Python Penetration Testing Cookbook

Book Description

Python Penetration Testing Cookbook: Practical recipes on implementing information gathering, network security, intrusion detection, and post-exploitation

Over 50+ hands-on recipes to help you pen test networks using Python, discover vulnerabilities, and find a recovery path

About This Book

• Learn to detect and avoid various types of attack that put system privacy at risk
• Enhance your knowledge of wireless application concepts and information gathering through practical recipes
• Learn a pragmatic way to penetration-test using Python, build efficient code, and save time

Who This Book Is For

If you are a developer with prior knowledge of using Python for penetration testing and if you want an overview of scripting tasks to consider while penetration testing, this book will give you a lot of useful code for your toolkit.

What You Will Learn

• Learn to configure Python in different environment setups.
• Find an IP address from a web page using BeautifulSoup and Scrapy
• Discover different types of packet sniffing script to sniff network packets
• Master layer-2 and TCP/ IP attacks
• Master techniques for exploit development for Windows and Linux
• Incorporate various network- and packet-sniffing techniques using Raw sockets and Scrapy

In Detail

Penetration testing is the use of tools and code to attack a system in order to assess its vulnerabilities to external threats. Python allows pen testers to create their own tools. Since Python is a highly valued pen-testing language, there are many native libraries and Python bindings available specifically for pen-testing tasks.

Python Penetration Testing Cookbook begins by teaching you how to extract information from web pages. You will learn how to build an intrusion detection system using network sniffing techniques. Next, you will find out how to scan your networks to ensure performance and quality, and how to carry out wireless pen testing on your network to avoid cyber attacks. After that, we’ll discuss the different kinds of network attack. Next, you’ll get to grips with designing your own torrent detection program. We’ll take you through common vulnerability scenarios and then cover buffer overflow exploitation so you can detect insecure coding. Finally, you’ll master PE code injection methods to safeguard your network.

Style and approach

This book takes a recipe-based approach to solving real-world problems in pen testing. It is structured in stages from the initial assessment of a system through exploitation to post-exploitation tests, and provides scripts that can be used or modified for in-depth penetration testing.

Table of Contents

Chapter 1. Why Python in Penetration Testing?
Chapter 2. Setting Up a Python Environment
Chapter 3. Web Scraping with Python
Chapter 4. Data Parsing with Python
Chapter 5. Web Scraping with Scrapy and BeautifulSoup
Chapter 6. Network Scanning with Python
Chapter 7. Network Sniffing with Python
Chapter 8. Scapy Basics
Chapter 9. Wi-Fi Sniffing
Chapter 10. Layer 2 Attacks
Chapter 11. TCP/IP Attacks
Chapter 12. Introduction to Exploit Development
Chapter 13. Windows Exploit Development
Chapter 14. Linux Exploit Development

中文：

书名：《Python渗透测试手册》

Python渗透测试手册：关于实现信息收集、网络安全、入侵检测和后利用的实用方法

超过50多个实践食谱，帮助您使用Python测试网络、发现漏洞并找到恢复途径

关于本书

• Learn to detect and avoid various types of attack that put system privacy at risk
• 通过实践食谱增强您对无线应用概念和信息收集的知识
• 学习一种实用的方法–使用Python进行渗透测试，构建高效的代码，并节省时间

这本书是为谁写的

如果您是一名开发人员，具有使用Python进行渗透测试的先验知识，并且希望了解渗透测试时要考虑的脚本任务的概述，这本书将为您的工具包提供大量有用的代码。

你将学到什么

• 学习如何在不同的环境设置中配置Python。
• 使用BeautifulSoup和Scrapy从网页中查找IP地址
• 发现不同类型的数据包嗅探脚本以嗅探网络数据包
• 主从第2层攻击和TCP/IP攻击
• 掌握Windows和Linux开发技术
• 使用Raw套接字和Scrapy整合各种网络和数据包嗅探技术

详细地说

渗透测试是使用工具和代码攻击系统，以评估其对外部威胁的脆弱性。Python允许笔测试员创建他们自己的工具。由于Python是一种高度重视的笔测试语言，因此有许多专门用于笔测试任务的本地库和Python绑定。

《Python渗透测试手册》从教你如何从网页中提取信息开始。您将学习如何使用网络嗅探技术构建入侵检测系统。接下来，您将了解如何扫描您的网络以确保性能和质量，以及如何对您的网络进行无线笔测试以避免网络攻击。之后，我们将讨论不同类型的网络攻击。接下来，您将着手设计您自己的Torrent检测程序。我们将带您了解常见的漏洞场景，然后介绍缓冲区溢出利用，以便您可以检测不安全的编码。最后，您将掌握PE代码注入方法来保护您的网络。

Style and approach

这本书采取了一种基于配方的方法来解决笔测试中的现实问题。它从系统的初始评估、攻击到攻击后测试分阶段构建，并提供可用于或修改用于深入渗透测试的脚本。

Table of Contents

第1章.为什么要在渗透测试中使用Python？
第2章：设置一个Python环境
第3章.使用Python进行Web抓取
第4章.使用Python进行数据解析
第5章.使用Scrapy和BeautifulSoup进行Web抓取
第6章：使用Python进行网络扫描
第7章：使用Python进行网络嗅探
第8章：Scapy基础知识
第9章：Wi-Fi嗅探
Chapter 10. Layer 2 Attacks
第11章.TCP/IP攻击
第12章：漏洞开发简介
第13章Windows漏洞利用开发
第14章.Linux漏洞开发