万本电子书0元读

万本电子书0元读

顶部广告

Python Penetration Testing Essentials电子书

售       价:¥

3人正在读 | 0人评论 9.8

作       者:Mohit

出  版  社:Packt Publishing

出版时间:2018-05-30

字       数:21.7万

所属分类: 进口书 > 外文原版书 > 电脑/网络

温馨提示:数字商品不支持退换货,不提供源文件,不支持导出打印

为你推荐

  • 读书简介
  • 目录
  • 累计评论(0条)
  • 读书简介
  • 目录
  • 累计评论(0条)
This book gives you the skills you need to use Python for penetration testing, with the help of detailed code examples. This book has been updated for Python 3.6.3 and Kali Linux 2018.1. About This Book ? Detect and avoid various attack types that put the privacy of a system at risk ? Leverage Python to build efficient code and eventually build a robust environment ? Learn about securing wireless applications and information gathering on a web server Who This Book Is For If you are a Python programmer, a security researcher, or an ethical hacker and are interested in penetration testing with the help of Python, then this book is for you. Even if you are new to the field of ethical hacking, this book can help you find the vulnerabilities in your system so that you are ready to tackle any kind of attack or intrusion. What You Will Learn ? The basics of network pentesting including network scanning and sniffing ? Wireless, wired attacks, and building traps for attack and torrent detection ? Web server footprinting and web application attacks, including the XSS and SQL injection attack ? Wireless frames and how to obtain information such as SSID, BSSID, and the channel number from a wireless frame using a Python script ? The importance of web server signatures, email gathering, and why knowing the server signature is the first step in hacking In Detail This book gives you the skills you need to use Python for penetration testing (pentesting), with the help of detailed code examples. We start by exploring the basics of networking with Python and then proceed to network hacking. Then, you will delve into exploring Python libraries to perform various types of pentesting and ethical hacking techniques. Next, we delve into hacking the application layer, where we start by gathering information from a website. We then move on to concepts related to website hacking—such as parameter tampering, DDoS, XSS, and SQL injection. By reading this book, you will learn different techniques and methodologies that will familiarize you with Python pentesting techniques, how to protect yourself, and how to create automated programs to find the admin console, SQL injection, and XSS attacks. Style and approach The book starts at a basic level and moves to a higher level of network and web security. The execution and performance of code are both taken into account.
目录展开

Title Page

Copyright and Credits

Python Penetration Testing Essentials Second Edition

Packt Upsell

Why subscribe?

PacktPub.com

Contributors

About the author

About the reviewers

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Code in Action

Conventions used

Get in touch

Reviews

Python with Penetration Testing and Networking

Introducing the scope of pentesting

The need for pentesting

Components to be tested

Qualities of a good pentester

Defining the scope of pentesting

Approaches to pentesting

Introducing Python scripting

Understanding the tests and tools you'll need

Learning the common testing platforms with Python

Network sockets

Server socket methods

Client socket methods

General socket methods

Moving on to the practical

Socket exceptions

Useful socket methods

Summary

Scanning Pentesting

How to check live systems in a network and the concept of a live system

Ping sweep

The TCP scan concept and its implementation using a Python script

How to create an efficient IP scanner in Windows

How to create an efficient IP scanner in Linux

The concept of the Linux-based IP scanner

nmap with Python

What are the services running on the target machine?

The concept of a port scanner

How to create an efficient port scanner

Summary

Sniffing and Penetration Testing

Introducing a network sniffer

Passive sniffing

Active sniffing

Implementing a network sniffer using Python

Format characters

Learning about packet crafting

Introducing ARP spoofing and implementing it using Python

The ARP request

The ARP reply

The ARP cache

Testing the security system using custom packet crafting

A half-open scan

The FIN scan

ACK flag scanning

Summary

Network Attacks and Prevention

Technical requirements

DHCP starvation attack

The MAC flooding attack

How the switch uses the CAM tables

The MAC flood logic

Gateway disassociation by RAW socket

Torrent detection

Running the program in hidden mode

Summary

Wireless Pentesting

Introduction to 802.11 frames

Wireless SSID finding and wireless traffic analysis with Python

Detecting clients of an AP

Wireless hidden SSID scanner

Wireless attacks

The deauthentication (deauth) attack

Detecting the deauth attack

Summary

Honeypot – Building Traps for Attackers

Technical requirements

Fake ARP reply

Fake ping reply

Fake port-scanning reply

Fake OS-signature reply to nmap

Fake web server reply

Summary

Foot Printing a Web Server and a Web Application

The concept of foot printing a web server

Introducing information gathering

Checking the HTTP header

Information gathering of a website from whois.domaintools.com

Email address gathering from a web page

Banner grabbing of a website

Hardening of a web server

Summary

Client-Side and DDoS Attacks

Introducing client-side validation

Tampering with the client-side parameter with Python

Effects of parameter tampering on business

Introducing DoS and DDoS

Single IP, single ports

Single IP, multiple port

Multiple IP, multiple ports

Detection of DDoS

Summary

Pentesting SQL and XSS

Introducing the SQL injection attack

Types of SQL injections

Simple SQL injection

Blind SQL injection

Understanding the SQL injection attack by a Python script

Learning about cross-site scripting

Persistent or stored XSS

Nonpersistent or reflected XSS

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

累计评论(0条) 0个书友正在讨论这本书 发表评论

发表评论

发表评论,分享你的想法吧!

买过这本书的人还买过

读了这本书的人还在读

回顶部