Python for pentesters
â˘Download as PPT, PDFâ˘
1 likeâ˘7,451 views
This document discusses using Python for penetration testing and security tasks. It notes that Python has a simple learning curve, extensive libraries, and is multiplatform, making it useful for quick prototyping and easier automation. Python can be used for exploit development, networking, debugging, encryption/decryption, reverse engineering, fuzzing, web applications, forensics, and malware analysis. Popular Python security tools include TMSET, TMCore Impact, TMW3AF, TMSqlmap, TMImmunityDebugger, TMImpacket, and TMIronWASP. The document provides examples of using Python for port scanning, creating a one-line web server, and exploit development. It also lists useful Python
Report
Share
Report
Share
Recommended
DefCamp 2013 - MSF Into The Worm Hole
This document provides an overview of using the Metasploit framework for penetration testing web applications. It discusses Metasploit modules like exploits, payloads, and listeners. It describes using direct exploits against hosts and browser exploits like heap spraying. It also covers using Metasploit for information gathering with Nmap and storing scan data in the Metasploit database. The document demonstrates a client-side attack against Internet Explorer using a binary payload and Immunity Debugger.
Reverse engineering with python
This document discusses how Python can help with reverse engineering. It notes that Python is portable, easy to code with, has great libraries and community support, and can be used to automate tasks. It highlights several Python tools for reverse engineering, including ctypes for calling Windows APIs, pydbg for debugging, pefile for parsing PE files, and pydasm for disassembling machine code. The document advocates that Python can help make reverse engineering code less painful to understand.
Fuzzing with Go-Fuzz
The document discusses fuzzing as a technique for testing software by feeding it automatically mutated inputs to find bugs. It specifically focuses on using Go-Fuzz, which is based on American Fuzzy Lop and instruments Go source code to catch errors during fuzz testing. Go-Fuzz requires providing an entry function that classifies inputs as interesting or not and an initial set of inputs to start fuzzing packages that parse complex user inputs like images, text formats, and network protocols.
Hacker Halted 2014 - RDP Fuzzing And Why the Microsoft Open Protocol Specific...
Over the past year, Tripwire Security Researchers Tyler Reguly and Andrew Swoboda have invested numerous hours into understanding the Microsoft Remote Desktop Protocol, specifically the pre-authentication portions of RDP. The Microsoft Open Protocol Specifications were heavily utilized for this projected and, while both researchers had used the specifications before, neither had fully realized their usefulness to security researchers. This session will be a discussion of The Microsoft Open Protocol Specification with RDP as the example. The culmination of the session will be the release of a new RDP Fuzzer and a discussion around the vulnerabilities it has already discovered.
Attendees can expect to walk away with a strong understanding of the Microsoft Open Protocol Specifications and how they can leverage them to build protocol implementations and fuzzers, as well as investigate inherent flaws and discover new vulnerabilities. Attendees will have a better understanding of the pre-authentication RDP connection sequence and exactly what data is exchanged and what an attacker can deduce from this communication. Finally, attendees will gain insight into new RDP vulnerabilities.
Python Applications
Python is an easy to learn programming language that has many applications. It can be used for GUI development, numerical methods using libraries like NumPy and SciPy, image processing with OpenCV, and machine learning with libraries like TensorFlow. Python also allows access to GPU processing and is useful for tasks like machine learning research.
Buffer Overflow Attacks
Presented by Abhinav chourasia in SecurityXploded cyber security meet. visit: http://www.securitytrainings.net for more information
The internet of $h1t
I was asked to talk in front of Computer science students at the Bar-Ilan university about "what happens" when you don't care about writing "secured" or "safe" code. A perfect example for that, in my opinion, was the world of embedded computing AKA the IoT. I talked about the history of consumer embedded devices and showed a live demo of an 0day I found in one of the most popular routers in the country.
CODE BLUE 2014 : Embedded Security in The Land of the Rising Sun by BEN SCHMI...
Embedded device security is an issue of global importance, and one that has grown exponentially over the last few years. Because of their slow patch cycles and the increasing difficulty of exploiting other,more traditional platforms, they have quickly become a favorite target for researchers and attackers alike. While deeply fragmented, each country has its own unique âfootprintâ of these devices on the Internet, based largely on the embedded devices distributed by major ISPs. We will use our survey of Japanese devices as an example of how, by fingerprinting and examining popular devices on a given country's networks, it is possible for an attacker to very quickly go from zero knowledge to widespread remote code execution.
During this talk, we provide an in-depth analysis of various routers and modems provided by popular Japanese ISPs, devices which we had never heard of on networks we had never used . We discuss how we approached surveying approximate market usage, reverse engineering obfuscated and encrypted firmware images, performing vulnerability analysis on the recovered binaries, and developing of proof-of-concept exploits for discovered vulnerabilities, all from the United States. In addition, we provide recommendations as to how ISPs and countries might begin to address the serious problems introduced by these small but important pieces of the Internet.
All vulnerabilities discovered were promptly and responsibly disclosed to affected parties.
Recommended
DefCamp 2013 - MSF Into The Worm Hole
This document provides an overview of using the Metasploit framework for penetration testing web applications. It discusses Metasploit modules like exploits, payloads, and listeners. It describes using direct exploits against hosts and browser exploits like heap spraying. It also covers using Metasploit for information gathering with Nmap and storing scan data in the Metasploit database. The document demonstrates a client-side attack against Internet Explorer using a binary payload and Immunity Debugger.
Reverse engineering with python
This document discusses how Python can help with reverse engineering. It notes that Python is portable, easy to code with, has great libraries and community support, and can be used to automate tasks. It highlights several Python tools for reverse engineering, including ctypes for calling Windows APIs, pydbg for debugging, pefile for parsing PE files, and pydasm for disassembling machine code. The document advocates that Python can help make reverse engineering code less painful to understand.
Fuzzing with Go-Fuzz
The document discusses fuzzing as a technique for testing software by feeding it automatically mutated inputs to find bugs. It specifically focuses on using Go-Fuzz, which is based on American Fuzzy Lop and instruments Go source code to catch errors during fuzz testing. Go-Fuzz requires providing an entry function that classifies inputs as interesting or not and an initial set of inputs to start fuzzing packages that parse complex user inputs like images, text formats, and network protocols.
Hacker Halted 2014 - RDP Fuzzing And Why the Microsoft Open Protocol Specific...
Over the past year, Tripwire Security Researchers Tyler Reguly and Andrew Swoboda have invested numerous hours into understanding the Microsoft Remote Desktop Protocol, specifically the pre-authentication portions of RDP. The Microsoft Open Protocol Specifications were heavily utilized for this projected and, while both researchers had used the specifications before, neither had fully realized their usefulness to security researchers. This session will be a discussion of The Microsoft Open Protocol Specification with RDP as the example. The culmination of the session will be the release of a new RDP Fuzzer and a discussion around the vulnerabilities it has already discovered.
Attendees can expect to walk away with a strong understanding of the Microsoft Open Protocol Specifications and how they can leverage them to build protocol implementations and fuzzers, as well as investigate inherent flaws and discover new vulnerabilities. Attendees will have a better understanding of the pre-authentication RDP connection sequence and exactly what data is exchanged and what an attacker can deduce from this communication. Finally, attendees will gain insight into new RDP vulnerabilities.
Python Applications
Python is an easy to learn programming language that has many applications. It can be used for GUI development, numerical methods using libraries like NumPy and SciPy, image processing with OpenCV, and machine learning with libraries like TensorFlow. Python also allows access to GPU processing and is useful for tasks like machine learning research.
Buffer Overflow Attacks
Presented by Abhinav chourasia in SecurityXploded cyber security meet. visit: http://www.securitytrainings.net for more information
The internet of $h1t
I was asked to talk in front of Computer science students at the Bar-Ilan university about "what happens" when you don't care about writing "secured" or "safe" code. A perfect example for that, in my opinion, was the world of embedded computing AKA the IoT. I talked about the history of consumer embedded devices and showed a live demo of an 0day I found in one of the most popular routers in the country.
CODE BLUE 2014 : Embedded Security in The Land of the Rising Sun by BEN SCHMI...
Embedded device security is an issue of global importance, and one that has grown exponentially over the last few years. Because of their slow patch cycles and the increasing difficulty of exploiting other,more traditional platforms, they have quickly become a favorite target for researchers and attackers alike. While deeply fragmented, each country has its own unique âfootprintâ of these devices on the Internet, based largely on the embedded devices distributed by major ISPs. We will use our survey of Japanese devices as an example of how, by fingerprinting and examining popular devices on a given country's networks, it is possible for an attacker to very quickly go from zero knowledge to widespread remote code execution.
During this talk, we provide an in-depth analysis of various routers and modems provided by popular Japanese ISPs, devices which we had never heard of on networks we had never used . We discuss how we approached surveying approximate market usage, reverse engineering obfuscated and encrypted firmware images, performing vulnerability analysis on the recovered binaries, and developing of proof-of-concept exploits for discovered vulnerabilities, all from the United States. In addition, we provide recommendations as to how ISPs and countries might begin to address the serious problems introduced by these small but important pieces of the Internet.
All vulnerabilities discovered were promptly and responsibly disclosed to affected parties.
Fuzzing underestimated method of finding hidden bugs
Fuzzing is a method of discovering software faults by providing unexpected input and monitoring for exceptions. There are two main types of fuzzers: mutation-based fuzzers which mutate valid samples, and generation-based fuzzers which require samples to be defined. Fuzzing discovers bugs by providing invalid input to any software, so it should always be considered as a testing method. A fuzzer contains an input generator, history of generated inputs, and a process monitor.
Why Rust? - Matthias Endler - Codemotion Amsterdam 2016
Rust is the new kid on the block. It's a system programming language that is blazingly fast and offers powerful high-level abstractions better known from dynamic languages like Ruby or Python. Rust offers memory safety without a Garbage Collector and makes low-level programming easier and more secure. I will give an introductory talk about Rust and show some of its nicest features.
Packers
- Models: simple, malware, advanced
- Categories and Features: compresser, protecter, crypter, bundler, virtualiser, mutater
- Landscape: Free, Commercial, Malware / Bundlers, Compressors, Virtualizers
- Detailed features: compression, anti-analysis, anti-debugging, anti-dumping, anti-emulation, bundlers
- EntryPoints: FSG, UPX (with LZMA), AsPack, PECompact, MEW, Upack
- Algorithms: aPLib, LZMA, CRC32
How Safe is your Link ?
As @nicowaisman mentioned in his talk Aleatory Persistent Threat, old school heap specific exploiting is dying. And with each windows SP or new version, is harder to attack heap itself. Heap management adapt quickly and include new mittigation techniques. But sometimes is better to rethink the idea of mittigation and do this technique properly even half version of it will cover all known heap exploit techniquesâŚ
Nullcon Hack IM 2011 walk through
The document provides a walkthrough for 12 levels of the HackIM 2011 capture the flag competition. For each level, it describes any hints or clues, screenshots of relevant information, and step-by-step instructions for solving the level. It also identifies potential pitfalls or distractions in solving each level. The walkthrough is intended to help participants learn how to solve the various challenges of the HackIM competition.
CheckPlease - Payload-Agnostic Implant Security
- The document discusses techniques for making payloads more targeted and resistant to sandbox analysis, including checking for expected parent processes, encrypting payloads with host-specific keys, and checking for signs of user interaction.
- It proposes a new open-source library called "CheckPlease" that implements these techniques across multiple programming languages to help red and blue teams.
- Examples are given of how to check for things like expected Windows domains, user accounts, mouse clicks or positions to ensure a payload is running in the intended targeted environment and not a sandbox.
Sentry (SF Python, Feb)
Sentry is a self-hosted, open source log storage solution powered by Python. It provides a usable interface for filtering, sorting, and searching logs. Key features include extensibility through plugins, integration with Python frameworks like Django, and flexibility through its event storage and dashboard APIs. Sentry 2.0 will be platform independent and remove dependencies like Django.
Violent python
This document discusses how Python can be used for both ethical and unethical hacking purposes. It provides examples of how Python allows for easy learning, is cross-platform, and has many built-in tools and libraries that enable activities like dictionary attacks, brute force cracking, analyzing Skype databases, and using APIs to interact with systems like sockets in a similar way to C. The document also lists several Python security tools and frameworks like Scapy and recommends resources like books and tutorials that provide inspiration for writing hacking tools with Python.
Un) fucking forensics
DEFCON 25 presentation. An overview of the basis for needing memory integrity validation (secure hash) checks of a running VM. Edit memory through python scripting. Enhance timeline assurances that you have not missed events with multiple complementary event sources.
Intro to Perfect - LA presentation
Intro to Perfect for the Full Stack Swift meetup in Los Angeles. Discuss open source Swift, history of Perfect, install and setup, then walk thru a tutorial on using Perfect
Is Rust Programming ready for embedded development?
The traditional approach to embedded development would be to run an RTOS on a microcontroller and to write the application in C or C++. This gives huge benefits in terms of the resources required compared to a Linux-based system, but now developers are working down in the world of systems programming, where there is nothing between them and a critical memory-safety bug except a keen eye and perhaps some expensive, imperfect and/or tricky-to-use static analysis tools. That bug might just give hackers access to a product and to anything the product is connected to, both locally and remotely.
Of course, there are plenty of things other than memory safety bugs that might give hackers a route straight into a product, but it would be preferable for developers to concentrate on those, instead of worrying about memory leaks, buffer overflows or tracking down the root cause of a random, undefined behaviour.
But after Rust came into existence the programmers are getting memory safety with low-level control.
If you have considered using embedded rust, you may have run into questions such as âWhat is embedded?â, âWhat is a driver crate?â âWhere does rtfm/rtic and cortex_m fit into the picture?â This webinar will give you answers to these questions and how you can start your embedded rust journey
Python Introduction
This document provides an introduction to the Python programming language, covering its background, features, syntax, types, operators, control flow, functions, classes, tools, and examples. Python is a multi-purpose, object-oriented language that is interpreted, dynamically typed, and focuses on readability and productivity. It has a large standard library and is used by many companies like Google, YouTube, and Spotify.
CheckPlease: Payload-Agnostic Targeted Malware
CheckPlease is a tool that provides payload-agnostic checks to determine if malware is running in a targeted environment or sandbox. It evolved from signatures to behavioral detection as malware changed languages and used obfuscation. CheckPlease implements over 70 checks across multiple languages to validate processes, user behavior, system metadata and environment matches the target before executing malicious code. The presenters demonstrate various checks and encourage integrating CheckPlease with frameworks like Veil to automatically generate targeted malware payloads.
Kasza smashing the_jars
The document discusses various Java-based remote access trojans (RATs) and their evolution over time. It begins with an overview of Java basics and how RATs are packaged in JAR files. It then analyzes the lineage of several RAT families like Frutas, Adwind, Unrecom, AlienSpy, jSocket, and others; how they emerged and were developed over time, sharing codebases and techniques. Common behaviors of Java RATs are also outlined, such as obfuscation, anti-analysis tricks, and persistence mechanisms. The document concludes with recommendations for analyzing and detecting Java threats.
GPU Computing for Data Science
When working with big data or complex algorithms, we often look to parallelize our code to optimize runtime. By taking advantage of a GPUs 1000+ cores, a data scientist can quickly scale out solutions inexpensively and sometime more quickly than using traditional CPU cluster computing. In this webinar, we will present ways to incorporate GPU computing to complete computationally intensive tasks in both Python and R.
See the full presentation here: đ https://vimeo.com/153290051
Learn more about the Domino data science platform: https://www.dominodatalab.com
DefCon 2012 - Rooting SOHO Routers
The document discusses vulnerabilities in Netgear SOHO routers that allow remote code execution. It describes analyzing the firmware of a Netgear WNDR3700 router to find SQL injection vulnerabilities in the MiniDLNA media server. These vulnerabilities can be chained to extract passwords from the router's filesystem and execute arbitrary code by manipulating the database and triggering a buffer overflow. The talk will include a live demonstration exploiting these issues to gain a root shell on the router.
BSides Rochester 2018: Esteban Rodriguez: Ducky In The Middle: Injecting keys...
This document summarizes Esteban Rodriguez's talk on injecting keystrokes into plaintext protocols. It discusses how protocols like VNC, HippoRemote, and early versions of Synergy sent keystrokes in plaintext, allowing them to be intercepted using tools like Wireshark. It then demonstrates how intercepted keystrokes could be cracked, monitored, or injected using tools like Metasploit, custom Python scripts, and rogue Synergy servers implemented with Dissonance. Mitigations discussed include encrypting protocols with SSL and verifying server fingerprints. The overall message is that encryption is important and security research helps improve protocols.
JavaCro'14 - Test Automation using RobotFramework Libraries â Stojan Peshov
JavaCro'14 - Test Automation using RobotFramework Libraries â Stojan PeshovHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
Brief introduction to Test Automation Frameworks, Acceptance Testing and ATTD using Testerone â custom made solution based on RobotFramework and itâs extensive libraries for Seleniumâs and AutoITâs support.
Bring the test cases closer to business people, leave the technical stuff to technical staff using simple business-to-tech excel sheet (map) for collaboration. Complete the solution by controlling everything using Jenkins CI server.Â
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
This is a light training/presentation talk.
My name is Lyon Yang and I am an IoT hacker. I live in sunny Singapore where IoT is rapidly being deployed â in production. This walkthrough will aim to shed light on the subject of IoT, from finding vulnerabilities in IoT devices to getting shiny hash prompts.
Our journey starts with a holistic view of IoT security, the issues faced by IoT devices and the common mistakes made by IoT developers. Things will then get technical as we progress into a both ARM and MIPS exploitation, followed by a âhack-along-with-usâ workshop where you will be exploiting a commonly found IoT daemon. If you are new to IoT or a seasoned professional you will likely learn something new in this workshop.
https://www.iotvillage.org/#schedule
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executives with the Backdoor Factory is a presentation about binary patching techniques. It discusses the history of patching, how key generators and Metasploit patch binaries, and how the author learned to manually patch binaries. The presentation then introduces the Backdoor Factory tool, which can automatically patch Windows binaries by injecting shellcode into code caves. It demonstrates patching via code cave insertion, single cave jumps, and cave jumping. Mitigations like self-validation and antivirus are discussed.
Operations security - SyPy Dec 2014 (Sydney Python users)
This document discusses operational security (OPSEC) for teams, users, and infrastructure related to Bitcoin exchanges. It recommends encrypting devices, using two-factor authentication, password managers, login throttling, third-factor authentication parameters like browser fingerprinting and IP whitelisting to strengthen security. Infrastructure security topics covered include fail2ban, Cloudflare, log storage and backups, and intrusion detection. The goal is to mitigate threats like phishing, malware, and physical attacks against systems handling valuable Bitcoin transactions.
اسŮاŰŘŻ ŘŻŮŮ
ŘŹŮس٠ŰازدŮŮ
ÚŠŮاس ٞاŰŘŞŮŮ Ř¨ŘąŘ§Ű ŮÚŠŘą ŮŘ§Ű ŮاŮŮŮŰ
اسŮاŰŘŻ ŘŻŮŮ
ŘŹŮس٠ŰازدŮŮ
ÚŠŮاس ٞاŰŘŞŮŮ Ř¨ŘąŘ§Ű ŮÚŠŘą ŮŘ§Ű ŮاŮŮŮŰMohammad Reza Kamalifard
Python for ethical hackers by Mohammad reza kamalifard
ŘŻŘą اŰŮ ŘŹŮŘłŮ Ř¨Ů Ř¨ŘąŘąŘłŰ Ů
اÚŮŮ
SocketServer
ŘŻŘą ٞاŰŘŞŮŮ Ů
ŰâٞعدازدŰŮ
Â
More Related Content
What's hot
Fuzzing underestimated method of finding hidden bugs
Fuzzing is a method of discovering software faults by providing unexpected input and monitoring for exceptions. There are two main types of fuzzers: mutation-based fuzzers which mutate valid samples, and generation-based fuzzers which require samples to be defined. Fuzzing discovers bugs by providing invalid input to any software, so it should always be considered as a testing method. A fuzzer contains an input generator, history of generated inputs, and a process monitor.
Why Rust? - Matthias Endler - Codemotion Amsterdam 2016
Rust is the new kid on the block. It's a system programming language that is blazingly fast and offers powerful high-level abstractions better known from dynamic languages like Ruby or Python. Rust offers memory safety without a Garbage Collector and makes low-level programming easier and more secure. I will give an introductory talk about Rust and show some of its nicest features.
Packers
- Models: simple, malware, advanced
- Categories and Features: compresser, protecter, crypter, bundler, virtualiser, mutater
- Landscape: Free, Commercial, Malware / Bundlers, Compressors, Virtualizers
- Detailed features: compression, anti-analysis, anti-debugging, anti-dumping, anti-emulation, bundlers
- EntryPoints: FSG, UPX (with LZMA), AsPack, PECompact, MEW, Upack
- Algorithms: aPLib, LZMA, CRC32
How Safe is your Link ?
As @nicowaisman mentioned in his talk Aleatory Persistent Threat, old school heap specific exploiting is dying. And with each windows SP or new version, is harder to attack heap itself. Heap management adapt quickly and include new mittigation techniques. But sometimes is better to rethink the idea of mittigation and do this technique properly even half version of it will cover all known heap exploit techniquesâŚ
Nullcon Hack IM 2011 walk through
The document provides a walkthrough for 12 levels of the HackIM 2011 capture the flag competition. For each level, it describes any hints or clues, screenshots of relevant information, and step-by-step instructions for solving the level. It also identifies potential pitfalls or distractions in solving each level. The walkthrough is intended to help participants learn how to solve the various challenges of the HackIM competition.
CheckPlease - Payload-Agnostic Implant Security
- The document discusses techniques for making payloads more targeted and resistant to sandbox analysis, including checking for expected parent processes, encrypting payloads with host-specific keys, and checking for signs of user interaction.
- It proposes a new open-source library called "CheckPlease" that implements these techniques across multiple programming languages to help red and blue teams.
- Examples are given of how to check for things like expected Windows domains, user accounts, mouse clicks or positions to ensure a payload is running in the intended targeted environment and not a sandbox.
Sentry (SF Python, Feb)
Sentry is a self-hosted, open source log storage solution powered by Python. It provides a usable interface for filtering, sorting, and searching logs. Key features include extensibility through plugins, integration with Python frameworks like Django, and flexibility through its event storage and dashboard APIs. Sentry 2.0 will be platform independent and remove dependencies like Django.
Violent python
This document discusses how Python can be used for both ethical and unethical hacking purposes. It provides examples of how Python allows for easy learning, is cross-platform, and has many built-in tools and libraries that enable activities like dictionary attacks, brute force cracking, analyzing Skype databases, and using APIs to interact with systems like sockets in a similar way to C. The document also lists several Python security tools and frameworks like Scapy and recommends resources like books and tutorials that provide inspiration for writing hacking tools with Python.
Un) fucking forensics
DEFCON 25 presentation. An overview of the basis for needing memory integrity validation (secure hash) checks of a running VM. Edit memory through python scripting. Enhance timeline assurances that you have not missed events with multiple complementary event sources.
Intro to Perfect - LA presentation
Intro to Perfect for the Full Stack Swift meetup in Los Angeles. Discuss open source Swift, history of Perfect, install and setup, then walk thru a tutorial on using Perfect
Is Rust Programming ready for embedded development?
The traditional approach to embedded development would be to run an RTOS on a microcontroller and to write the application in C or C++. This gives huge benefits in terms of the resources required compared to a Linux-based system, but now developers are working down in the world of systems programming, where there is nothing between them and a critical memory-safety bug except a keen eye and perhaps some expensive, imperfect and/or tricky-to-use static analysis tools. That bug might just give hackers access to a product and to anything the product is connected to, both locally and remotely.
Of course, there are plenty of things other than memory safety bugs that might give hackers a route straight into a product, but it would be preferable for developers to concentrate on those, instead of worrying about memory leaks, buffer overflows or tracking down the root cause of a random, undefined behaviour.
But after Rust came into existence the programmers are getting memory safety with low-level control.
If you have considered using embedded rust, you may have run into questions such as âWhat is embedded?â, âWhat is a driver crate?â âWhere does rtfm/rtic and cortex_m fit into the picture?â This webinar will give you answers to these questions and how you can start your embedded rust journey
Python Introduction
This document provides an introduction to the Python programming language, covering its background, features, syntax, types, operators, control flow, functions, classes, tools, and examples. Python is a multi-purpose, object-oriented language that is interpreted, dynamically typed, and focuses on readability and productivity. It has a large standard library and is used by many companies like Google, YouTube, and Spotify.
CheckPlease: Payload-Agnostic Targeted Malware
CheckPlease is a tool that provides payload-agnostic checks to determine if malware is running in a targeted environment or sandbox. It evolved from signatures to behavioral detection as malware changed languages and used obfuscation. CheckPlease implements over 70 checks across multiple languages to validate processes, user behavior, system metadata and environment matches the target before executing malicious code. The presenters demonstrate various checks and encourage integrating CheckPlease with frameworks like Veil to automatically generate targeted malware payloads.
Kasza smashing the_jars
The document discusses various Java-based remote access trojans (RATs) and their evolution over time. It begins with an overview of Java basics and how RATs are packaged in JAR files. It then analyzes the lineage of several RAT families like Frutas, Adwind, Unrecom, AlienSpy, jSocket, and others; how they emerged and were developed over time, sharing codebases and techniques. Common behaviors of Java RATs are also outlined, such as obfuscation, anti-analysis tricks, and persistence mechanisms. The document concludes with recommendations for analyzing and detecting Java threats.
GPU Computing for Data Science
When working with big data or complex algorithms, we often look to parallelize our code to optimize runtime. By taking advantage of a GPUs 1000+ cores, a data scientist can quickly scale out solutions inexpensively and sometime more quickly than using traditional CPU cluster computing. In this webinar, we will present ways to incorporate GPU computing to complete computationally intensive tasks in both Python and R.
See the full presentation here: đ https://vimeo.com/153290051
Learn more about the Domino data science platform: https://www.dominodatalab.com
DefCon 2012 - Rooting SOHO Routers
The document discusses vulnerabilities in Netgear SOHO routers that allow remote code execution. It describes analyzing the firmware of a Netgear WNDR3700 router to find SQL injection vulnerabilities in the MiniDLNA media server. These vulnerabilities can be chained to extract passwords from the router's filesystem and execute arbitrary code by manipulating the database and triggering a buffer overflow. The talk will include a live demonstration exploiting these issues to gain a root shell on the router.
BSides Rochester 2018: Esteban Rodriguez: Ducky In The Middle: Injecting keys...
This document summarizes Esteban Rodriguez's talk on injecting keystrokes into plaintext protocols. It discusses how protocols like VNC, HippoRemote, and early versions of Synergy sent keystrokes in plaintext, allowing them to be intercepted using tools like Wireshark. It then demonstrates how intercepted keystrokes could be cracked, monitored, or injected using tools like Metasploit, custom Python scripts, and rogue Synergy servers implemented with Dissonance. Mitigations discussed include encrypting protocols with SSL and verifying server fingerprints. The overall message is that encryption is important and security research helps improve protocols.
JavaCro'14 - Test Automation using RobotFramework Libraries â Stojan Peshov
JavaCro'14 - Test Automation using RobotFramework Libraries â Stojan PeshovHUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
Brief introduction to Test Automation Frameworks, Acceptance Testing and ATTD using Testerone â custom made solution based on RobotFramework and itâs extensive libraries for Seleniumâs and AutoITâs support.
Bring the test cases closer to business people, leave the technical stuff to technical staff using simple business-to-tech excel sheet (map) for collaboration. Complete the solution by controlling everything using Jenkins CI server.Â
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
This is a light training/presentation talk.
My name is Lyon Yang and I am an IoT hacker. I live in sunny Singapore where IoT is rapidly being deployed â in production. This walkthrough will aim to shed light on the subject of IoT, from finding vulnerabilities in IoT devices to getting shiny hash prompts.
Our journey starts with a holistic view of IoT security, the issues faced by IoT devices and the common mistakes made by IoT developers. Things will then get technical as we progress into a both ARM and MIPS exploitation, followed by a âhack-along-with-usâ workshop where you will be exploiting a commonly found IoT daemon. If you are new to IoT or a seasoned professional you will likely learn something new in this workshop.
https://www.iotvillage.org/#schedule
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executives with the Backdoor Factory is a presentation about binary patching techniques. It discusses the history of patching, how key generators and Metasploit patch binaries, and how the author learned to manually patch binaries. The presentation then introduces the Backdoor Factory tool, which can automatically patch Windows binaries by injecting shellcode into code caves. It demonstrates patching via code cave insertion, single cave jumps, and cave jumping. Mitigations like self-validation and antivirus are discussed.
What's hot (20)
Fuzzing underestimated method of finding hidden bugs
Fuzzing underestimated method of finding hidden bugs
Â
Why Rust? - Matthias Endler - Codemotion Amsterdam 2016
Why Rust? - Matthias Endler - Codemotion Amsterdam 2016
Â
Is Rust Programming ready for embedded development?
Is Rust Programming ready for embedded development?
Â
BSides Rochester 2018: Esteban Rodriguez: Ducky In The Middle: Injecting keys...
BSides Rochester 2018: Esteban Rodriguez: Ducky In The Middle: Injecting keys...
Â
JavaCro'14 - Test Automation using RobotFramework Libraries â Stojan Peshov
JavaCro'14 - Test Automation using RobotFramework Libraries â Stojan Peshov
Â
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Practical IoT Exploitation (DEFCON23 IoTVillage) - Lyon Yang
Â
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Patching Windows Executables with the Backdoor Factory | DerbyCon 2013
Â
Viewers also liked
Operations security - SyPy Dec 2014 (Sydney Python users)
This document discusses operational security (OPSEC) for teams, users, and infrastructure related to Bitcoin exchanges. It recommends encrypting devices, using two-factor authentication, password managers, login throttling, third-factor authentication parameters like browser fingerprinting and IP whitelisting to strengthen security. Infrastructure security topics covered include fail2ban, Cloudflare, log storage and backups, and intrusion detection. The goal is to mitigate threats like phishing, malware, and physical attacks against systems handling valuable Bitcoin transactions.
اسŮاŰŘŻ ŘŻŮŮ
ŘŹŮس٠ŰازدŮŮ
ÚŠŮاس ٞاŰŘŞŮŮ Ř¨ŘąŘ§Ű ŮÚŠŘą ŮŘ§Ű ŮاŮŮŮŰ
اسŮاŰŘŻ ŘŻŮŮ
ŘŹŮس٠ŰازدŮŮ
ÚŠŮاس ٞاŰŘŞŮŮ Ř¨ŘąŘ§Ű ŮÚŠŘą ŮŘ§Ű ŮاŮŮŮŰMohammad Reza Kamalifard
Python for ethical hackers by Mohammad reza kamalifard
ŘŻŘą اŰŮ ŘŹŮŘłŮ Ř¨Ů Ř¨ŘąŘąŘłŰ Ů
اÚŮŮ
SocketServer
ŘŻŘą ٞاŰŘŞŮŮ Ů
ŰâٞعدازدŰŮ
Â
Evdokimov python arsenal for re
This document discusses Python tools for reverse engineering. It introduces the author and their background in security research. It then provides an overview of existing Python libraries for reverse engineering tasks like disassembly, debugging, fuzzing, and analysis. These include libraries that interface with tools like IDA Pro, gdb, bochs, and more. The document proposes creating a web portal to catalog these Python reverse engineering tools, including descriptions and a search function. It concludes by soliciting feedback on the idea and future work.
Stegano Secrets - Python
The document discusses steganography, which is hiding secret messages within other harmless-looking files or messages. It describes how steganography embeds information in a way that prevents unauthorized parties from even knowing a hidden message has been sent. The document outlines some common techniques for hiding information in digital images, such as modifying least significant bits or using masking and filtering algorithms. It also notes that steganography can be used for confidential communication and secret data storage. Finally, it discusses how Python can be used to implement steganography, listing several Python modules like binascii, getpass, simplecrypt, and Pillow that are useful for steganography applications.
Pycon Sec
PyCon India 2009 Presentation Python tools for Network Security
The document discusses various Python tools for network security including Pypcap, Dpkt and Scapy. It provides an overview of packet capture and inspection capabilities of these tools and code examples to capture and analyze network packets. Specific examples demonstrated include an HTTP protocol sniffer, host scanning and DNS queries using Scapy.
Network programming in python..
This document outlines the agenda for a workshop on network programming in Python. It will cover core networking concepts like TCP, UDP, and IP protocols. It will teach elementary sockets programming and working with common protocols like DNS, HTTP, FTP, and SSL. The workshop will also cover network errors, using third party libraries like Scapy and Impacket, raw sockets, and scenario-based scripts. The goal is to help participants master the layers of the protocol stack and move beyond the content after the workshop.
Python build your security tools.pdf
This document provides an overview of using Python to build security tools. It covers Python basics like variables, data types, strings, lists, tuples, dictionaries, loops, functions, reading user input and working with files. It also demonstrates using Python modules for tasks like SSH client automation with Paramiko, working with IP addresses and subnets using NetAddr, and web automation with requests. The goal is to provide examples to help readers develop tools for tasks like port scanning, database access, and network automation.
Offensive cyber security: Smashing the stack with Python
: A necessary step in writing secure code is having an understanding of how vulnerable code can be exploited. This step is critical because unless you see the software from the vantage point of a hacker, what may look to be safe and harmless code, can have multiple vulnerabilities that result in systems running that software getting p0wned. The goal of this tech talk is to provide a step-by-step illustration of how not adhering to secure software design principles such as properly bounds checking buffers can open up computing devices to exploitation. Specifically, we will show that by using a very easy to use scripting language like python, we can do the following: 1) Smash the stack of a system running vulnerable code to gain arbitrary access. 2) Install a key logger that can phone home to a command and control server.
Network Security and Analysis with Python
Using Python, the author has developed a program that learns about protocol formats, with the main goal in being useful for Deep Packet Inspection. Deep Packet Inspection is a process mainly used in network security to ensure integrity of network data sent across the network. Deep Packet Inspection is used to pre-empt and prevent malicious data from being transmitted over a network in order to ensure the security of the organization.
http://tw.pycon.org/2015apac/en/lightning_en
Metodologia david ch
Este documento resume diferentes perspectivas sobre la investigaciĂłn. Define la investigaciĂłn como un proceso sistemĂĄtico para descubrir hechos sobre la realidad y construir teorĂas parciales. Explica que existen cuatro tipos principales de investigaciĂłn: exploratoria, descriptiva, correlacional y explicativa. AdemĂĄs, la investigaciĂłn puede ser de campo o de laboratorio, dependiendo de dĂłnde se recolectan los datos.
Presentasi Sistem Profitbomber
Profitbomber adalah sebuah sistem yang dirancang untuk membantu anda mendapatkan income cepat setiap hari, berulang - ulang, dengan modal terjangkau dan Potensi Income tanpa batas.
2015-05-20 openmdm-architecture
The document outlines the openMDMÂŽ architecture design. It discusses the driving forces, goals, and components of the openMDMÂŽ architecture. The architecture aims to be modular, allow assembly of components, achieve UI independence, and conform to specifications. The business model provides core platform services and allows integration of data from multiple sources through an ODS adapter.
David Draper Resume 2
David Draper is an experienced senior design engineer seeking a new position. He has over 20 years of experience in automotive design and product development, particularly with body closure systems. His background includes designing hood, fender, door, and pickup box assemblies for Chrysler vehicles and successfully launching multiple new vehicle programs.
ÎÎΤÎU ANNA CV-EN
Anna Kitou is a Greek food technologist seeking new opportunities. She has over 5 years of experience in food production, quality control, and laboratory analysis. Her background includes work with meat products, cheeses, teas, and quality management systems. She holds a Bachelor's degree in Food Science and Technology from the Agricultural University of Athens.
Continuous Delivery Summit, Washington D.C., 2015
This presentation outlines the need to expand the notion of continuous delivery to encompass operational excellence. It discusses how a cloud-native platform can automate and simplify many operational concerns and what desirable properties such a platform should possess. The presentation concludes with a brief discussion of Pivotal Cloud Foundry.
La Escuela al Centro
Este documento presenta un nuevo esquema de organizaciĂłn y acompaĂąamiento para las escuelas de educaciĂłn bĂĄsica en MĂŠxico llamado "La Escuela al Centro". El objetivo es reorganizar el sistema educativo para que se concentre en mejorar la calidad de la enseĂąanza y el aprendizaje en las aulas. Algunas lĂneas de acciĂłn clave incluyen implementar una nueva estructura organizativa en las escuelas con menos burocracia, asignar mĂĄs recursos directamente a las escuelas y fortalecer los consejos tĂŠcnicos escolares
openMDM5: From a fat client to a scalable, omni-channel architecture
The handling of measured data goes way beyond simple data storage and retrieval. A measured data management system must provide reliable long-term archival, including provenance, and efficient search mechanisms while ensuring proper access restriction across different teams, departments, and even companies. However, the required functionality widely differs between these parties. Instead of implementing a single full-featured rich-client, the openMDM WG has been working to create a toolbox which allows to create individual measurement data management solutions tailored to the particular use case. The underlying software architecture will be presented in this talk.
Family life and culture from china
This document introduces Luhan Yan from China and discusses her family. It notes that 20-30 years ago families in China typically had more than 2 children, but now most families only have one child. It provides Luhan Yan's name and the names of her father and mother. The document also mentions the Chinese dragon as a national symbol and includes an image of Chinese landscapes.
Viewers also liked (20)
Operations security - SyPy Dec 2014 (Sydney Python users)
Operations security - SyPy Dec 2014 (Sydney Python users)
Â
اسŮاŰŘŻ ŘŻŮŮ
ŘŹŮس٠ŰازدŮŮ
ÚŠŮاس ٞاŰŘŞŮŮ Ř¨ŘąŘ§Ű ŮÚŠŘą ŮŘ§Ű ŮاŮŮŮŰ
اسŮاŰŘŻ ŘŻŮŮ
ŘŹŮس٠ŰازدŮŮ
ÚŠŮاس ٞاŰŘŞŮŮ Ř¨ŘąŘ§Ű ŮÚŠŘą ŮŘ§Ű ŮاŮŮŮŰ
Â
Offensive cyber security: Smashing the stack with Python
Offensive cyber security: Smashing the stack with Python
Â
ŕšŕ¸ŕ¸Łŕ¸ŕ¸ŕ¸˛ŕ¸ŕ¸ŕ¸ŕ¸Ąŕ¸ŕ¸´ŕ¸§ŕšŕ¸ŕ¸ŕ¸Łŕš
ŕšŕ¸ŕ¸Łŕ¸ŕ¸ŕ¸˛ŕ¸ŕ¸ŕ¸ŕ¸Ąŕ¸ŕ¸´ŕ¸§ŕšŕ¸ŕ¸ŕ¸Łŕš
Â
ŕšŕ¸ŕ¸Łŕ¸ŕ¸ŕ¸˛ŕ¸ŕ¸ŕ¸ŕ¸Ąŕ¸ŕ¸´ŕ¸§ŕšŕ¸ŕ¸ŕ¸Łŕš (1)
ŕšŕ¸ŕ¸Łŕ¸ŕ¸ŕ¸˛ŕ¸ŕ¸ŕ¸ŕ¸Ąŕ¸ŕ¸´ŕ¸§ŕšŕ¸ŕ¸ŕ¸Łŕš (1)
Â
openMDM5: From a fat client to a scalable, omni-channel architecture
openMDM5: From a fat client to a scalable, omni-channel architecture
Â
Similar to Python for pentesters
Python-Assisted Red-Teaming Operation
Slide yang kupresentasikan di PyCon 2019 (Surabaya, 23/11/2019)
Red-Teaming is a simulation of real world hacking against organization. It has little to no limit of time, location, and method to attack. Only results matter. This talk gives insight about how âhackerâ works and how python can be used for sophisticated series of attack.
Hacking the Gateways
This document outlines a plan to hack routers by exploiting vulnerabilities. The plan involves deciding targets, finding vulnerabilities in routers like the AirTies RT series, writing exploits in MIPS assembly to achieve remote code execution, writing scripts for mass exploitation, running attacks on targets in Turkey, and analyzing results. Routers are attractive targets because they are directly internet accessible, can control all traffic once compromised, have limited logging capabilities, and rarely receive security updates.
Cyber Crime / Cyber Secuity Testing Architecture by MRITYUNJAYA HIKKALGUTTI (...
Cyber Crime / Cyber Secuity Testing Architecture by MRITYUNJAYA HIKKALGUTTI (...MrityunjayaHikkalgut1
Cyber Crime / Cyber Secuity Testing Architecture
For
Security Layers authenticating
Like
BFSI
BANKING
CYBER SECURITY
CYBER CRIME
ANY DOMAINÂ
Workshop on Network Security
@skeptic_fx (Ahamed Nafeez) and I conducted a National Level Workshop on Network and Web Security on August 11th, 2010 during our third year BE CSE.
Nmap for Scriptors
This document provides an overview of Nmap Scripting Engine (NSE) for security researchers looking to build NSE scripts. It covers the anatomy of an NSE script including required components like metadata, categories, portrules and actions. It also provides tips for scriptors like specifying the script directory, using debugging mode, and updating the script database. The goal is to provide a kickstart for researchers to learn how to create NSE scripts and proofs-of-concept.
Open Source Cyber Weaponry
The document discusses the evolution of cyber weapons and offensive security tools from 1999 to today. It describes how such tools have progressed from being in their infancy to becoming highly sophisticated. A key point is that many military and government contractors now openly use open source tools like Metasploit due to their capabilities, cost effectiveness, and the ability to easily adapt them. The document highlights the features and power of the Metasploit framework, including its modular design, wide range of exploits and payloads, automation capabilities, and use by many organizations for tasks like vulnerability research and penetration testing at scale.
The Offensive Python: Practical Python for Penetration Testing
Presentation for Roadshow of Cyber Security Marathon 2018
Code Margonda
Depok, 2018-01-11
So you got python? How far can you push your python?
Why would hackers love python?
It's not hard to know that python is amazing language. But how amazing it could be for cyber security? Let's see by getting our hands dirty, from simple tasks to more challenging action
The Offensive Python - Practical Python for Penetration Testing
My slide for roadshow of Cyber Security Marathon in Code Margonda, January 11th 2018.
Why would hackers love python?
It's not hard to know that python is amazing language. But how amazing it could be for cyber security? Let's see by getting our hands dirty, from simple tasks to more challenging action
Beginnerâs Guide on How to Start Exploring IoT Security 1st Session
The document provides an overview of how to start exploring IoT security as a beginner. It defines IoT and OT, discusses common attack vectors like networks, wireless communication, and applications. It then provides guidance on how to perform security testing for these vectors, including tools to use for tasks like network pentesting, radio communication testing, and mobile application testing. The goal is to help beginners learn about IoT security challenges and how to start assessing vulnerabilities.
Hacktrikz - Introduction to Information Security & Ethical Hacking
This is a basic seminar presentation which gives an introduction to Information security & Ethical Hacking. This features some basic demos of ethical hacking & explains about some career oppurtunities in this feild.
Time Series Anomaly Detection with Azure and .NETT
f you have any device or source that generates values over time (also a log from a service), you want to determine if in a time frame, the time serie is correct or you can detect some anomalies. What can you do as a developer (not a Data Scientist) with .NET o Azure? Let's see how in this session.
y3dips hacking priv8 network
This document discusses hacking into IPSec VPNs used by banks. It describes how banks previously used private networks but now rely on VPNs to connect over public infrastructure like the internet in a more cost effective way. However, VPNs are only relatively secure and rely on the security of the protocols and devices used. The document goes on to describe how IPSec VPNs can be vulnerable through issues with aggressive mode authentication and use of pre-shared keys, and provides information on tools that can crack pre-shared keys over aggressive mode. It recommends ways to improve security such as disabling aggressive mode and using certificates instead of pre-shared keys.
idsecconf2010-hacking priv8 network
This document discusses hacking into IPSec VPNs used by banks. It describes how banks historically used private networks but now rely on VPNs to connect over public infrastructure in a cost-effective way. However, VPNs are only relatively secure. The document outlines vulnerabilities in the IKE aggressive mode handshake when using pre-shared keys to authenticate, allowing tools to crack keys. It recommends ways to improve VPN security, such as disabling aggressive mode, not using dynamic IPs, and filtering connections.
Ready set hack
Ready Set Hack - Day 2 of Cyber Security Events of Google Developer Student Club of Bharati Vidyapeeth College of Engineering, Navi Mumbai.
DEF CON 27 - ORANGE TSAI and MEH CHANG - infiltrating corporate intranet like...
DEF CON 27 - ORANGE TSAI and MEH CHANG - infiltrating corporate intranet like nsa pre auth rce on leading ssl vpns
BSIDES-PR Keynote Hunting for Bad Guys
This document discusses techniques for hunting bad guys on networks, including identifying client-side attacks, malware command and control channels, post-exploitation activities, and hunting artifacts. It provides examples of using DNS logs, firewall logs, HTTP logs, registry keys, installed software inventories, and the AMCache registry hive to look for anomalous behaviors that could indicate security compromises. The goal is to actively hunt for threats rather than just detecting known bad behaviors.
Thick client pentesting_the-hackers_meetup_version1.0pptx
The document discusses pentesting thick client applications. It begins with introducing thick clients and why testing them is important. It then covers common thick client architectures, vulnerabilities, tools used for testing like decompilers and network sniffers, challenges like intercepting encrypted traffic, and solutions to those challenges like using Burp's non-HTTP proxy. It ends with checklists, example applications to practice on, and references for further reading.
Phases of penetration testing
A penetration test involves four main phases: reconnaissance, scanning, exploitation, and maintaining access. In the reconnaissance phase, tools are used to gather information about the target system without authorization. Scanning identifies open ports and vulnerabilities. Exploitation attempts to gain unauthorized control of systems by exploiting vulnerabilities, such as using password crackers. Maintaining access involves creating backdoors for future unauthorized access, such as using network sniffing tools or installing rootkits. Popular tools used in penetration tests include Nmap for scanning, Metasploit for exploitation, and Netcat for creating backdoors. Defending against penetration tests requires monitoring information published online, properly configuring firewalls and access controls, patching systems, and using antivirus and intrusion detection software
Threat hunting on the wire
This presentation "Threat hunting on the wire" is part of a a series of courses on the subject of Threat Hunting. It covers command-line packet analysis, and network forensics.
RIoT (Raiding Internet of Things) by Jacob Holcomb
The recorded version of 'Best Of The World Webcast Series' [Webinar] where Jacob Holcomb speaks on 'RIoT (Raiding Internet of Things)' is available on CISOPlatform.
Best Of The World Webcast Series are webinars where breakthrough/original security researchers showcase their study, to offer the CISO/security experts the best insights in information security.
For more signup(it's free): www.cisoplatform.com
Similar to Python for pentesters (20)
Cyber Crime / Cyber Secuity Testing Architecture by MRITYUNJAYA HIKKALGUTTI (...
Cyber Crime / Cyber Secuity Testing Architecture by MRITYUNJAYA HIKKALGUTTI (...
Â
The Offensive Python: Practical Python for Penetration Testing
The Offensive Python: Practical Python for Penetration Testing
Â
The Offensive Python - Practical Python for Penetration Testing
The Offensive Python - Practical Python for Penetration Testing
Â
Beginnerâs Guide on How to Start Exploring IoT Security 1st Session
Beginnerâs Guide on How to Start Exploring IoT Security 1st Session
Â
Hacktrikz - Introduction to Information Security & Ethical Hacking
Hacktrikz - Introduction to Information Security & Ethical Hacking
Â
Time Series Anomaly Detection with Azure and .NETT
Time Series Anomaly Detection with Azure and .NETT
Â
DEF CON 27 - ORANGE TSAI and MEH CHANG - infiltrating corporate intranet like...
DEF CON 27 - ORANGE TSAI and MEH CHANG - infiltrating corporate intranet like...
Â
Thick client pentesting_the-hackers_meetup_version1.0pptx
Thick client pentesting_the-hackers_meetup_version1.0pptx
Â
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob Holcomb
Â
Python for pentesters
- 1. Python for pentesters Rashid feroz
- 2. About me! ⢠An information security enthusiast. ⢠Love to break into things!
- 3. Why Python? ⢠Simple Learning curve ⢠HUGE number of Extensive Libraries! ⢠Multiplatform ⢠Good for quick prototyping ⢠Makes our life easier ď
- 4. What About Security? ⢠Exploit Development ⢠Networking ⢠Debugging ⢠Encryption/Decription ⢠Reverse Engineering ⢠Fuzzing ⢠Web ⢠Forensics ⢠Malware analysis
- 5. Who is using Python?? ⢠â˘SET ⢠â˘Core Impact ⢠â˘W3AF ⢠â˘Sqlmap ⢠â˘ImmunityDebugger ⢠â˘Impacket ⢠â˘IronWASP ⢠Sslstrip
- 6. Why Python is awesome for security scripting? ⢠Python for Open Source Intelligence gathering(OSINT) tasks. ⢠Network Layer hacks(using Python). ⢠Application layer scripting(esp. HTTP). ⢠Wireless Network hacks. ⢠Some offensive/defensive scripts for a pen test.
- 8. Port scanner Import nmap nm = nmap.PortScanner() nm.scan('127.0.0.1', '22-443')
- 9. One line web server ⢠python -m SimpleHTTPServer 8080
- 10. Exploit Development #!/usr/bin/python import socket host = âtargetâ port = <port#> cmd= âinitial commandâ s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) buffer = âbuffer to sendâ shellcode= âshellcodeâ Payload = cmd+ buffer + shellcode print "n Any status message nâ s.connect((host,port)) data = s.recv(1024) s.send(payload +ânâ) s.close
- 11. Python libraries for Penetration Testers ⢠Scapy - send, sniff and dissect and forge network packets. ⢠Mallory - TCP/UDP man-in-the-middle proxy, ⢠Impacket - craft and decode network packets. ⢠Immunity Debugger: scriptable GUI and command line debugger ⢠Androguard: reverse engineering and analysis of Android applications ⢠pefile: read and work with Portable Executable (aka PE) files ⢠Fuzzbox: multi-codec media fuzzer ⢠Requests: elegant and simple HTTP library ⢠mitmproxy: SSL-capable, intercepting HTTP proxy ⢠Volatility: extract digital artifacts from volatile memory (RAM) samples ⢠aft: Android forensic toolkit
- 12. References ⢠Python Infosectools - http://www.dirk-loss.de/python- tools.htm ⢠Violent Python Book
- 13. Thanks ď Email: rashid.2008feroz@gmail.com Facebook: http://fb.com/rashid.feroz1 LinkedIn: https://in.linkedin.com/in/rashid2feroz