Learning Penetration Testing with Python

**Utilize Python scripting to execute effective and efficient penetration

tests**

About This Book Understand how and where Python scripts meet the need for

penetration testing Familiarise yourself with the process of highlighting a

specific methodology to exploit an environment to fetch critical data Develop

your Python and penetration testing skills with real-world examples Who This

Book Is For

If you are a security professional or researcher, with knowledge of different

operating systems and a conceptual idea of penetration testing, and you would

like to grow your knowledge in Python, then this book is ideal for you.

What You Will Learn Familiarise yourself with the generation of Metasploit

resource files Use the Metasploit Remote Procedure Call (MSFRPC) to automate

exploit generation and execution Use Python's Scrapy, network, socket, office,

Nmap libraries, and custom modules Parse Microsoft Office spreadsheets and

eXtensible Markup Language (XML) data files Write buffer overflows and reverse

Metasploit modules to expand capabilities Exploit Remote File Inclusion (RFI)

to gain administrative access to systems with Python and other scripting

languages Crack an organization's Internet perimeter Chain exploits to gain

deeper access to an organization's resources Interact with web services with

Python In Detail

Python is a powerful new-age scripting platform that allows you to build

exploits, evaluate services, automate, and link solutions with ease. Python is

a multi-paradigm programming language well suited to both object-oriented

application development as well as functional design patterns. Because of the

power and flexibility offered by it, Python has become one of the most popular

languages used for penetration testing.

This book highlights how you can evaluate an organization methodically and

realistically. Specific tradecraft and techniques are covered that show you

exactly when and where industry tools can and should be used and when Python

fits a need that proprietary and open source solutions do not.

Initial methodology, and Python fundamentals are established and then built

on. Specific examples are created with vulnerable system images, which are

available to the community to test scripts, techniques, and exploits. This

book walks you through real-world penetration testing challenges and how

Python can help.

From start to finish, the book takes you through how to create Python scripts

that meet relative needs that can be adapted to particular situations. As

chapters progress, the script examples explain new concepts to enhance your

foundational knowledge, culminating with you being able to build multi-

threaded security tools, link security tools together, automate reports,

create custom exploits, and expand Metasploit modules.

Style and approach

This book is a practical guide that will help you become better penetration

testers and/or Python security tool developers. Each chapter builds on

concepts and tradecraft using detailed examples in test environments that you

can simulate.