Mastering Python for Networking and Security
José Manuel Ortega更新时间:2021-07-16 17:41:05
最新章节:Leave a review - let other readers know what you think封面
Title Page
Copyright and Credits
Mastering Python for Networking and Security
Packt Upsell
Why subscribe?
Packt.com
Contributors
About the author
About the reviewer
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Conventions used
Get in touch
Reviews
Working with Python Scripting
Technical requirements
Programming and installing Python
Introducing Python scripting
Why choose Python?
Multi-platform
Object-Oriented Programming
Obtaining and installing Python
Installing Python on Windows
Installing Python for Linux
Python collections
Lists
Reversing a List
Comprehension lists
Tuples
Dictionaries
Python functions and managing exceptions
Python functions
Managing exceptions
Python as an OOP language
Inheritance
The OMSTD methodology and STB Module for Python scripting
Python packages and modules
What is a module in Python?
Difference Between a Python Module and a Python Package
Passing parameters in Python
Managing dependencies in a Python project
Generating the requirements.txt file
Working with virtual environments
Using virtualenv and virtualwrapper
The STB (Security Tools Builder) module
The main development environments for script-development
Setting up a development environment
Pycharm
WingIDE
Debugging with WingIDE
Summary
Questions
Further reading
System Programming Packages
Technical requirements
Introducing system modules in python
The system module
The operating system module
Contents of the current working directory
Determining the operating system
Subprocess module
Working with the filesystem in Python
Accessing files and directories
Recursing through directories
Checking whether a specific path is a file or directory
Checking whether a file or directory exists
Creating directories in Python
Reading and writing files in Python
File methods
Opening a file
With a Context Manager
Reading a file line by line
Threads in Python
Introduction to Threads
Types of threads
Processes vs Threads
Creating a simple Thread
Threading module
Multithreading and concurrency in Python
Introduction to Multithreading
Multithreading in Python
Limitations with classic python threads
Concurrency in python with ThreadPoolExecutor
Creating ThreadPoolExecutor
ThreadPoolExecutor in practice
Executing ThreadPoolExecutor with Context Manager
Python Socket.io
Introducing WebSockets
aiohttp and asyncio
Implementing a Server with socket.io
Summary
Questions
Further reading
Socket Programming
Technical requirements
Introduction to sockets
Network sockets in Python
The socket module
Socket methods
Server socket methods
Client socket methods
Basic client with the socket module
Creating a simple TCP client and TCP server
Creating a server and client with sockets
Implementing the TCP serverIn this example we are going to create a multithreaded TCP server.
Implementing the TCP client
Creating a simple UDP client and UDP server
Introduction to the UDP protocol
UDP client and server with the socket module
Implementing the UDP Server
Implementing the UDP client
Resolving IP addresses and domains
Gathering information with sockets
Reverse lookup
Practical use cases for sockets
Port scanner with sockets
Managing socket exceptions
Summary
Questions
Further reading
HTTP Programming
Technical requirements
HTTP protocol and building HTTP clients in python
Introduction to the HTTP Protocol
Building an HTTP Client with httplib
Building an HTTP Client with urllib2
Introduction to urllib2
Response objects
Status codes
Checking HTTP headers with urllib2
Using the urllib2 Request class
Customizing requests with urllib2
Getting emails from a URL with urllib2
Getting links from a URL with urllib2
Building an HTTP Client with requests
Introduction to requests
Requests advantages
Making GET Requests with the REST API
Making POST Requests with the REST API
Making Proxy Requests
Managing exceptions with requests
Authentication mechanisms with Python
Authentication with the requests module
HTTP Basic authentication
HTTP Digest Authentication
Summary
Questions
Further Reading
Analyzing Network Traffic
Technical requirements
Capturing and injecting packets with pcapy
Introduction to pcapy
Capturing packets with pcapy
Reading headers from packets
Capturing and injecting packets with scapy
What can we do with scapy?
Scapy advantages and disadvantages
Introduction to scapy
Scapy commands
Sending packets with scapy
Packet-sniffing with scapy
Using Lamda functions with scapy
Filtering UDP packets
Port-scanning and traceroute with scapy
Port-scanning with scapy
Traceroute command with scapy
Reading pcap files with scapy
Introduction to the PCAP format
Reading pcap files with scapy
Writing a pcap file
Sniffing from a pcap file with scapy
Network Forensic with scapy
Summary
Questions
Further reading
Gathering Information from Servers
Technical requirements
Introduction to gathering information
Extracting information from servers with Shodan
Introduction to Shodan
Accessing Shodan services
Shodan filters
Shodan search with python
Performing searches by a given host
Searching for FTP servers
Using python to obtain server information
Extracting servers banners with python
Finding whois information about a server
Getting information on dns servers with DNSPython
DNS protocol
DNS servers
The DNSPython module
Getting vulnerable addresses in servers with Fuzzing
The Fuzzing process
The FuzzDB project
Fuzzing with python with pywebfuzz
Summary
Questions
Further reading
Interacting with FTP SSH and SNMP Servers
Technical requirements
Connecting with FTP servers
The File Transfer Protocol (FTP)
The Python ftplib module
Transferring files with FTP
Using ftplib to brute force FTP user credentials
Building an anonymous FTP scanner with Python
Connecting with SSH servers
The Secure Shell (SSH) protocol
Introduction to Paramiko
Installing Paramiko
Establishing SSH connection with Paramiko
Running commands with Paramiko
SSH connection with brute-force processing
SSH connection with pxssh
Running a command on a remote SSH server
Connecting with SNMP servers
The Simple Network Management Protocol (SNMP)
PySNMP
Summary
Questions
Further reading
Working with Nmap Scanners
Technical requirements
Introducing port scanning with Nmap
Introducing to port scanning
Scanning types with Nmap
Port scanning with python-nmap
Introduction to python-nmap
Installing python-nmap
Using python-nmap
Scan modes with python-nmap
Synchronous scanning
Asynchronous scanning
Vulnerabilities with Nmap scripts
Executing Nmap scripts to detect vulnerabilities
Detecting vulnerabilities in FTP service
Summary
Questions
Further reading
Connecting with the Metasploit Framework
Technical requirements
Introducing the Metasploit framework
Introduction to exploiting
Metasploit framework
Metasploit architecture
Interacting with the Metasploit framework
Introduction to msfconsole
Introduction to the Metasploit exploit module
Introduction to the Metasploit payload module
Introduction to msgrpc
Connecting the Metasploit framework and Python
Introduction to MessagePack
Installing python-msfrpc
Executing API calls
Exploiting the Tomcat service with Metasploit
Using the tomcat_mgr_deploy exploit
Connecting Metasploit with pyMetasploit
Introduction to PyMetasploit
Interacting with the Metasploit framework from python
Summary
Questions
Further reading
Interacting with the Vulnerabilities Scanner
Technical requirements
Introducing vulnerabilities
Vulnerabilities and exploits
What is a vulnerability?
What is an exploit?
Vulnerabilities format
Introducing the Nessus Vulnerabilities scanner
Installing the Nessus Vulnerabilities scanner
Executing the Nessus Vulnerabilities scanner
Identifying vulnerabilities with Nessus
Accessing the Nessus API with Python
Installing the nessrest Python module
Interacting with the nesssus server
Introducing the Nexpose Vulnerabilities scanner
Installing the Nexpose Vulnerabilities scanner
Executing the Nexpose Vulnerabilities scanner
Accessing the Nexpose API with Python
Installing the pynexpose Python Module
Summary
Questions
Further reading
Identifying Server Vulnerabilities in Web Applications
Technical requirements
Introducing vulnerabilities in web applications with OWASP
Introduction to OWASP
OWASP common attacks
Testing Cross-site scripting (XSS)
W3af scanner vulnerabilities in web applications
W3af overview
W3AF profiles
W3af install
W3af in Python
Discovering sql vulnerabilities with Python tools
Introduction to SQL injection
Identifying pages vulnerable to SQL Injection
Introducing SQLmap
Installing SQLmap
Using SQLMAP to test a website for a SQL Injection vulnerability
Other commands
Other tools for detecting SQL Injection vulnerabilities
DorkMe
XSScrapy
Testing heartbleed and SSL/TLS vulnerabilities
Introducing OpenSSL
Finding vulnerable servers in Shodan
Heartbleed vulnerability (OpenSSL CVE-2014-0160)
Other tools for testing openssl vulnerability
Heartbleed-masstest
Scanning for Heartbleed with the nmap port scanner
Analyzing SSL/TLS configurations with SSLyze script
Other services
Summary
Questions
Further reading
Extracting Geolocation and Metadata from Documents Images and Browsers
Technical Requirements
Extracting geolocation information
Introduction to geolocation
Introduction to Pygeoip
Introduction to pygeocoder
The MaxMind database in Python
Extracting metadata from images
Introduction to Exif and the PIL module
Getting the EXIF data from an image
Understanding Exif Metadata
Extracting metadata from web images
Extracting metadata from pdf documents
Introduction to PyPDF2
Peepdf
Identifying the technology used by a website
Introduction to the builtwith module
Wappalyzer
wig – webapp information gatherer
Extracting metadata from web browsers
Firefox Forensics in Python with dumpzilla
Dumpzilla command line
Firefox forensics in Python with firefeed
Chrome forensics with python
Chrome forensics with Hindsight
Summary
Questions
Further reading
Cryptography and Steganography
Technical requirements
Encrypting and decrypting information with pycrypto
Introduction to cryptography
Introduction to pycrypto
Encrypting and decrypting with the DES algorithm
Encrypting and decrypting with the AES algorithm
File encryption with AES
File decryption with AES
Encrypting and decrypting information with cryptography
Introduction to cryptography
Symmetric encryption with the fernet package
Using passwords with the fernet package
Symmetric encryption with the ciphers package
Steganography techniques for hiding information in images
Introduction to Steganography
Steganography with Stepic
Hiding data inside images with stepic
Summary
Questions
Further reading
Assessments
Chapter 1 : Working with Python Scripting
Chapter 2: System Programming Packages
Chapter 3: Socket Programming
Chapter 4: HTTP Programming
Chapter 5: Analyzing Network Traffic
Chapter 6: Gathering Information from Servers
Chapter 7: Interacting with FTP SSH and SNMP Servers
Chapter 8: Working with Nmap Scanners
Chapter 9: Connecting with the Metasploit Framework
Chapter 10: Interacting with the Vulnerabilities Scanner
Chapter 11: Identifying Server Vulnerabilities in Web Applications
Chapter 12: Extracting Geolocation and Metadata from Documents Images and Browsers
Chapter 13: Cryptography and Steganography
Other Books You May Enjoy
Leave a review - let other readers know what you think
更新时间:2021-07-16 17:41:05