This book explains how to see one's own network through the eyes of an attacker, to understand their techniques and effectively protect against them. Through Python code samples the reader learns to code tools on subjects such as password sniffing, ARP poisoning, DNS spoofing, SQL injection, Google harvesting, Bluetooth and Wifi hacking. Furthermore the reader will be introduced to defense methods such as intrusion detection and prevention systems and log file analysis by diving into code.
Author(s): Bastian Ballmann
Edition: 2
Publisher: Springer
Year: 2021
Language: English
Commentary: Vector PDF
Pages: 235
City: New York, NY
Tags: Wi-Fi; Security; Python; Penetration Testing; DNS; HTTP; OSI Model; Network Programming; TCP/IP; Scapy; Bluetooth; Network Topology; Hacking
Introduction
Foreword
Contents
1 Installation
1.1 The Right Operating System
1.2 The Right Python Version
1.3 Development Environment
1.4 Python Modules
1.5 Pip
1.6 Virtualenv
2 Network 4 Newbies
2.1 Components
2.2 Topologies
2.3 ISO/OSI Layer Model
2.4 Ethernet
2.5 VLAN
2.6 ARP
2.7 IP
2.8 ICMP
2.9 TCP
2.10 UDP
2.11 An Example Network
2.12 Architecture
2.13 Gateway
2.14 Router
2.15 Bridge
2.16 Proxies
2.17 Virtual Private Networks
2.18 Firewalls
2.19 Man-in-the-middle-Attacks
3 Python Basics
3.1 Every Start is Simple
3.2 The Python Philosophy
3.3 Data Types
3.4 Data Structures
3.5 Functions
3.6 Control Structures
3.7 Modules
3.8 Exceptions
3.9 Regular Expressions
3.10 Sockets
4 Layer 2 attacks
4.1 Required modules
4.2 ARP-Cache-Poisoning
4.3 ARP-Watcher
4.4 MAC-Flooder
4.5 VLAN hopping
4.6 Let's play switch
4.7 ARP spoofing over VLAN hopping
4.8 DTP abusing
4.9 Tools
4.9.1 NetCommander
4.9.2 Hacker's Hideaway ARP Attack Tool
4.9.3 Loki
5 TCP / IP Tricks
5.1 Required Modules
5.2 A Simple Sniffer
5.3 Reading and Writing PCAP Dump Files
5.4 Password Sniffer
5.5 Sniffer Detection
5.6 IP-Spoofing
5.7 SYN-Flooder
5.8 Port-scanning
5.9 Port-scan Detection
5.10 ICMP-Redirection
5.11 RST Daemon
5.12 Automatic Hijack Daemon
5.13 Tools
5.13.1 Scapy
6 WHOIS DNS?
6.1 Protocol Overview
6.2 Required Modules
6.3 Questions About Questions
6.4 WHOIS
6.5 DNS Dictionary Mapper
6.6 Reverse DNS Scanner
6.7 DNS-Spoofing
6.8 Tools
6.8.1 Chaosmap
7 HTTP Hacks
7.1 Protocol Overview
7.2 Web Services
7.3 Required Modules
7.4 HTTP Header Dumper
7.5 Referer Spoofing
7.6 The Manipulation of Cookies
7.7 HTTP-Auth Sniffing
7.8 Webserver Scanning
7.9 SQL Injection
7.10 Command Injection
7.11 Cross-Site-Scripting
7.12 HTTPS
7.13 SSL / TLS Sniffing
7.14 Drive-by-Download
7.15 Proxy Scanner
7.16 Proxy Port Scanner
7.17 Tools
7.17.1 SSL Strip
7.17.2 Cookie Monster
7.17.3 Sqlmap
7.17.4 W3AF
8 Wifi Fun
8.1 Protocol Overview
8.2 Required Modules
8.3 Wifi Scanner
8.4 Wifi Sniffer
8.5 Probe-Request Sniffer
8.6 Hidden SSID
8.7 MAC-Address-Filter
8.8 WEP
8.9 WPA
8.10 WPA2
8.11 Wifi-Packet-Injection
8.12 Playing Wifi Client
8.13 Deauth
8.14 PMKID
8.15 WPS
8.16 Wifi Man-in-the-Middle
8.17 Wireless Intrusion Detection
8.18 Tools
8.18.1 KRACK Attack
8.18.2 KrØØk attack
8.18.3 WiFuzz
8.18.4 Pyrit
8.18.5 Wifiphisher
9 Feeling Bluetooth on the Tooth
9.1 Protocol Overview
9.2 BLE – Bluetooth Low Energy
9.3 Required Modules
9.4 Bluetooth-Scanner
9.5 BLE-Scanner
9.6 GAP
9.7 GATT
9.8 SDP-Browser
9.9 RFCOMM-Channel-Scanner
9.10 OBEX
9.11 BIAS
9.12 KNOB Attack
9.13 BlueBorne
9.14 Blue Snarf Exploit
9.15 Blue Bug Exploit
9.16 Bluetooth-Spoofing
9.17 Sniffing
9.18 Tools
9.18.1 BlueMaho
9.18.2 BtleJack
10 Bargain box Kung Fu
10.1 Required Modules
10.2 Spoofing e-mail Sender
10.3 DHCP Hijack
10.4 IP Brute Forcer
10.5 Google-Hacks-Scanner
10.6 SMB-Share-Scanner
10.7 Login Watcher
A Scapy reference
A.1 Protocols
A.2 Functions
Secondary links
Index
