Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Python Penetration Testing Essentials
  • Table Of Contents Toc
  • Feedback & Rating feedback
Python Penetration Testing Essentials

Python Penetration Testing Essentials

By : Mohit Raj
3.2 (10)
Buy this Book
close
close
Python Penetration Testing Essentials

Python Penetration Testing Essentials

3.2 (10)
By: Mohit Raj
Buy this Book

Overview of this book

This book gives you the skills you need to use Python for penetration testing (pentesting), with the help of detailed code examples. We start by exploring the basics of networking with Python and then proceed to network hacking. Then, you will delve into exploring Python libraries to perform various types of pentesting and ethical hacking techniques. Next, we delve into hacking the application layer, where we start by gathering information from a website. We then move on to concepts related to website hacking—such as parameter tampering, DDoS, XSS, and SQL injection. By reading this book, you will learn different techniques and methodologies that will familiarize you with Python pentesting techniques, how to protect yourself, and how to create automated programs to find the admin console, SQL injection, and XSS attacks.
Table of Contents (11 chapters)
close
close
close
Preface
chevron up
Icon
Preface
Icon
Who this book is for
Icon
What this book covers
Icon
To get the most out of this book
Icon
Get in touch
Free Chapter
1
Python with Penetration Testing and Networking
Icon
Python with Penetration Testing and Networking
Icon
Introducing the scope of pentesting
Icon
Approaches to pentesting
Icon
Introducing Python scripting
Icon
Understanding the tests and tools you'll need
Icon
Learning the common testing platforms with Python
Icon
Network sockets
Icon
Summary
2
Scanning Pentesting
Icon
Scanning Pentesting
Icon
How to check live systems in a network and the concept of a live system
Icon
What are the services running on the target machine?
Icon
Summary
3
Sniffing and Penetration Testing
Icon
Sniffing and Penetration Testing
Icon
Introducing a network sniffer
Icon
Implementing a network sniffer using Python
Icon
Learning about packet crafting
Icon
Introducing ARP spoofing and implementing it using Python
Icon
Testing the security system using custom packet crafting
Icon
Summary
4
Network Attacks and Prevention
Icon
Network Attacks and Prevention
Icon
Technical requirements
Icon
DHCP starvation attack
Icon
The MAC flooding attack
Icon
Gateway disassociation by RAW socket
Icon
Torrent detection
Icon
Summary
5
Wireless Pentesting
Icon
Wireless Pentesting
Icon
Introduction to 802.11 frames
Icon
Wireless SSID finding and wireless traffic analysis with Python
Icon
Wireless attacks
Icon
Summary
6
Honeypot – Building Traps for Attackers
Icon
Honeypot – Building Traps for Attackers
Icon
Technical requirements
Icon
Fake ARP reply
Icon
Fake ping reply
Icon
Fake port-scanning reply
Icon
Fake OS-signature reply to nmap
Icon
Fake web server reply
Icon
Summary
7
Foot Printing a Web Server and a Web Application
Icon
Foot Printing a Web Server and a Web Application
Icon
The concept of foot printing a web server
Icon
Introducing information gathering
Icon
Information gathering of a website from whois.domaintools.com
Icon
Email address gathering from a web page
Icon
Banner grabbing of a website
Icon
Hardening of a web server
Icon
Summary
8
Client-Side and DDoS Attacks
Icon
Client-Side and DDoS Attacks
Icon
Introducing client-side validation
Icon
Tampering with the client-side parameter with Python
Icon
Effects of parameter tampering on business
Icon
Introducing DoS and DDoS
Icon
Summary
9
Pentesting SQL and XSS
Icon
Pentesting SQL and XSS
Icon
Introducing the SQL injection attack
Icon
Types of SQL injections
Icon
Understanding the SQL injection attack by a Python script
Icon
Learning about cross-site scripting
Icon
Summary
10
Other Books You May Enjoy
Icon
Other Books You May Enjoy
Icon
Leave a review - let other readers know what you think

To get the most out of this book

In order to understand the book reader must have the knowledge of Networking fundamentals, basic knowledge of Linux OS, good knowledge of information security and core Python.

In order to perform experiments or run the codes reader can use the virtual machine (Vmware, virtual box). For Wireless pen-testing readers can use a wireless card TP-Link TL-WN722N. Becuase TL-WN722N wireless card supports the Kali Linux in VMware.

Download the example code files

You can download the example code files for this book from your account at www.packtpub.com. If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

  1. Log in or register at www.packtpub.com.
  2. Select the SUPPORT tab.
  3. Click on Code Downloads & Errata.
  4. Enter the name of the book in the Search box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

  • WinRAR/7-Zip for Windows
  • Zipeg/iZip/UnRarX for Mac
  • 7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Python-Penetration-Testing-Essentials-Second-Edition. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Download the color images

Code in Action

Conventions used

There are a number of text conventions used throughout this book.

CodeInText: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: "Mount the downloaded WebStorm-10*.dmg disk image file as another disk in your system."

A block of code is set as follows:

import os
response = os.popen('ping -n 1 10.0.0.1')
for line in response.readlines():
    print line,

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

s = socket.socket(socket.PF_PACKET, socket.SOCK_RAW, socket.ntohs(0x0800))
i = 1

Any command-line input or output is written as follows:

python setup.py install

Bold: Indicates a new term, an important word, or words that you see onscreen. For example, words in menus or dialog boxes appear in the text like this. Here is an example: "Select System info from the Administration panel."

Warnings or important notes appear like this.
Tips and tricks appear like this.

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
Next Section

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY