Python for Offensive PenTest : a practical guide to ethical hacking and penetration testing using Python.
Python is an easy-to-learn and cross-platform programming language which has unlimited third-party libraries. Plenty of open source hacking tools are written in Python and can be easily integrated within your script. This book is divided into clear bite-size chunks so you can learn at your own pace...
Clasificación: | Libro Electrónico |
---|---|
Autor principal: | |
Formato: | Electrónico eBook |
Idioma: | Inglés |
Publicado: |
Birmingham :
Packt Publishing,
2018.
|
Temas: | |
Acceso en línea: | Texto completo |
Tabla de Contenidos:
- Cover; Title Page; Copyright and Credits; Packt Upsell; Contributors; Table of Contents; Preface; Chapter 1: Warming up
- Your First Antivirus-Free Persistence Shell; Preparing the attacker machine; Setting up internet access; Preparing the target machine; TCP reverse shell; Coding a TCP reverse shell; Server side; Client side; Data exfiltration
- TCP; Server side; Client side; Exporting to EXE; HTTP reverse shell; Coding the HTTP reverse shell; Server side; Client side; Data exfiltration
- HTTP; Client side; Server side; Exporting to EXE; Persistence; Making putty.exe persistent.
- Making a persistent HTTP reverse shellTuning the connection attempts; Tips for preventing a shell breakdown; Countermeasures; Summary; Chapter 2: Advanced Scriptable Shell; Dynamic DNS; DNS aware shell; Interacting with Twitter; Parsing a tweet in three lines; Countermeasures; Replicating Metasploit's screen capturing; Replicating Metasploit searching for content; Target directory navigation; Integrating low-level port scanner; Summary; Chapter 3: Password Hacking; Antivirus free keylogger; Installing pyHook and pywin; Adding code to keylogger; Hijacking KeePass password manager.
- Man in the browserFirefox process; Firefox API hooking with Immunity Debugger; Python in Firefox proof of concept (PoC); Python in Firefox EXE; Dumping saved passwords out of Google Chrome; Acquiring the password remotely; Submitting the recovered password over HTTP session; Testing the file against antivirus; Password phishing
- DNS poisoning; Using Python script; Facebook password phishing; Countermeasures; Securing the online account; Securing your computer; Securing your network; Keeping a watch on any suspicious activity; Summary; Chapter 4: Catch Me If You Can!
- Bypassing host-based firewallsHijacking IE; Bypassing reputation filtering in next generation firewalls; Interacting with SourceForge; Interacting with Google Forms; Bypassing botnet filtering; Bypassing IPS with handmade XOR encryption; Summary; Chapter 5: Miscellaneous Fun in Windows; Privilege escalation
- weak service file; Privilege escalation
- preparing vulnerable software; Privilege escalation
- backdooring legitimate windows service; Privilege escalation
- creating a new admin account and covering the tracks; Summary; Chapter 6: Abuse of Cryptography by Malware.
- Introduction to encryption algorithmsProtecting your tunnel with AES
- stream mode; Cipher Block Chaining (CBC) mode encryption; Counter (CTR) mode encryption ; Protecting your tunnel with RSA; Hybrid encryption key; Summary; Other Books You May Enjoy; Index.