Effective Python Penetration Testing

Key Features

• Learn to utilize your Python scripting skills to pentest a computer system, network, and web-application
• Get proficient at the art of assessing vulnerabilities by conducting effective penetration testing
• This is the ultimate guide that teaches you how to use Python to protect your systems against sophisticated cyber attacks

Book Description

Penetration testing is a practice of testing a computer system, network, or web application to find weaknesses in security that an attacker can exploit. Effective Python Penetration Testing will help you utilize your Python scripting skills to safeguard your networks from cyberattacks.

We will begin by providing you with an overview of Python scripting and penetration testing. You will learn to analyze network traffic by writing Scapy scripts and will see how to fingerprint web applications with Python libraries such as ProxMon and Spynner.

Moving on, you will find out how to write basic attack scripts, and will develop debugging and reverse engineering skills with Python libraries. Toward the end of the book, you will discover how to utilize cryptography toolkits in Python and how to automate Python tools and libraries.

What you will learn

• Write Scapy scripts to investigate network traffic
• Get to know application fingerprinting techniques with Python
• Understand the attack scripting techniques
• Write fuzzing tools with pentesting requirements
• Learn basic attack scripting methods
• Utilize cryptographic toolkits in Python
• Automate pentesting with Python tools and libraries

About the Author

Rejah Rehim is currently a security architect with FAYA India and is a long-time preacher of open source. He is a steady contributor to the Mozilla Foundation, and his name has been featured on the San Francisco Monument made by the Mozilla Foundation.

He is a part of the Mozilla add-on review board and has contributed to the development of several node modules. He has to his credit the creation of eight Mozilla add-ons, including the highly successful Clear Console add-on, which was selected as one of the best Mozilla add-ons of 2013. With a user base of more than 44,000, it has registered more than 6,90,000 downloads to date. He has successfully created the world's first, one-of-a-kind security testing browser bundle, PenQ, an open source Linux-based penetration testing browser bundle preconfigured with tools for spidering, advanced web searching, fingerprinting, and so on.

Rejah is also an active member of OWASP and is the chapter leader of OWASP Kerala. He is also an active speaker at FAYA:80, one of the premier monthly tech rendezvous in Technopark, Kerala. Besides being a part of the cyber security division of FAYA currently and QBurst in the past, Rejah is also a fan of process automation and has implemented it in FAYA. In addition to these, Rejah also volunteers with Cyberdome, an initiative of the Kerala police department, as Deputy Commander.

Table of Contents

1. Python Scripting Essentials
2. Analyzing Network Traffic with Scapy
3. Application Fingerprinting with Python
4. Attack Scripting with Python
5. Fuzzing and Brute-Forcing
6. Debugging and Reverse Engineering
7. Crypto, Hash, and Conversion Functions
8. Keylogging and Screen Grabbing
9. Attack Automation
10. Looking Forward