Python for Offensive PenTest电子书

Title Page

Copyright and Credits

Python for Offensive PenTest

Packt Upsell

Why subscribe?

PacktPub.com

Contributors

About the author

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

Warming up – Your First Antivirus-Free Persistence Shell

Preparing the attacker machine

Setting up internet access

Preparing the target machine

TCP reverse shell

Coding a TCP reverse shell

Server side

Client side

Data exfiltration – TCP

Server side

Client side

Exporting to EXE

HTTP reverse shell

Coding the HTTP reverse shell

Server side

Client side

Data exfiltration – HTTP

Client side

Server side

Exporting to EXE

Persistence

Making putty.exe persistent

Making a persistent HTTP reverse shell

Tuning the connection attempts

Tips for preventing a shell breakdown

Countermeasures

Summary

Advanced Scriptable Shell

Dynamic DNS

DNS aware shell

Interacting with Twitter

Parsing a tweet in three lines

Countermeasures

Replicating Metasploit's screen capturing

Replicating Metasploit searching for content

Target directory navigation

Integrating low-level port scanner

Summary

Password Hacking

Antivirus free keylogger

Installing pyHook and pywin

Adding code to keylogger

Hijacking KeePass password manager

Man in the browser

Firefox process

Firefox API hooking with Immunity Debugger

Python in Firefox proof of concept (PoC)

Python in Firefox EXE

Dumping saved passwords out of Google Chrome

Acquiring the password remotely

Submitting the recovered password over HTTP session

Testing the file against antivirus

Password phishing – DNS poisoning

Using Python script

Facebook password phishing

Countermeasures

Securing the online account

Securing your computer

Securing your network

Keeping a watch on any suspicious activity

Summary

Catch Me If You Can!

Bypassing host-based firewalls

Hijacking IE

Bypassing reputation filtering in next generation firewalls

Interacting with SourceForge

Interacting with Google Forms

Bypassing botnet filtering

Bypassing IPS with handmade XOR encryption

Summary

Miscellaneous Fun in Windows

Privilege escalation – weak service file

Privilege escalation – preparing vulnerable software

Privilege escalation – backdooring legitimate windows service

Privilege escalation – creating a new admin account and covering the tracks

Summary

Abuse of Cryptography by Malware

Introduction to encryption algorithms

Protecting your tunnel with AES – stream mode

Cipher Block Chaining (CBC) mode encryption

Counter (CTR) mode encryption

Protecting your tunnel with RSA

Hybrid encryption key

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think