Sign In Start Free Trial
Account

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying Python Ethical Hacking from Scratch
  • Table Of Contents Toc
  • Feedback & Rating feedback
Python Ethical Hacking from Scratch

Python Ethical Hacking from Scratch

By : Fahad Ali Sarwar
3 (3)
close
close
Python Ethical Hacking from Scratch

Python Ethical Hacking from Scratch

3 (3)
By: Fahad Ali Sarwar

Overview of this book

Penetration testing enables you to evaluate the security or strength of a computer system, network, or web application that an attacker can exploit. With this book, you'll understand why Python is one of the fastest-growing programming languages for penetration testing. You'll find out how to harness the power of Python and pentesting to enhance your system security. Developers working with Python will be able to put their knowledge and experience to work with this practical guide. Complete with step-by-step explanations of essential concepts and practical examples, this book takes a hands-on approach to help you build your own pentesting tools for testing the security level of systems and networks. You'll learn how to develop your own ethical hacking tools using Python and explore hacking techniques to exploit vulnerabilities in networks and systems. Finally, you'll be able to get remote access to target systems and networks using the tools you develop and modify as per your own requirements. By the end of this ethical hacking book, you'll have developed the skills needed for building cybersecurity tools and learned how to secure your systems by thinking like a hacker.
Table of Contents (14 chapters)
close
close
1
Section 1: The Nuts and Bolts of Ethical Hacking – The Basics
4
Section 2: Thinking Like a Hacker – Network Information Gathering and Attacks
8
Section 3: Malware Development

Types of attacks

There are several different types of cyber-attacks depending on how they are executed. The nature of these attacks can vary depending on various factors such as the intentions of the attacker and the tools that are used for the attack. More often than not, the purpose of these attacks is to either gain complete control of the system, to steal sensitive information, or both.

System control

Attacks would often like to take charge of the victim's computer and play around with it. This could either mean rendering the system useless for the victim or making a stealth attempt to gain access without the victim knowing about it. A very famous set of attacks in this category are called remote access tool attacks. These attacks provide the attacker with complete or near-complete control of the victim's PC remotely. We have already discussed forward and reverse shells, which are used for these purposes quite frequently.

Social engineering

Another popular kind of attack that often requires little to no technical knowledge is social engineering. In simple terms, social engineering means manipulating or tricking someone into giving you the information. Instead of writing lengthy code and exploiting technical weaknesses of the system, you can simply trick the person into giving you information to carry out a cyber-attack. There are two fundamental aspects of cybersecurity: one is a technical aspect and the other is a human aspect. A security system is as good as its weakest link. More often than not, the weakest link in the security of the system is people. No system is secure if you have the key to breaking it. Social engineering is not as simple as it seems. It requires patience and attention to detail. Some of the more common social engineering tricks are explained next.

Baiting

Baiting simply means luring the target to bait and then waiting for the target to make a mistake. For example, hackers often drop USB drives filled with malware near the offices of organizations and wait until some employee gets curious and plugs the USB into their computer. Once they do so, the rest of the job is done by the malware.

Phishing

Phishing is an attack technique in which attackers impersonate someone the target trusts. Usually, they try to take advantage of people's interests. For example, if someone is a football fan, they are more likely to open an email or a link related to the topic of football and thus provide the attacker with a means to attack the victim. A common example of this attack is clone websites hosted by the attacker. An attacker would send a fake link to the target that resembles a website known to the target. However, the website will be hosted by the attacker and instead of going to the real website, the target will be directed to this website. These cloned websites look very similar to the original ones and if you are not careful, it is very hard to distinguish. Since this cloned website is operated by the hacker, any data that the user enters goes to the hacker. A good way to detect these fake websites is to check the website name along with the protocol. A real website will mostly operate on the https protocol.

Create a Note

Modal Close icon
You need to login to use this feature.
notes
bookmark search playlist download font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected

Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Delete Note

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete

Edit Note

Modal Close icon
Write a note (max 255 characters)
Cancel
Update Note

Confirmation

Modal Close icon
claim successful

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY