售 价:¥
温馨提示:数字商品不支持退换货,不提供源文件,不支持导出打印
为你推荐
Title Page
Copyright and Credits
Python Penetration Testing Essentials Second Edition
Packt Upsell
Why subscribe?
PacktPub.com
Contributors
About the author
About the reviewers
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Code in Action
Conventions used
Get in touch
Reviews
Python with Penetration Testing and Networking
Introducing the scope of pentesting
The need for pentesting
Components to be tested
Qualities of a good pentester
Defining the scope of pentesting
Approaches to pentesting
Introducing Python scripting
Understanding the tests and tools you'll need
Learning the common testing platforms with Python
Network sockets
Server socket methods
Client socket methods
General socket methods
Moving on to the practical
Socket exceptions
Useful socket methods
Summary
Scanning Pentesting
How to check live systems in a network and the concept of a live system
Ping sweep
The TCP scan concept and its implementation using a Python script
How to create an efficient IP scanner in Windows
How to create an efficient IP scanner in Linux
The concept of the Linux-based IP scanner
nmap with Python
What are the services running on the target machine?
The concept of a port scanner
How to create an efficient port scanner
Summary
Sniffing and Penetration Testing
Introducing a network sniffer
Passive sniffing
Active sniffing
Implementing a network sniffer using Python
Format characters
Learning about packet crafting
Introducing ARP spoofing and implementing it using Python
The ARP request
The ARP reply
The ARP cache
Testing the security system using custom packet crafting
A half-open scan
The FIN scan
ACK flag scanning
Summary
Network Attacks and Prevention
Technical requirements
DHCP starvation attack
The MAC flooding attack
How the switch uses the CAM tables
The MAC flood logic
Gateway disassociation by RAW socket
Torrent detection
Running the program in hidden mode
Summary
Wireless Pentesting
Introduction to 802.11 frames
Wireless SSID finding and wireless traffic analysis with Python
Detecting clients of an AP
Wireless hidden SSID scanner
Wireless attacks
The deauthentication (deauth) attack
Detecting the deauth attack
Summary
Honeypot – Building Traps for Attackers
Technical requirements
Fake ARP reply
Fake ping reply
Fake port-scanning reply
Fake OS-signature reply to nmap
Fake web server reply
Summary
Foot Printing a Web Server and a Web Application
The concept of foot printing a web server
Introducing information gathering
Checking the HTTP header
Information gathering of a website from whois.domaintools.com
Email address gathering from a web page
Banner grabbing of a website
Hardening of a web server
Summary
Client-Side and DDoS Attacks
Introducing client-side validation
Tampering with the client-side parameter with Python
Effects of parameter tampering on business
Introducing DoS and DDoS
Single IP, single ports
Single IP, multiple port
Multiple IP, multiple ports
Detection of DDoS
Summary
Pentesting SQL and XSS
Introducing the SQL injection attack
Types of SQL injections
Simple SQL injection
Blind SQL injection
Understanding the SQL injection attack by a Python script
Learning about cross-site scripting
Persistent or stored XSS
Nonpersistent or reflected XSS
Summary
Other Books You May Enjoy
Leave a review - let other readers know what you think
买过这本书的人还买过
读了这本书的人还在读
同类图书排行榜