The document discusses using Python for ethical hacking and penetration testing. It provides reasons for using Python such as its ease of use, readable syntax, rich libraries, and existing tools. It then covers various Python libraries and frameworks used for tasks like reconnaissance, scanning, exploitation, and packet manipulation. Specific topics covered include file I/O, requests, sockets, scapy, and more.
Relayd is a daemon to relay and dynamically redirect incoming connections to a target host.
Its main purposes are to run as a load-balancer, application layer gateway, or transparent proxy.
Roll Your Own API Management Platform with nginx and LuaJon Moore
We recently replaced a proprietary API management solution with an in-house implementation built with nginx and Lua that let us get to a continuous delivery practice in a handful of months. Learn about our development process and the overall architecture that allowed us to write minimal amounts of code, enjoying native code performance while permitting interactive codeing, and how we leveraged other open source tools like Vagrant, Ansible, and OpenStack to build an automation-rich delivery pipeline. We will also take an in-depth look at our capacity management approach that differs from the rate limiting concept prevalent in the API community.
Relayd is a daemon to relay and dynamically redirect incoming connections to a target host.
Its main purposes are to run as a load-balancer, application layer gateway, or transparent proxy.
Roll Your Own API Management Platform with nginx and LuaJon Moore
We recently replaced a proprietary API management solution with an in-house implementation built with nginx and Lua that let us get to a continuous delivery practice in a handful of months. Learn about our development process and the overall architecture that allowed us to write minimal amounts of code, enjoying native code performance while permitting interactive codeing, and how we leveraged other open source tools like Vagrant, Ansible, and OpenStack to build an automation-rich delivery pipeline. We will also take an in-depth look at our capacity management approach that differs from the rate limiting concept prevalent in the API community.
Securing Prometheus exporters using HashiCorp VaultBram Vogelaar
Things like Infrastructure as Code, Service Discovery and Config Management can and have helped us to quickly build and rebuild infrastructure but we haven't nearly spend enough time to train our self to review, monitor and respond to outages. Does our platform degrade in a graceful way or what does a high cpu load really mean? What can we learn from level 1 outages to be able to run our platforms more reliably.
This talk will focus on on creating a secure prometheus exporter ecosystem using HashiCorp Vault where we can we be sure that we are not leaking any business metrics from our observability stack. After which we ll investigate how to automatically rotate the certificates we created to do so.
A gentle introduction to Observability and how to setup a highly available monitoring platform across multiple datacenters.
During this talk we will investigate how we can setup and monitor an monitoring setup across 2 DCs using Prometheus, Loki, Tempo, Alertmanager and Grafana. monitoring some services with some lessons learned along the way.
Python RESTful webservices with Python: Flask and Django solutionsSolution4Future
Slides contain RESTful solutions based on Python frameworks like Flask and Django. The presentation introduce in REST concept, presents benchmarks and research for best solutions, analyzes performance problems and shows how to simple get better results. Finally presents soruce code in Flask and Django how to make your own RESTful API in 15 minutes.
Video presentation: https://www.youtube.com/watch?v=jLAFXQ1Av50
Most applications written in Ruby are great, but also exists evil code applying WOP techniques. There are many workarounds in several programming languages, but in Ruby, when it happens, the proportion is bigger. It's very easy to write Ruby code with collateral damage.
You will see a collection of bad Ruby codes, with a description of how these codes affected negatively their applications and the solutions to fix and avoid them. Long classes, coupling, misapplication of OO, illegible code, tangled flows, naming issues and other things you can ever imagine are examples what you'll get.
Securing Prometheus exporters using HashiCorp VaultBram Vogelaar
Things like Infrastructure as Code, Service Discovery and Config Management can and have helped us to quickly build and rebuild infrastructure but we haven't nearly spend enough time to train our self to review, monitor and respond to outages. Does our platform degrade in a graceful way or what does a high cpu load really mean? What can we learn from level 1 outages to be able to run our platforms more reliably.
This talk will focus on on creating a secure prometheus exporter ecosystem using HashiCorp Vault where we can we be sure that we are not leaking any business metrics from our observability stack. After which we ll investigate how to automatically rotate the certificates we created to do so.
A gentle introduction to Observability and how to setup a highly available monitoring platform across multiple datacenters.
During this talk we will investigate how we can setup and monitor an monitoring setup across 2 DCs using Prometheus, Loki, Tempo, Alertmanager and Grafana. monitoring some services with some lessons learned along the way.
Python RESTful webservices with Python: Flask and Django solutionsSolution4Future
Slides contain RESTful solutions based on Python frameworks like Flask and Django. The presentation introduce in REST concept, presents benchmarks and research for best solutions, analyzes performance problems and shows how to simple get better results. Finally presents soruce code in Flask and Django how to make your own RESTful API in 15 minutes.
Video presentation: https://www.youtube.com/watch?v=jLAFXQ1Av50
Most applications written in Ruby are great, but also exists evil code applying WOP techniques. There are many workarounds in several programming languages, but in Ruby, when it happens, the proportion is bigger. It's very easy to write Ruby code with collateral damage.
You will see a collection of bad Ruby codes, with a description of how these codes affected negatively their applications and the solutions to fix and avoid them. Long classes, coupling, misapplication of OO, illegible code, tangled flows, naming issues and other things you can ever imagine are examples what you'll get.
A New Era of SSRF - Exploiting URL Parser in Trending Programming Languages! ...CODE BLUE
We propose a new exploit technique that brings a whole-new attack surface to bypass SSRF (Server Side Request Forgery) protections. This is a very general attack approach, in which we used in combination with our own fuzzing tool to discover many 0days in built-in libraries of very widely-used programming languages, including Python, PHP, Perl, Ruby, Java, JavaScript, Wget and cURL. The root cause of the problem lies in the inconsistency of URL parsers and URL requesters.
Being a very fundamental problem that exists in built-in libraries, sophisticated web applications such as WordPress (27% of the Web), vBulletin, MyBB and GitHub can also suffer, and 0days have been discovered in them via this technique. This general technique can also adapt to various code contexts and lead to protocol smuggling and SSRF bypassing. Several scenarios will be demonstrated to illustrate how URL parsers can be exploited to bypass SSRF protection and achieve RCE (Remote Code Execution), which is the case in our GitHub Enterprise demo.
Understanding the basics of this technique, the audience won’t be surprised to know that more than 20 vulnerabilities have been found in famous programming languages and web applications aforementioned via this technique.
fog or: How I Learned to Stop Worrying and Love the CloudWesley Beary
Learn how to easily get started on cloud computing with fog. If you can control your infrastructure choices, you’ll make better choices in development and get what you need in production. You'll get an overview of fog and concrete examples to give you a head start on your provisioning workflow.
fog or: How I Learned to Stop Worrying and Love the Cloud (OpenStack Edition)Wesley Beary
Cloud computing scared the crap out of me - the quirks and nightmares of provisioning cloud computing, dns, storage, ... on AWS, Terremark, Rackspace, ... - I mean, where do you even start?
Since I couldn't find a good answer, I undertook the (probably insane) task of creating one. fog gives you a place to start by creating abstractions that work across many different providers, greatly reducing the barrier to entry (and the cost of switching later). The abstractions are built on top of solid wrappers for each api. So if the high level stuff doesn't cut it you can dig in and get the job done. On top of that, mocks are available to simulate what clouds will do for development and testing (saving you time and money).
You'll get a whirlwind tour of basic through advanced as we create the building blocks of a highly distributed (multi-cloud) system with some simple Ruby scripts that work nearly verbatim from provider to provider. Get your feet wet working with cloud resources or just make it easier on yourself as your usage gets more complex, either way fog makes it easy to get what you need from the cloud.
The OpenStack Edition adds my concerns about OpenStack API development, including things that have already been fixed and things that we haven't yet encountered. Hopefully this consumer perspective can help shed light on some rough spots.
Memcacheas UDP Reflectors: A Massive Amplified DDoSthe World(Attack Formulation and Mitigation) by
Muhammad Morshed Alam, AmberIT Limited.morshed@amberit.com.bd
Practical non blocking microservices in java 8Michal Balinski
How to write application in Java 8 that do not waste resources and which can maximize effective utilization of CPU/RAM. Comparison of blocking and non-blocking approach for I/O and application services. Based on microservices implementing simple business logic in security/cryptography/payments domain. Demonstration of following aspects:
* NIO at all edges of application
* popular libraries that support NIO
* single instance scalability
* performance metrics (incl. throughput and latency)
* resources utilization
* code readability with CompletableFuture
* application maintenance and debugging
All above based on our experiences gathered during development of software platforms at Oberthur Technologies R&D Poland.
Handy Networking Tools and How to Use ThemSneha Inguva
When I joined the networking team at DigitalOcean a few years ago, I dove into an entirely different world of software-defined networking in the data center. Virtual switches, networking protocols — these were concepts that I had encountered at the surface level before — but now I frequently found myself debugging them. With time, I came to rely on a variety of Linux networking tools for introspecting, troubleshooting, and examining network state. In this talk, I’ll share some of my favorite Linux networking tools and discuss scenarios in which they are quite helpful.
Capturing NIC and Kernel TX and RX Timestamps for Packets in GoScyllaDB
Go gives us net.Dial and net.Listen for sending and receiving data at Layer 4. Now you will see how to send and receive raw packets directly to and from the NIC at Layer 1 to get timestamp information from timestamping-enabled NICs and when packets enter and leave the Linux kernel. Capturing these timestamps allows us to get better granularity when measuring latency and jitter instead of relying on time.Now() in userspace where that is subject to additional time introduced by the OS and Go runtime schedulers.
جلسه ۱۸۶ تهران لاگ
By: Mohammad reza Kamalifard
این ارائه در خصوص انواع حمله کنندگان آنلاین ، حملات دولت ها حریم شخصی کاربران و راه حل ها آن محصولی از DSME است
http://datasec.ir
ارائه شده توسط: محمد رضا کمالی فرد
در این جلسه از کلاس به معرفی ساختار های داده ای در زبان پایتون و معرفی رشته ها و اعداد میپردازیم
PySec101 Fall 2013 J2E1 By Mohammad Reza Kamalifard
Talk About
Python Data Structures, Strings, Numbers,...
در این جلسه از کلاس به ساختار های داده
Set, Tuple, Dictionary
پرداختیم
PySec101 Fall 2013 J3E1 By Mohammad Reza Kamalifard
Talk About :
Sets,Tuples and Dictionary Data Types in Python
در این جلسه به بررسی ساختار های شرطی و حلقه ها در پایتون پرداختیم
PySec101 Fall 2013 J4E1 By Mohammad Reza Kamalifard
Talk About:
Statements: Conditional Statements and Loop Statements
در جلسه به بررسی ماژول ها و برنامه نویسی ماژولار در پایتون پرداختیم
PySec101 Fall 2013 J5E2 By Mohammad Reza Kamalifard
Talk About:
Modular programming and Python modules
در این جلسه به بحث
Namespace
Local and Global variables
پرداختیم
PySec101 Fall 2013 J6E2 By Mohammad Reza Kamalifard
Talk About:
Namespace and Local,Global variables in Python
در این جلسه به بررسی بحث برنامه نویسی شی گرا و کلاس ها در پایتون پرداختیم
PySec101 Fall 2013 J7E1 By Mohammad Reza Kamalifard
Talk About:
Object oriented programming and Classes in Python
در این جلسه از کلاس در خصوص تاریخچه پایتون و زبان پایتون صحبت شد
PySec101 Fall 2013 J1E1 By Mohammad Reza Kamalifard
Talk about : Python History and Python language Essentials.
Francesca Gottschalk - How can education support child empowerment.pptxEduSkills OECD
Francesca Gottschalk from the OECD’s Centre for Educational Research and Innovation presents at the Ask an Expert Webinar: How can education support child empowerment?
Macroeconomics- Movie Location
This will be used as part of your Personal Professional Portfolio once graded.
Objective:
Prepare a presentation or a paper using research, basic comparative analysis, data organization and application of economic information. You will make an informed assessment of an economic climate outside of the United States to accomplish an entertainment industry objective.
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...Levi Shapiro
Letter from the Congress of the United States regarding Anti-Semitism sent June 3rd to MIT President Sally Kornbluth, MIT Corp Chair, Mark Gorenberg
Dear Dr. Kornbluth and Mr. Gorenberg,
The US House of Representatives is deeply concerned by ongoing and pervasive acts of antisemitic
harassment and intimidation at the Massachusetts Institute of Technology (MIT). Failing to act decisively to ensure a safe learning environment for all students would be a grave dereliction of your responsibilities as President of MIT and Chair of the MIT Corporation.
This Congress will not stand idly by and allow an environment hostile to Jewish students to persist. The House believes that your institution is in violation of Title VI of the Civil Rights Act, and the inability or
unwillingness to rectify this violation through action requires accountability.
Postsecondary education is a unique opportunity for students to learn and have their ideas and beliefs challenged. However, universities receiving hundreds of millions of federal funds annually have denied
students that opportunity and have been hijacked to become venues for the promotion of terrorism, antisemitic harassment and intimidation, unlawful encampments, and in some cases, assaults and riots.
The House of Representatives will not countenance the use of federal funds to indoctrinate students into hateful, antisemitic, anti-American supporters of terrorism. Investigations into campus antisemitism by the Committee on Education and the Workforce and the Committee on Ways and Means have been expanded into a Congress-wide probe across all relevant jurisdictions to address this national crisis. The undersigned Committees will conduct oversight into the use of federal funds at MIT and its learning environment under authorities granted to each Committee.
• The Committee on Education and the Workforce has been investigating your institution since December 7, 2023. The Committee has broad jurisdiction over postsecondary education, including its compliance with Title VI of the Civil Rights Act, campus safety concerns over disruptions to the learning environment, and the awarding of federal student aid under the Higher Education Act.
• The Committee on Oversight and Accountability is investigating the sources of funding and other support flowing to groups espousing pro-Hamas propaganda and engaged in antisemitic harassment and intimidation of students. The Committee on Oversight and Accountability is the principal oversight committee of the US House of Representatives and has broad authority to investigate “any matter” at “any time” under House Rule X.
• The Committee on Ways and Means has been investigating several universities since November 15, 2023, when the Committee held a hearing entitled From Ivory Towers to Dark Corners: Investigating the Nexus Between Antisemitism, Tax-Exempt Universities, and Terror Financing. The Committee followed the hearing with letters to those institutions on January 10, 202
Instructions for Submissions thorugh G- Classroom.pptxJheel Barad
This presentation provides a briefing on how to upload submissions and documents in Google Classroom. It was prepared as part of an orientation for new Sainik School in-service teacher trainees. As a training officer, my goal is to ensure that you are comfortable and proficient with this essential tool for managing assignments and fostering student engagement.
Acetabularia Information For Class 9 .docxvaibhavrinwa19
Acetabularia acetabulum is a single-celled green alga that in its vegetative state is morphologically differentiated into a basal rhizoid and an axially elongated stalk, which bears whorls of branching hairs. The single diploid nucleus resides in the rhizoid.
How to Make a Field invisible in Odoo 17Celine George
It is possible to hide or invisible some fields in odoo. Commonly using “invisible” attribute in the field definition to invisible the fields. This slide will show how to make a field invisible in odoo 17.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
Biological screening of herbal drugs: Introduction and Need for
Phyto-Pharmacological Screening, New Strategies for evaluating
Natural Products, In vitro evaluation techniques for Antioxidants, Antimicrobial and Anticancer drugs. In vivo evaluation techniques
for Anti-inflammatory, Antiulcer, Anticancer, Wound healing, Antidiabetic, Hepatoprotective, Cardio protective, Diuretics and
Antifertility, Toxicity studies as per OECD guidelines
A Strategic Approach: GenAI in EducationPeter Windle
Artificial Intelligence (AI) technologies such as Generative AI, Image Generators and Large Language Models have had a dramatic impact on teaching, learning and assessment over the past 18 months. The most immediate threat AI posed was to Academic Integrity with Higher Education Institutes (HEIs) focusing their efforts on combating the use of GenAI in assessment. Guidelines were developed for staff and students, policies put in place too. Innovative educators have forged paths in the use of Generative AI for teaching, learning and assessments leading to pockets of transformation springing up across HEIs, often with little or no top-down guidance, support or direction.
This Gasta posits a strategic approach to integrating AI into HEIs to prepare staff, students and the curriculum for an evolving world and workplace. We will highlight the advantages of working with these technologies beyond the realm of teaching, learning and assessment by considering prompt engineering skills, industry impact, curriculum changes, and the need for staff upskilling. In contrast, not engaging strategically with Generative AI poses risks, including falling behind peers, missed opportunities and failing to ensure our graduates remain employable. The rapid evolution of AI technologies necessitates a proactive and strategic approach if we are to remain relevant.
Unit 8 - Information and Communication Technology (Paper I).pdfThiyagu K
This slides describes the basic concepts of ICT, basics of Email, Emerging Technology and Digital Initiatives in Education. This presentations aligns with the UGC Paper I syllabus.
5. Why Python?
Easy to learn
Easy to use
Clean syntax and code readability
Rich set of libraries
Tons of tools already written
Rapid prototyping – POC ( proof on concept )
6. Why Python?
Easy to learn
Easy to use
Clean syntax and code readability
Rich set of libraries
Tons of tools already written
Rapid prototyping – POC ( proof on concept )
7. Why Python?
Easy to learn
Easy to use
Clean syntax and code readability
Rich set of libraries
Tons of tools already written
Rapid prototyping – POC ( proof on concept )
8. Why Python?
Easy to learn
Easy to use
Clean syntax and code readability
Rich set of libraries
Tons of tools already written
Rapid prototyping – POC ( proof on concept )
9. Why Python?
Easy to learn
Easy to use
Clean syntax and code readability
Rich set of libraries
Tons of tools already written
Rapid prototyping – POC ( proof on concept )
10. Why Python?
Easy to learn
Easy to use
Clean syntax and code readability
Rich set of libraries
Tons of tools already written
Rapid prototyping – POC ( proof on concept )
11. Who is using Python
Core Impact – Comprehensive penetration testing solution
Immunity CANVAS – Exploit development framework
W3AF – Web Application Attack and Audit Framework
Sqlmap – Automatic SQL injection tool
Immunity Debugger – Powerful Debugger
Peach – Fuzzer
Sulley – Fully automated and unattended fuzzing framework
Paimei – Reverse engineering framework
Scapy – Packet manipulation tool
18. ECHO Server
import socket
tcp_socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
tcp_socket.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR,
1)
tcp_socket.bind(('127.0.0.1', 8000))
tcp_socket.listen(2)
print 'Waiting for client ...'
(client, (ip, port)) = tcp_socket.accept()
print 'Revived connection from : ', ip
print 'Starting ECHO output...'
data = 'dummy'
while len(data):
data = client.recv(2048)
print 'Client send : ', data
client.send(data)
client.close()
19. Client
import socket
import sys
if len(sys.argv) < 3 :
print 'Please Enter address and port'
sys.exit()
tcp_socket = socket.socket(socket.AF_INET,
socket.SOCK_STREAM)
tcp_socket.connect((sys.argv[1], int(sys.argv[2])))
while True:
userInput = raw_input('Please Enter a Message! : ')
tcp_socket.send(userInput)
print 'Server Send back : ' +
str(tcp_socket.recv(2048))
tcp_socket.close()
20. -----Client----python client.py 127.0.0.1 8000
Please Enter a Message! : Salam
Server Send back : Salam
Please Enter a Message! : WELCOME TO PYCON 2013!
Server Send back : WELCOME TO PYCON 2013!
Please Enter a Message! :
-----Server----Waiting for client ...
Revived connection from : 127.0.0.1
Starting ECHO output...
Client send : Salam
Client send : WELCOME TO PYCON 2013!
Client send :
Closing Connection
21. SocketServer Framework
• Framework in Python to create TCP and UDP servers
• Does all the basic steps for you in the background
• Comes in handy if you want to create a server to lure a
client and
• analyze its behavior
22. SocketServer Framework
import SocketServer
class EchoHandler(SocketServer.BaseRequestHandler):
def handle(self):
print 'Got Connection from : ', self.client_address
data = 'dummy'
while len(data):
data = self.request.recv(1024)
print 'Client sent :' + data
self.request.send(data)
print 'client left‘
server_address = ('127.0.0.1', 9050)
server = SocketServer.TCPServer(server_address, EchoHandler)
server.serve_forever()
26. Packet Injection with Raw Sockets
import socket
import struct
rawSocket = socket.socket(socket.PF_PACKET,
socket.SOCK_RAW,
socket.htons(0x800))
rawSocket.bind(('wlan0', socket.htons(0x800)))
packet = struct.pack('!6s6s2s',
'xaaxaaxaaxaaxaaxaa',
'xbbxbbxbbxbbxbbxbb' , 'x08x00')
rawSocket.send(packet + 'Welcome to PYCON')
27. Scapy
• Interactive packet manipulation tool
• Forge or decode packets
• Wide number of protocols
• Send Packet on the wire
• Capture Packet
• Match requests and replies
28. Scapy
reza@kamalifard$ sudo scapy
WARNING: No route found for IPv6 destination :: (no
default route?)
Welcome to Scapy (2.2.0)
>>>ls()
ARP : ARP
DHCP : DHCP options
DNS : DNS
GPRS : GPRSdummy
L2TP : None
PPPoE : PPP over Ethernet
[...]
29. Sniff
>>> p = sniff(count = 5)
>>> p
<Sniffed: TCP:5 UDP:0 ICMP:0 Other:0>
>>> p.show()
0000
0001
0002
0003
0004
>>>
Ether
Ether
Ether
Ether
Ether
/
/
/
/
/
IP
IP
IP
IP
IP
/
/
/
/
/
TCP
TCP
TCP
TCP
TCP
46.165.248.173:4948 > 192.168.1.2:47981 PA/ Raw
192.168.1.2:47981 > 46.165.248.173:4948 A
127.0.0.1:mmcc > 127.0.0.1:48852 PA / Raw
127.0.0.1:mmcc > 127.0.0.1:48852 PA / Raw
127.0.0.1:48852 > 127.0.0.1:mmcc A
41. >>> ?
>>> print contact_me
Mohammad Reza Kamalifard
Kamalifard@datasec.ir
http://www.linkedin.com/in/itmard
My Python Courses :
http://www.webamooz.ir/home/courses/python-for-ethicalhackers-1/
http://www.webamooz.ir/home/courses/python-for-ethicalhackers-2/
42. This work is product of DataSec Middle East(Ammniat Dadehaa Khavare miane) and licensed
under the Creative Commons Attribution-NoDerivs 3.0 Unported License.
Copyright 2013 Mohammad Reza Kamalifard
All rights reserved.
http://kamalifard.ir
http://www.webamooz.ir/home/courses/python-for-ethical-hackers-1/
http://www.webamooz.ir/home/courses/python-for-ethical-hackers-2/