Python for Offensive PenTest a practical guide to ethical hacking and penetration testing using Python.
Material type:
TextPublication details: Birmingham Packt Publishing, 2018Description: 1 online resource (169 pages)ISBN: 9781788832465; 1788832469Subject(s): Python (Computer program language) | Penetration testing (Computer security) | Application software -- Testing | COMPUTERS / Programming Languages / Python | COMPUTERS / Software Development & Engineering / Quality Assurance & Testing | Application software -- TestingGenre/Form: EBSCO eBooks | Electronic books. DDC classification: 005.133 LOC classification: QA76.73.P98 | .K473 2018ebOnline resources: EBSCOhost Print version record.
Cover; Title Page; Copyright and Credits; Packt Upsell; Contributors; Table of Contents; Preface; Chapter 1: Warming up -- Your First Antivirus-Free Persistence Shell; Preparing the attacker machine; Setting up internet access; Preparing the target machine; TCP reverse shell; Coding a TCP reverse shell; Server side; Client side; Data exfiltration -- TCP; Server side; Client side; Exporting to EXE; HTTP reverse shell; Coding the HTTP reverse shell; Server side; Client side; Data exfiltration -- HTTP; Client side; Server side; Exporting to EXE; Persistence; Making putty.exe persistent.
Making a persistent HTTP reverse shellTuning the connection attempts; Tips for preventing a shell breakdown; Countermeasures; Summary; Chapter 2: Advanced Scriptable Shell; Dynamic DNS; DNS aware shell; Interacting with Twitter; Parsing a tweet in three lines; Countermeasures; Replicating Metasploit's screen capturing; Replicating Metasploit searching for content; Target directory navigation; Integrating low-level port scanner; Summary; Chapter 3: Password Hacking; Antivirus free keylogger; Installing pyHook and pywin; Adding code to keylogger; Hijacking KeePass password manager.
Man in the browserFirefox process; Firefox API hooking with Immunity Debugger; Python in Firefox proof of concept (PoC); Python in Firefox EXE; Dumping saved passwords out of Google Chrome; Acquiring the password remotely; Submitting the recovered password over HTTP session; Testing the file against antivirus; Password phishing -- DNS poisoning; Using Python script; Facebook password phishing; Countermeasures; Securing the online account; Securing your computer; Securing your network; Keeping a watch on any suspicious activity; Summary; Chapter 4: Catch Me If You Can!
Bypassing host-based firewallsHijacking IE; Bypassing reputation filtering in next generation firewalls; Interacting with SourceForge; Interacting with Google Forms; Bypassing botnet filtering; Bypassing IPS with handmade XOR encryption; Summary; Chapter 5: Miscellaneous Fun in Windows; Privilege escalation -- weak service file; Privilege escalation -- preparing vulnerable software; Privilege escalation -- backdooring legitimate windows service; Privilege escalation -- creating a new admin account and covering the tracks; Summary; Chapter 6: Abuse of Cryptography by Malware.
Introduction to encryption algorithmsProtecting your tunnel with AES -- stream mode; Cipher Block Chaining (CBC) mode encryption; Counter (CTR) mode encryption ; Protecting your tunnel with RSA; Hybrid encryption key; Summary; Other Books You May Enjoy; Index.
Python is an easy-to-learn and cross-platform programming language which has unlimited third-party libraries. Plenty of open source hacking tools are written in Python and can be easily integrated within your script. This book is divided into clear bite-size chunks so you can learn at your own pace and focus on the areas of most interest to ...
There are no comments on this title.