Over 50+ hands-on recipes to help you pen test networks using Python, discover vulnerabilities, and find a recovery path
About This Book
- Learn to detect and avoid various types of attack that put system privacy at risk
- Enhance your knowledge of wireless application concepts and information gathering through practical recipes
- Learn a pragmatic way to penetration-test using Python, build efficient code, and save time
Who This Book Is For
If you are a developer with prior knowledge of using Python for penetration testing and if you want an overview of scripting tasks to consider while penetration testing, this book will give you a lot of useful code for your toolkit.
What You Will Learn
- Learn to configure Python in different environment setups.
- Find an IP address from a web page using BeautifulSoup and Scrapy
- Discover different types of packet sniffing script to sniff network packets
- Master layer-2 and TCP/ IP attacks
- Master techniques for exploit development for Windows and Linux
- Incorporate various network- and packet-sniffing techniques using Raw sockets and Scrapy
In Detail
Penetration testing is the use of tools and code to attack a system in order to assess its vulnerabilities to external threats. Python allows pen testers to create their own tools. Since Python is a highly valued pen-testing language, there are many native libraries and Python bindings available specifically for pen-testing tasks.
Python Penetration Testing Cookbook begins by teaching you how to extract information from web pages. You will learn how to build an intrusion detection system using network sniffing techniques. Next, you will find out how to scan your networks to ensure performance and quality, and how to carry out wireless pen testing on your network to avoid cyber attacks. After that, we'll discuss the different kinds of network attack. Next, you'll get to grips with designing your own torrent detection program. We'll take you through common vulnerability scenarios and then cover buffer overflow exploitation so you can detect insecure coding. Finally, you'll master PE code injection methods to safeguard your network.
Style and approach
This book takes a recipe-based approach to solving real-world problems in pen testing. It is structured in stages from the initial assessment of a system through exploitation to post-exploitation tests, and provides scripts that can be used or modified for in-depth penetration testing.
Rejah Rehim is currently the Director and Chief Information Officer (CIO) of Appfabs. Previously holding the title of Security Architect at FAYA India, he is a long-time preacher of open source.
He is a steady contributor to the Mozilla Foundation and his name has been added to the San Francisco Firefox Monument. A member of the Mozilla add-ons review board, he has contributed to the development of several node modules. He is credited with the creation of nine Mozilla add-ons, including the very popular Clear Console add-on, which was selected as one of the best Mozilla add-ons of 2013. With a user base of more than 44,000, it has seen more than 800,000 downloads to date. He has successfully created the world's first security testing browser bundle, PenQ, an open source Linux-based penetration testing browser bundle preconfigured with tools for spidering, advanced web searching, fingerprinting, and so on.
Rejah is also an active member of OWASP and the chapter leader of OWASP Kerala. He is also an active speaker at FAYA:80, a tech community based in Kerala, with the mission of free knowledge sharing. Besides being a part of the cyber security division of FAYA, Rejah is also a student of process automation and has implemented it in FAYA.
Additionally, Rejah also holds the title of commander at Cyberdome, an initiative of the Kerala Police Department.
