Python: Penetration Testing for Developers

Unleash the power of Python scripting to execute effective and efficient penetration tests - Paperback: 650 pages.

Book Description:

Cybercriminals are always one step ahead, when it comes to tools and techniques. This means you need to use the same tools and adopt the same mindset to properly secure your software. This course shows you how to do just that, demonstrating how effective Python can be for powerful pentesting that keeps your software safe. Comprising of three key modules, follow each one to push your Python and security skills to the next level.

In the first module, we’ll show you how to get to grips with the fundamentals. This means you’ll quickly find out how to tackle some of the common challenges facing pentesters using custom Python tools designed specifically for your needs. You’ll also learn what tools to use and when, giving you complete confidence when deploying your pentester tools to combat any potential threat.

In the next module you’ll begin hacking into the application layer. Covering everything from parameter tampering, DDoS, XXS and SQL injection, it will build on the knowledge and skills you learned in the first module to make you an even more fluent security expert.

Finally in the third module, you’ll find more than 60 Python pentesting recipes. We think this will soon become your trusted resource for any pentesting situation.

This Learning Path combines some of the best that Packt has to offer in one complete, curated package. It includes content from the following Packt products:

• Learning Penetration Testing with Python by Christopher Duffy
• Python Penetration Testing Essentials by Mohit
• Python Web Penetration Testing Cookbook by Cameron Buchanan,Terry Ip, Andrew Mabbitt, Benjamin May and Dave Mound

What You Will Learn:

• Familiarize yourself with the generation of Metasploit resource files and use the Metasploit Remote Procedure Call to automate exploit generation and execution
• Exploit the Remote File Inclusion to gain administrative access to systems with Python and other scripting languages
• Crack an organization's Internet perimeter and chain exploits to gain deeper access to an organization's resources
• Explore wireless traffic with the help of various programs and perform wireless attacks with Python programs
• Gather passive information from a website using automated scripts and perform XSS, SQL injection, and parameter tampering attacks
• Develop complicated header-based attacks through Python

Table of Contents:

1: UNDERSTANDING THE PENETRATION TESTING METHODOLOGY

2: THE BASICS OF PYTHON SCRIPTING

3: IDENTIFYING TARGETS WITH NMAP, SCAPY, AND PYTHON

4: EXECUTING CREDENTIAL ATTACKS WITH PYTHON

5: EXPLOITING SERVICES WITH PYTHON

6: ASSESSING WEB APPLICATIONS WITH PYTHON

7: CRACKING THE PERIMETER WITH PYTHON

8: EXPLOIT DEVELOPMENT WITH PYTHON, METASPLOIT, AND IMMUNITY

9: AUTOMATING REPORTS AND TASKS WITH PYTHON

10: ADDING PERMANENCY TO PYTHON TOOLS

11: PYTHON WITH PENETRATION TESTING AND NETWORKING

12: SCANNING PENTESTING

13: SNIFFING AND PENETRATION TESTING

14: WIRELESS PENTESTING

15: FOOT PRINTING OF A WEB SERVER AND A WEB APPLICATION

16: CLIENT-SIDE AND DDOS ATTACKS

17: PENTESTING OF SQLI AND XSS

18: GATHERING OPEN SOURCE INTELLIGENCE

19: ENUMERATION

20: VULNERABILITY IDENTIFICATION

21: SQL INJECTION

22: WEB HEADER MANIPULATION

23: IMAGE ANALYSIS AND MANIPULATION

24: ENCRYPTION AND ENCODING

25: PAYLOADS AND SHELLS26: REPORTING

Currently there are no Q&As for this course. Be the first to ask a question.