Cargando…

Mastering Python for networking and security : leverage Python scripts and libraries to overcome networking and security issues.

Nowadays, configuring a network and automating security protocols are quite difficult to implement. However, using Python makes it easy to automate this whole process. This book explains the process of using Python for building networks, detecting network errors, and performing different security pr...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Ortega, José Manuel
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Birmingham : Packt, 2018.
Temas:
Acceso en línea:Texto completo
Tabla de Contenidos:
  • Intro
  • Cover
  • Title Page
  • Copyright and Credits
  • Packt Upsell
  • Contributors
  • Table of Contents
  • Preface
  • Chapter 1: Working with Python Scripting
  • Technical requirements
  • Programming and installing Python
  • Introducing Python scripting
  • Why choose Python?
  • Multi-platform
  • Object-Oriented Programming
  • Obtaining and installing Python
  • Installing Python on Windows
  • Installing Python for Linux
  • Python collections
  • Lists
  • Reversing a List
  • Comprehension lists
  • Tuples
  • Dictionaries
  • Python functions and managing exceptions
  • Python functions
  • Managing exceptions
  • Python as an OOP language
  • Inheritance
  • The OMSTD methodology and STB Module for Python scripting
  • Python packages and modules
  • What is a module in Python?
  • Difference Between a Python Module and a Python Package
  • Passing parameters in Python
  • Managing dependencies in a Python project
  • Generating the requirements.txt file
  • Working with virtual environments
  • Using virtualenv and virtualwrapper
  • The STB (Security Tools Builder) module
  • The main development environments for script-development
  • Setting up a development environment
  • Pycharm
  • WingIDE
  • Debugging with WingIDE
  • Summary
  • Questions
  • Further reading
  • Chapter 2: System Programming Packages
  • Technical requirements
  • Introducing system modules in python
  • The system module
  • The operating system module
  • Contents of the current working directory
  • Determining the operating system
  • Subprocess module
  • Working with the filesystem in Python
  • Accessing files and directories
  • Recursing through directories
  • Checking whether a specific path is a file or directory
  • Checking whether a file or directory exists
  • Creating directories in Python
  • Reading and writing files in Python
  • File methods
  • Opening a file
  • With a Context Manager.
  • Reading a file line by line
  • Threads in Python
  • Introduction to Threads
  • Types of threads
  • Processes vs Threads
  • Creating a simple Thread
  • Threading module
  • Multithreading and concurrency in Python
  • Introduction to Multithreading
  • Multithreading in Python
  • Limitations with classic python threads
  • Concurrency in python with ThreadPoolExecutor
  • Creating ThreadPoolExecutor
  • ThreadPoolExecutor in practice
  • Executing ThreadPoolExecutor with Context Manager
  • Python Socket.io
  • Introducing WebSockets
  • aiohttp and asyncio
  • Implementing a Server with socket.io
  • Summary
  • Questions
  • Further reading
  • Chapter 3: Socket Programming
  • Technical requirements
  • Introduction to sockets
  • Network sockets in Python
  • The socket module
  • Socket methods
  • Server socket methods
  • Client socket methods
  • Basic client with the socket module
  • Creating a simple TCP client and TCP server
  • Creating a server and client with sockets
  • Implementing the TCP serverIn this example, we are going to create a multithreaded TCP server.
  • Implementing the TCP client
  • Creating a simple UDP client and UDP server
  • Introduction to the UDP protocol
  • UDP client and server with the socket module
  • Implementing the UDP Server
  • Implementing the UDP client
  • Resolving IP addresses and domains
  • Gathering information with sockets
  • Reverse lookup
  • Practical use cases for sockets
  • Port scanner with sockets
  • Managing socket exceptions
  • Summary
  • Questions
  • Further reading
  • Chapter 4: HTTP Programming
  • Technical requirements
  • HTTP protocol and building HTTP clients in python
  • Introduction to the HTTP Protocol
  • Building an HTTP Client with httplib
  • Building an HTTP Client with urllib2
  • Introduction to urllib2
  • Response objects
  • Status codes
  • Checking HTTP headers with urllib2.
  • Using the urllib2 Request class
  • Customizing requests with urllib2
  • Getting emails from a URL with urllib2
  • Getting links from a URL with urllib2
  • Building an HTTP Client with requests
  • Introduction to requests
  • Requests advantages
  • Making GET Requests with the REST API
  • Making POST Requests with the REST API
  • Making Proxy Requests
  • Managing exceptions with requests
  • Authentication mechanisms with Python
  • Authentication with the requests module
  • HTTP Basic authentication
  • HTTP Digest Authentication
  • Summary
  • Questions
  • Further Reading
  • Chapter 5: Analyzing Network Traffic
  • Technical requirements
  • Capturing and injecting packets with pcapy
  • Introduction to pcapy
  • Capturing packets with pcapy
  • Reading headers from packets
  • Capturing and injecting packets with scapy
  • What can we do with scapy?
  • Scapy advantages and disadvantages
  • Introduction to scapy
  • Scapy commands
  • Sending packets with scapy
  • Packet-sniffing with scapy
  • Using Lamda functions with scapy
  • Filtering UDP packets
  • Port-scanning and traceroute with scapy
  • Port-scanning with scapy
  • Traceroute command with scapy
  • Reading pcap files with scapy
  • Introduction to the PCAP format
  • Reading pcap files with scapy
  • Writing a pcap file
  • Sniffing from a pcap file with scapy
  • Network Forensic with scapy
  • Summary
  • Questions
  • Further reading
  • Chapter 6: Gathering Information from Servers
  • Technical requirements
  • Introduction to gathering information
  • Extracting information from servers with Shodan
  • Introduction to Shodan
  • Accessing Shodan services
  • Shodan filters
  • Shodan search with python
  • Performing searches by a given host
  • Searching for FTP servers
  • Using python to obtain server information
  • Extracting servers banners with python
  • Finding whois information about a server.
  • Getting information on dns servers with DNSPython
  • DNS protocol
  • DNS servers
  • The DNSPython module
  • Getting vulnerable addresses in servers with Fuzzing
  • The Fuzzing process
  • The FuzzDB project
  • Fuzzing with python with pywebfuzz
  • Summary
  • Questions
  • Further reading
  • Chapter 7: Interacting with FTP, SSH, and SNMP Servers
  • Technical requirements
  • Connecting with FTP servers
  • The File Transfer Protocol (FTP)
  • The Python ftplib module
  • Transferring files with FTP
  • Using ftplib to brute force FTP user credentials
  • Building an anonymous FTP scanner with Python
  • Connecting with SSH servers
  • The Secure Shell (SSH) protocol
  • Introduction to Paramiko
  • Installing Paramiko
  • Establishing SSH connection with Paramiko
  • Running commands with Paramiko
  • SSH connection with brute-force processing
  • SSH connection with pxssh
  • Running a command on a remote SSH server
  • Connecting with SNMP servers
  • The Simple Network Management Protocol (SNMP)
  • PySNMP
  • Summary
  • Questions
  • Further reading
  • Chapter 8: Working with Nmap Scanners
  • Technical requirements
  • Introducing port scanning with Nmap
  • Introducing to port scanning
  • Scanning types with Nmap
  • Port scanning with python-nmap
  • Introduction to python-nmap
  • Installing python-nmap
  • Using python-nmap
  • Scan modes with python-nmap
  • Synchronous scanning
  • Asynchronous scanning
  • Vulnerabilities with Nmap scripts
  • Executing Nmap scripts to detect vulnerabilities
  • Detecting vulnerabilities in FTP service
  • Summary
  • Questions
  • Further reading
  • Chapter 9: Connecting with the Metasploit Framework
  • Technical requirements
  • Introducing the Metasploit framework
  • Introduction to exploiting
  • Metasploit framework
  • Metasploit architecture
  • Interacting with the Metasploit framework
  • Introduction to msfconsole.
  • Introduction to the Metasploit exploit module
  • Introduction to the Metasploit payload module
  • Introduction to msgrpc
  • Connecting the Metasploit framework and Python
  • Introduction to MessagePack
  • Installing python-msfrpc
  • Executing API calls
  • Exploiting the Tomcat service with Metasploit
  • Using the tomcat_mgr_deploy exploit
  • Connecting Metasploit with pyMetasploit
  • Introduction to PyMetasploit
  • Interacting with the Metasploit framework from python
  • Summary
  • Questions
  • Further reading
  • Chapter 10: Interacting with the Vulnerabilities Scanner
  • Technical requirements
  • Introducing vulnerabilities
  • Vulnerabilities and exploits
  • What is a vulnerability?
  • What is an exploit?
  • Vulnerabilities format
  • Introducing the Nessus Vulnerabilities scanner
  • Installing the Nessus Vulnerabilities scanner
  • Executing the Nessus Vulnerabilities scanner
  • Identifying vulnerabilities with Nessus
  • Accessing the Nessus API with Python
  • Installing the nessrest Python module
  • Interacting with the nesssus server
  • Introducing the Nexpose Vulnerabilities scanner
  • Installing the Nexpose Vulnerabilities scanner
  • Executing the Nexpose Vulnerabilities scanner
  • Accessing the Nexpose API with Python
  • Installing the pynexpose Python Module
  • Summary
  • Questions
  • Further reading
  • Chapter 11: Identifying Server Vulnerabilities in Web Applications
  • Technical requirements
  • Introducing vulnerabilities in web applications with OWASP
  • Introduction to OWASP
  • OWASP common attacks
  • Testing Cross-site scripting (XSS)
  • W3af scanner vulnerabilities in web applications
  • W3af overview
  • W3AF profiles
  • W3af install
  • W3af in Python
  • Discovering sql vulnerabilities with Python tools
  • Introduction to SQL injection
  • Identifying pages vulnerable to SQL Injection
  • Introducing SQLmap
  • Installing SQLmap.