Gain a firm, practical understanding of securing your network and utilize Python's packages to detect vulnerabilities in your application
Key Features
• Discover security techniques to protect your network and systems using Python
• Create scripts in Python to automate security and pentesting tasks
• Analyze traffic in a network and extract information using Python
Book Description
Python's latest updates add numerous libraries that can be used to perform critical security-related missions, including detecting vulnerabilities in web applications, taking care of attacks, and helping to build secure and robust networks that are resilient to them. This fully updated third edition will show you how to make the most of them and improve your security posture.
The first part of this book will walk you through Python scripts and libraries that you'll use throughout the book. Next, you'll dive deep into the core networking tasks where you will learn how to check a network's vulnerability using Python security scripting and understand how to check for vulnerabilities in your network – including tasks related to packet sniffing. You'll also learn how to achieve endpoint protection by leveraging Python packages along with writing forensics scripts.
The next part of the book will show you a variety of modern techniques, libraries, and frameworks from the Python ecosystem that will help you extract data from servers and analyze the security in web applications. You'll take your first steps in extracting data from a domain using OSINT tools and using Python tools to perform forensics tasks.
By the end of this book, you will be able to make the most of Python to test the security of your network and applications.
What you will learn
• Program your own tools in Python that can be used in a Network Security process
• Automate tasks of analysis and extraction of information from servers
• Detect server vulnerabilities and analyze security in web applications
• Automate security and pentesting tasks by creating scripts with Python
• Utilize the ssh-audit tool to check the security in SSH servers
• Explore WriteHat as a pentesting reports tool written in Python
• Automate the process of detecting vulnerabilities in applications with tools like Fuxploider
Who this book is for
This Python book is for network engineers, system administrators, and other security professionals looking to overcome common networking and security issues using Python. You will also find this book useful if you're an experienced programmer looking to explore Python's full range of capabilities. A basic understanding of general programming structures as well as familiarity with the Python programming language is a prerequisite.
Author(s): José Manuel Ortega
Edition: 1
Publisher: Packt Publishing
Year: 2023
Language: English
Commentary: Publisher's PDF
Pages: 586
City: Birmingham, UK
Tags: Programming; Multithreading; Security; Python; Network Traffic Analysis; Concurrency; HTTP; Cryptography; Network Security; PDF; Networking; Vulnerability Scanning; OSINT; SSH; OAuth; OpenVAS; Scapy; FTP; Port Scanning; Packet Sniffing; Brute Force; TCP; Packet Analysis; Packet Capture; Forensics; Metadata; Code Obfuscation; OWASP ZAP; Systems Programming; Nmap
Cover
Copyright
Table of Contents
Preface
Section 1: Python Environment and System Programming Tools
Chapter 1: Working with Python Scripting
Technical requirements
Learn about data structures and collections in Python
Python Lists
Adding elements to a list
Reversing a list
Searching elements in a list
Python tuples
Python dictionaries
Remove an item from a dictionary in Python
Working with functions, classes, and objects in Python
Python functions
Python classes
Python inheritance
Advantages of Python inheritance
Working with files in Python
Reading and writing files in Python
Learn and understand exceptions management in Python
Python modules and packages
What is a module in Python?
How to import modules in Python
Getting information from modules
Difference between a Python module and a Python package
Managing parameters in Python
Managing parameters with OptionParser
Managing dependencies and virtual environments
Managing dependencies in a Python project
Install Python modules
Generating the requirements.txt file
Working with virtual environments
Configuring virtualenv
Development environments for Python scripting
Setting up a development environment
Debugging with Python IDLE
PyCharm
Debugging with PyCharm
Summary
Questions
Further reading
Chapter 2: System Programming Packages
Technical requirements
Interact with the operating system in Python
Working with the filesystem in Python
Working with files and directories
Reading a ZIP file using Python
Executing commands with the subprocess module
Setting up a virtualenv with subprocess
Managing threads in Python
Creating a simple thread
Working with the threading module
Multiprocessing in Python
Multithreading and concurrency in Python
Multithreading in Python
Concurrency in Python with ThreadPoolExecutor
Executing ThreadPoolExecutor with a context manager
Summary
Questions
Further reading
Section 2: Network Scripting and Packet Sniffing with Python
Chapter 3: Socket Programming
Technical requirements
Understanding the socket package for network requests
Network sockets in Python
The socket module
Server and client socket methods
Gathering information with sockets
Managing socket exceptions
Basic client with the socket module
Port scanning with sockets
Implementing a port scanner
Advanced port scanner
Implementing a reverse shell with sockets
Implementing a simple TCP client and TCP server
Implementing a server and client with sockets
Implementing the TCP server
Implementing the TCP client
Implementing a simple UDP client and UDP server
Implementing the UDP server
Implementing the UDP client
Implementing an HTTP server in Python
Testing the HTTP server
Sending files via sockets
Implementing secure sockets with the TLS and SSL modules
Summary
Questions
Further reading
Chapter 4: HTTP Programming and Web Authentication
Technical requirements
Building an HTTP client with urllib.request
Introducing the HTTP protocol
Introducing the urllib module
Get request and response headers
Extracting emails from a URL with urllib.request
Downloading files with urllib.request
Handling exceptions with urllib.request
Building an HTTP client with requests
Getting images and links from a URL with requests
Making requests with the REST API
Managing a proxy with requests
Managing exceptions with requests
Authentication mechanisms with Python
HTTP basic authentication with the requests module
HTTP digest authentication with the requests module
Implementing OAuth clients in Python with the requests-oauthlib module
OAuth roles
OAuth workflow
Implementing a client with requests_oauthlib
Implementing JSON Web Tokens (JWTs) in Python
How does a JSON Web Token work?
Working with PyJWT
Summary
Questions
Further reading
Chapter 5: Analyzing Network Traffic and Packet Sniffing
Technical requirements
Capturing and injecting packets with pcapy-ng
Capturing packets with pcapy-ng
Reading headers from packets
Reading pcap files with pcapy-ng
Capturing and injecting packets with scapy
Introduction to scapy
Scapy commands
Sending packets with scapy
Network discovery with scapy
Port scanning and traceroute with scapy
Port scanning with scapy
Traceroute with scapy
Reading pcap files with scapy
Read DHCP requests
Writing a pcap file
Packet-sniffing with scapy
Network forensics with scapy
Working with scapy to detect ARP spoofing attacks
Detection of false ARP attacks using Scapy
Summary
Questions
Further reading
Section 3: Server Scripting and Port Scanning with Python
Chapter 6: Gathering Information from Servers with OSINT Tools
Technical requirements
Introducing Open Source Intelligence (OSINT)
Google Dorks and the Google Hacking Database
Maltego
Photon
The Harvester
Censys
crt.sh
DnsDumpster
WaybackMachine
OSINT framework
Blackbird
The Shodan search engine
The BinaryEdge search engine
Getting information using Google Dorks
Google Dorks
Katana: a Python Tool for Google Hacking
Dorks hunter
Getting information using SpiderFoot
SpiderFoot modules
Getting information on DNS servers with DNSPython and DNSRecon
The DNS protocol
The DNSPython module
DNSRecon
Getting vulnerable addresses in servers with fuzzing
The fuzzing process
Web fuzzing
Understanding and using the FuzzDB project
Identifying predictable login pages with the FuzzDB project
Discovering SQL injection with the FuzzDB project
Wfuzz
Summary
Questions
Further reading
Chapter 7: Interacting with FTP, SFTP, and SSH Servers
Technical requirements
Connecting to FTP servers
FTP protocol
Using the Python ftplib module
Transferring files with FTP
Other ftplib functions
Using ftplib to brute-force FTP user credentials
Building an anonymous FTP scanner with Python
Connecting with SSH servers with paramiko and pysftp
Executing an SSH server on Debian Linux
Introducing the paramiko module
Establishing an SSH connection with paramiko
Using AutoAddPolicy
Running commands with paramiko
Using paramiko to brute-force SSH user credentials
Establishing an SSH connection with pysftp
Implementing an SSH server with paramiko
Checking the security of SSH servers
Installing and executing ssh-audit
Rebex SSH Check
Summary
Questions
Further reading
Chapter 8: Working with Nmap Scanner
Technical requirements
Introducing port scanning with Nmap
Scanning types with nmap
Port scanning with python-nmap
Extracting information with nmap
Synchronous and asynchronous scanning with python-nmap
Implementing synchronous scanning
Implementing asynchronous scanning
Discovering services and vulnerabilities with Nmap scripts
Executing Nmap scripts to discover services
Executing Nmap scripts to discover vulnerabilities
Detecting vulnerabilities with Nmap-vulners script
Detecting vulnerabilities with the Nmap-vulscan script
Port scanning via online services
Scanless port scanner
Summary
Questions
Further reading
Section 4: Server Vulnerabilities and Security in Web Applications
Chapter 9: Interacting with Vulnerability Scanners
Technical requirements
Introducing the OpenVAS vulnerability scanner
Installing the OpenVAS vulnerability scanner
Understanding the web interface
Scanning a target using OpenVAS
Creating the target
Creating the task
Analyzing reports
Vulnerabilities databases
Accessing OpenVAS with Python
Introducing OWASP ZAP as an automated security testing tool
Using OWASP ZAP
Interacting with OWASP ZAP using Python
WriteHat as a pentesting reports tool
Summary
Questions
Further reading
Chapter 10: Interacting with Server Vulnerabilities in Web Applications
Technical requirements
Understanding vulnerabilities in web applications with OWASP
Testing Cross-Site Scripting (XSS) vulnerabilities
Analyzing and discovering vulnerabilities in CMS web applications
Using CMSmap
Vulnx as a CMS scanner
Discovering vulnerabilities in Tomcat server applications
Installing the Tomcat server
Testing the Tomcat server with ApacheTomcatScanner
Finding vulnerable Tomcat servers in the Censys search engine
Scanning vulnerabilities with the Nmap port scanner
Discovering SQL vulnerabilities with Python tools
Introduction to SQL injection
Identifying websites vulnerable to SQL injection
Introducing sqlmap
Using sqlmap to test a website for a SQL injection vulnerability
Scanning for SQL injection vulnerabilities with sqlifinder
Scanning for SQL injection vulnerabilities with the Nmap port scanner
Automating the process of detecting vulnerabilities in web applications
Detecting an open redirect vulnerability
Detecting vulnerabilities with Fuxploider
Summary
Questions
Further reading
Chapter 11: Obtain Information from Vulnerabilities Databases
Technical requirements
Identify and understand vulnerabilities and exploits
What is an exploit?
Vulnerability formats
Searching for vulnerabilities in the NVD
Introducing NIST’s NVD
Searching for vulnerabilities
Searching for vulnerabilities in the Vulners database
Searching for vulnerabilities with Pompem
Summary
Questions
Further reading
Section 5: Python Forensics
Chapter 12: Extracting Geolocation and Metadata from Documents, Images, and Browsers
Technical requirements
Extracting geolocation information
Python modules for extracting geolocation information
Extracting metadata from images
Introduction to EXIF and the PIL module
Getting the EXIF data from an image
Extracting metadata from PDF documents
Extracting metadata with PyPDF2
Extracting metadata with PyMuPDF
Identifying the technology used by a website
Wappalyzer
WebApp Information Gatherer (WIG)
Extracting metadata from web browsers
Firefox forensics with Python
Chrome forensics with Python
Chrome forensics with Hindsight
Summary
Questions
Further reading
Chapter 13: Python Tools for Brute-Force Attacks
Technical requirements
Dictionary builders for brute-force attacks
Brute-force dictionary generation with pydictor
Password list generator
Tools for brute-force attacks in Python
Obtaining subdomains by brute force
Brute-force attacks with BruteSpray
Brute-force attacks with Cerbrutus
Executing brute-force attacks for web applications
Executing a WordPress site
Executing brute-force attacks for ZIP files
Handling ZIP files in Python
Executing brute-force attacks for password-protected ZIP files
Summary
Questions
Further reading
Chapter 14: Cryptography and Code Obfuscation
Technical requirements
Introduction to cryptography
Encrypting and decrypting information with pycryptodome
Introduction to pycryptodome
Encrypting and decrypting with the DES algorithm
Encrypting and decrypting with the AES algorithm
Generating RSA signatures using pycryptodome
Encrypting and decrypting information with cryptography
Introduction to the cryptography module
Symmetric encryption with the fernet package
Symmetric encryption with the ciphers package
Generating keys securely with the secrets and hashlib modules
Generating keys securely with the secrets module
Generating keys securely with the hashlib module
Checking the integrity of a file
Python tools for code obfuscation
Code obfuscation with pyarmor
Summary
Questions
Further reading
Chapter 15: Assessments – Answers to the End-of-Chapter Questions
Packt page
Other Books You May Enjoy
Index