Python Penetration Testing Cookbook

Buffer overflow

How to do it...

Generating shell code

Global offset table

Getting ready

Format string exploitation

Introduction

Linux Exploit Development

How to do it...

Getting ready

Egg hunters

How to do it...

Getting ready

Structured Exception Handling

How to do it...

Installing Mona

Getting ready

Buffer overflow with saved return pointer overwrite

How to do it...

Thread Environment Block (TEB)

Process Environment Block (PEB)

Program image and dynamic link libraries

The heap

The stack

Getting ready

Windows memory layout

Introduction

Windows Exploit Development

How to do it...

CPU instructions

How to do it...

Memory dump

How to do it...

Special purpose registers

General purpose registers

Getting ready

CPU registers

Introduction

Introduction to Exploit Development

How to do it...

Password sniffer with Python over LAN

How to do it...

SYN flooding

How to do it...

IP spoofing

Introduction

TCP/IP Attacks

How to do it...

DHCP starvation

How to do it...

ARP spoofing over VLAN hopping

How to do it...

VLAN hopping

How to do it...

MAC flooder

How to do it...

macOS

Linux

Getting ready

ARP cache poisoning

How to do it...

ARP Watcher

Introduction

Layer 2 Attacks

How to do it...

Fake access points with Scapy

How to do it...

Dictionary attack on hidden SSIDs

How to do it...

Exposing hidden SSIDs

How to do it...

Finding SSIDs

macOS

Linux

How to do it...

Getting ready

Finding Wi-Fi devices

Introduction

Wi-Fi Sniffing

How to do it...

ARP man-in-the-middle tool with Scapy

How to do it...

Sniffing packets

How to do it...

Reading and writing to pcap files

How to do it...

Layering packets

How to do it...

Sending and receiving packets with Scapy

How to do it...

Getting ready

Creating a packet with Scapy

Introduction

Scapy Basics

How to do it...

Getting ready

PyShark

How to do it...

Parsing the packet

How to do it...

Getting ready

Packet sniffer in Python

Introduction

Network Sniffing with Python

How to do it...

Getting ready

LanScan

How to do it...

TCP ACK scanning

How to do it...

XMAS scanning

How to do it...

FIN scanning

How to do it...

Getting ready

Stealth scanning

How to do it...

Getting ready

IP range/network scanner

How to do it...

Getting ready

Simple port scanner

Introduction

Network Scanning with Python

How to do it...

Getting ready

Scraping after logging into websites using Scrapy

How to do it...

Link extractor with Scrapy

How to do it...

Scrapy shell

How to do it...

Getting ready

Web spiders with Scrapy

Introduction

Web Scraping with Scrapy and BeautifulSoup

How to do it...

Getting ready

Parsing XML data

How to do it...

Getting ready

Extracting data from HTML documents

How to do it...

Getting ready

Parsing HTML tables

Introduction

Data Parsing with Python

How to do it...

Dynamic GET requests

How to do it...

Escaping invalid characters

Requesting and downloading dynamic website pages

How to do it...

Using a regular expression to get the information from the downloaded web pages

How to do it...

Getting ready

Downloading files

How to do it...

Changing the user agent

With Python 3

With Python 2

How to do it...

Getting ready

Download web pages with Python scripts

Introduction

Web Scraping with Python

How to do it...

Setting up a Python environment in Windows

Installing Python

How to do it...

Getting ready

Setting up a Python environment in macOS

Setting up the editor or IDE

Setting up a virtual environment

Installing Python

How to do it...

Getting ready

Setting up a Python environment in Linux

Introduction

Setting Up a Python Environment

Key differences between Python 2.7 and Python 3

Python 2.7

Python 3

Python 2

How to do it...

Getting ready

Python 3 language basics and differences

Cross-platform (code anywhere)

Powerful third-party libraries

Simple learning curve

Syntax and indented layout

Python can be used in both and interpreted and compiled forms

How to do it...

Getting ready

Why Python is a great option for security scripting

Introduction

Why Python in Penetration Testing?

Questions

Piracy

Errata

Downloading the color images of this book

Downloading the example code

Customer support

Reader feedback

Conventions

How to do it…

Getting ready

Sections

Who this book is for

What you need for this book

What this book covers

Preface

Customer Feedback

Why subscribe?

www.PacktPub.com

About the Reviewers

About the Author

Credits

版权信息

封面

封面

版权信息

Credits

About the Author

About the Reviewers

www.PacktPub.com

Why subscribe?

Customer Feedback

Preface

What this book covers

What you need for this book

Who this book is for

Sections

Getting ready

How to do it…

Conventions

Reader feedback

Customer support

Downloading the example code

Downloading the color images of this book

Errata

Piracy

Questions

Why Python in Penetration Testing?

Introduction

Why Python is a great option for security scripting

Getting ready

How to do it...

Python can be used in both and interpreted and compiled forms

Syntax and indented layout

Simple learning curve

Powerful third-party libraries

Cross-platform (code anywhere)

Python 3 language basics and differences

Getting ready

How to do it...

Python 2

Python 3

Python 2.7

Key differences between Python 2.7 and Python 3

Setting Up a Python Environment

Introduction

Setting up a Python environment in Linux

Getting ready

How to do it...

Installing Python

Setting up a virtual environment

Setting up the editor or IDE

Setting up a Python environment in macOS

Getting ready

How to do it...

Installing Python

Setting up a Python environment in Windows

How to do it...

Web Scraping with Python

Introduction

Download web pages with Python scripts

Getting ready

How to do it...

With Python 2

With Python 3

Changing the user agent

How to do it...

Downloading files

Getting ready

How to do it...

Using a regular expression to get the information from the downloaded web pages

How to do it...

Requesting and downloading dynamic website pages

Escaping invalid characters

How to do it...

Dynamic GET requests

How to do it...

Data Parsing with Python

Introduction

Parsing HTML tables

Getting ready

How to do it...

Extracting data from HTML documents

Getting ready

How to do it...

Parsing XML data

Getting ready

How to do it...

Web Scraping with Scrapy and BeautifulSoup

Introduction

Web spiders with Scrapy

Getting ready

How to do it...

Scrapy shell

How to do it...

Link extractor with Scrapy

How to do it...

Scraping after logging into websites using Scrapy

Getting ready

How to do it...

Network Scanning with Python

Introduction

Simple port scanner

Getting ready

How to do it...

IP range/network scanner

Getting ready

How to do it...

Stealth scanning

Getting ready

How to do it...

FIN scanning

How to do it...

XMAS scanning

How to do it...

TCP ACK scanning

How to do it...

LanScan

Getting ready

How to do it...

Network Sniffing with Python

Introduction

Packet sniffer in Python

Getting ready

How to do it...

Parsing the packet

How to do it...

PyShark

Getting ready

How to do it...

Scapy Basics

Introduction

Creating a packet with Scapy

Getting ready

How to do it...

Sending and receiving packets with Scapy

How to do it...

Layering packets

How to do it...

Reading and writing to pcap files

How to do it...

Sniffing packets

How to do it...

ARP man-in-the-middle tool with Scapy

How to do it...

Wi-Fi Sniffing

Introduction

Finding Wi-Fi devices

Getting ready

How to do it...

Linux

macOS

Finding SSIDs

How to do it...

Exposing hidden SSIDs

How to do it...

Dictionary attack on hidden SSIDs

How to do it...

Fake access points with Scapy

How to do it...

Layer 2 Attacks

Introduction

ARP Watcher

How to do it...

ARP cache poisoning

Getting ready

Linux

macOS

How to do it...

MAC flooder

How to do it...

VLAN hopping

How to do it...

ARP spoofing over VLAN hopping

How to do it...

DHCP starvation

How to do it...

TCP/IP Attacks

Introduction

IP spoofing

How to do it...

SYN flooding

How to do it...

Password sniffer with Python over LAN

How to do it...

Introduction to Exploit Development

Introduction

CPU registers

Getting ready

General purpose registers

Special purpose registers

How to do it...

Memory dump

How to do it...

CPU instructions

How to do it...

Windows Exploit Development

Introduction

Windows memory layout

Getting ready

The stack

The heap

Program image and dynamic link libraries

Process Environment Block (PEB)

Thread Environment Block (TEB)

How to do it...

Buffer overflow with saved return pointer overwrite

Getting ready

Installing Mona

How to do it...

Structured Exception Handling

Getting ready

How to do it...

Egg hunters

Getting ready

How to do it...

Linux Exploit Development

Introduction

Format string exploitation

Getting ready

Global offset table

Generating shell code

How to do it...

Buffer overflow