance your ethical hacking skills to build automated and intelligent systems
Furqan Khan
This is a test
Condividi libro
- 502 pagine
- English
- ePUB (disponibile sull'app)
- Disponibile su iOS e Android
eBook - ePub
Hands-On Penetration Testing with Python
Enhance your ethical hacking skills to build automated and intelligent systems
Furqan Khan
Dettagli del libro
Anteprima del libro
Indice dei contenuti
Citazioni
Informazioni sul libro
Implement defensive techniques in your ecosystem successfully with Python
Key Features
- Identify and expose vulnerabilities in your infrastructure with Python
- Learn custom exploit development.
- Make robust and powerful cybersecurity tools with Python
Book Description
With the current technological and infrastructural shift, penetration testing is no longer a process-oriented activity. Modern-day penetration testing demands lots of automation and innovation; the only language that dominates all its peers is Python. Given the huge number of tools written in Python, and its popularity in the penetration testing space, this language has always been the first choice for penetration testers.
Hands-On Penetration Testing with Python walks you through advanced Python programming constructs. Once you are familiar with the core concepts, you'll explore the advanced uses of Python in the domain of penetration testing and optimization. You'll then move on to understanding how Python, data science, and the cybersecurity ecosystem communicate with one another. In the concluding chapters, you'll study exploit development, reverse engineering, and cybersecurity use cases that can be automated with Python.
By the end of this book, you'll have acquired adequate skills to leverage Python as a helpful tool to pentest and secure infrastructure, while also creating your own custom exploits.
What you will learn
- Get to grips with Custom vulnerability scanner development
- Familiarize yourself with web application scanning automation and exploit development
- Walk through day-to-day cybersecurity scenarios that can be automated with Python
- Discover enterprise-or organization-specific use cases and threat-hunting automation
- Understand reverse engineering, fuzzing, buffer overflows, key-logger development, and exploit development for buffer overflows.
- Understand web scraping in Python and use it for processing web responses
- Explore Security Operations Centre (SOC) use cases
- Get to understand Data Science, Python, and cybersecurity all under one hood
Who this book is for
If you are a security consultant, developer or a cyber security enthusiast with little or no knowledge of Python and want in-depth insight into how the pen-testing ecosystem and python combine to create offensive tools, exploits, automate cyber security use-cases and much more then this book is for you. Hands-On Penetration Testing with Python guides you through the advanced uses of Python for cybersecurity and pen-testing, helping you to better understand security loopholes within your infrastructure.
Domande frequenti
Come faccio ad annullare l'abbonamento?
È semplicissimo: basta accedere alla sezione Account nelle Impostazioni e cliccare su "Annulla abbonamento". Dopo la cancellazione, l'abbonamento rimarrà attivo per il periodo rimanente già pagato. Per maggiori informazioni, clicca qui
È possibile scaricare libri? Se sì, come?
Al momento è possibile scaricare tramite l'app tutti i nostri libri ePub mobile-friendly. Anche la maggior parte dei nostri PDF è scaricabile e stiamo lavorando per rendere disponibile quanto prima il download di tutti gli altri file. Per maggiori informazioni, clicca qui
Che differenza c'è tra i piani?
Entrambi i piani ti danno accesso illimitato alla libreria e a tutte le funzionalità di Perlego. Le uniche differenze sono il prezzo e il periodo di abbonamento: con il piano annuale risparmierai circa il 30% rispetto a 12 rate con quello mensile.
Cos'è Perlego?
Perlego è un servizio di abbonamento a testi accademici, che ti permette di accedere a un'intera libreria online a un prezzo inferiore rispetto a quello che pagheresti per acquistare un singolo libro al mese. Con oltre 1 milione di testi suddivisi in più di 1.000 categorie, troverai sicuramente ciò che fa per te! Per maggiori informazioni, clicca qui.
Perlego supporta la sintesi vocale?
Cerca l'icona Sintesi vocale nel prossimo libro che leggerai per verificare se è possibile riprodurre l'audio. Questo strumento permette di leggere il testo a voce alta, evidenziandolo man mano che la lettura procede. Puoi aumentare o diminuire la velocità della sintesi vocale, oppure sospendere la riproduzione. Per maggiori informazioni, clicca qui.
Hands-On Penetration Testing with Python è disponibile online in formato PDF/ePub?
Sì, puoi accedere a Hands-On Penetration Testing with Python di Furqan Khan in formato PDF e/o ePub, così come ad altri libri molto apprezzati nelle sezioni relative a Informatica e Sicurezza informatica. Scopri oltre 1 milione di libri disponibili nel nostro catalogo.
Informazioni
Vulnerability Scanner Python - Part 1
When we talk of port scanning, the tool that automatically comes to mind is Nmap. Nmap has a good reputation and it is arguably the best open source port scanner available. It has tons of features that allow you to carry out a wide variety of scans over the network to discover what hosts are alive, what ports are open, and also which services and service versions are running on the host. It also has an engine (the Nmap scanning engine) that can scan NSE scripts, that is used to discover common vulnerabilities with the running services. In this chapter, we will make use of Python in order to automate the process of port scanning. This chapter will form the basis for our automated vulnerability scanner, and will supplement the subsequent chapter, which will focus on automating service scanning and enumeration.
This chapter covers the following topics:
- Introducing Nmap
- Building a network scanner with Python
Introducing Nmap
Our port scanner will be made on top of Nmap, with additional features and capabilities, such as parallel port scanning a target and pausing and resuming a scan. It will also have a web GUI that we can use to conduct our scans.
Let's take a look at the various properties of Nmap:
- The following screenshot shows the different scan techniques that are available with Nmap:
- The following screenshot shows host discovery and port specification, along with some examples:
- The following screenshot shows service and version detection and OS detection, along with some examples:
- The following screenshot shows the timing and performance, along with some examples:
- The following screenshot shows NSE scripts, along with some examples:
- The following screenshot shows Firewall/IDS evasion and spoofing, along with some examples:
- The following screenshot shows some helpful Nmap output examples:
The preceding screenshots provide a comprehensive list of the Nmap commands that we frequently use in our day-to-day operations. We will not be covering how to run Nmap commands on the Terminal, as it is assumed that this is straightforward.
It should be noted that, from now on, we will be using Kali Linux as our pen-test lab OS. All the Python automation that we will see will therefore be implemented on the Kali Linux box. To install a Kali Linux VM/VirtualBox image, please refer to https://www.osboxes.org/Kali-linux/. To download VirtualBox, refer to https://www.virtualbox.org/wiki/Downloads. Once downloaded, perform the steps shown in the following screenshots.
First, enter a Name for the new virtual machine along with the Type and Version; in our case, this is Linux and Debian (64-bit). After that, allocate the memory size:
Next, choose the virtual hard disk file, as shown in the following screenshot:
Building a network scanner with Python
Now that we are all set up with our VirtualBox image, let's have a look at a simple Python script that will help us to call Nmap and initiate a scan. Later on, we will optimize this script to make it better. We will finish by making it a full-fledged port scanning Python engine with pause, resume, and multiprocessing abilities:
The information produced by the preceding script is hard for the Python code to filter and store. If we want to store all the open ports and services in a dictionary, it would be hard to do that with the preceding method. Let's think about another way in which the information produced can be parsed and processed by the script. We know that the oX flag is used to produce output in XML format. We will use the oX flag to convert the XML string to a Python dictionary as shown in the following sections.
Controlling the Nmap output with the script
In the following example, we reused the same concepts that we studied earlier. We redirected the Nmap output in XML format to the screen. We then collected the output produced as a string and used the import xml.Etree.elementTree Python module as ET in order to convert the XML output to Python dictionaries. Using the following code, we can control Nmap using our program and filter out all the useful information:
We can then store that information in database tables:
Next, run the following commands:
Nmap=NmapPy(["Nmap","-Pn","-sV","-oX","-","127.0.0.1"])
Nmap.scan()
Although the preceding method is good, and gives us granular control over Nmap output, it involves processing and parsing code that we may not want to write every time we conduct a scan with Nmap. An alternative and better approach is to use Python's built-in Nmap wrapper module. We can install Python's Nmap module with pip install, and it does pretty much the same as what we did before, but allows us to avoid writing all the processing and subprocessing logic. It keeps the code clean and more readable. Whenever we wish to have more granular control, we can always fall back to the preceding approach.
Using the Nmap module to conduct Nmap port scanning
Let's now go ahead and install the Python Nmap module as follows:
pip install Nmap
The preceding command will install the Nmap utility. The following section provides an overview as to how the library can be used:
import Nmap # import Nmap.py module
Nmap_obj = Nmap.PortScanner() # instantiate Nmap.PortScanner object
Nmap_obj.scan('192.168.0.143', '1-1024') # scan host 192.1680.143, ports from 1-1024
Nmap_obj.command_line() # get command line used for the scan : Nmap -oX - -p 1-1024 192.1680.143
Nmap_obj.scaninfo() # get Nmap scan informations {'tcp': {'services': '1-1024', 'method': 'connect'}}
Nmap_obj.all_hosts() # get all hosts that were scanned
Nmap_obj['192.1680.143'].hostname() # get one hostname for host 192.1680.143, usualy the user record
Nmap_obj['192.1680.143'].hostnames() # get list of hostnames for host 192.1680.143 as a list of dict
# [{'name':'hostname1', 'type':'PTR'}, {'name':'hostname2', 'type':'user'}]
Nmap_obj['192.1680.143'].hostname() # get hostname for host 192.1680.143
Nmap_obj['192.1680.143'].state() # get state of host 192.1680.143 (up|down|unknown|skipped)
Nmap_obj['192.1680.143'].all_protocols() # get all scanned protocols ['tcp', 'udp'] in (ip|tcp|udp|sctp)
Nmap_obj['192.1680.143']['tcp'].keys() # get all ports for tcp protocol
Nmap_obj['192.1680.143'].all_tcp() # get all ports for tcp protocol (sorted version)
Nmap_obj['192.1680.143'].all_udp() # get all ports for udp protocol (sorted version)
Nmap_obj['192.1680.143'].all_ip() # get all ports for ip protocol (sorted version)
Nmap_obj['192.1680.143'].all_sctp() # get all ports for sctp protocol (sorted version)
Nmap_obj['192.1680.143'].has_tcp(22) # is there any information for port 22/tcp on host 192.1680.143
Nmap_obj['192.1680.143']['tcp'][22] # get infos about port 22 in tcp on host 192.1680.143
Nmap_obj['192.1680.143'].tcp(22) # get infos about port 22 in tcp on host 192.1680.143
Nmap_obj['192.1680.143']['tcp'][22]['state'] # get state of port 22/tcp on host 192.1680.143
This gives a quick start to an excellent utility written by Alexandre Norman. More details of this module can be foun...