Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases now! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Python Penetration Testing Essentials

You're reading from   Python Penetration Testing Essentials Techniques for ethical hacking with Python

Arrow left icon
Product type Paperback
Published in May 2018
Publisher
ISBN-13 9781789138962
Length 230 pages
Edition 2nd Edition
Languages
Arrow right icon
Author (1):
Arrow left icon
Mohit Raj Mohit Raj
Author Profile Icon Mohit Raj
Mohit Raj
Arrow right icon
View More author details
Toc

Table of Contents (11) Chapters Close

Preface 1. Python with Penetration Testing and Networking 2. Scanning Pentesting FREE CHAPTER 3. Sniffing and Penetration Testing 4. Network Attacks and Prevention 5. Wireless Pentesting 6. Honeypot – Building Traps for Attackers 7. Foot Printing a Web Server and a Web Application 8. Client-Side and DDoS Attacks 9. Pentesting SQL and XSS 10. Other Books You May Enjoy

Introducing the scope of pentesting

In simple words, penetration testing is used to test the information security measures of a company. Information security measures entail a company's network, database, website, public-facing servers, security policies, and everything else specified by the client. At the end of the day, a pentester must present a detailed report of their findings such as weaknesses, vulnerabilities in the company's infrastructure, and the risk level of particular vulnerabilities, and provide solutions if possible.

The need for pentesting

There are several points that describe the significance of pentesting:

  • Pentesting identifies the threats that might expose the confidentiality of an organization
  • Expert pentesting provides assurance to the organization with a complete and detailed assessment of organizational security
  • Pentesting assesses the network's efficiency by producing a huge amount of traffic and scrutinizes the security of devices such as firewalls, routers, and switches
  • Changing or upgrading the existing infrastructure of software, hardware, or network design might lead to vulnerabilities that can be detected by pentesting
  • In today's world, potential threats are increasing significantly; pentesting is a proactive exercise to minimize the chances of being exploited
  • Pentesting ensures whether suitable security policies are being followed or not

Consider the example of a well-reputed e-commerce company that makes money from an online business. A hacker or a group of black hat hackers find a vulnerability in the company's website and hack it. The amount of loss the company will have to bear will be tremendous.

Components to be tested

An organization should conduct a risk assessment operation before pentesting; this will help identify the main threats such as misconfiguration or vulnerability in:

  • Routers, switches, or gateways
  • Public-facing systems; websites, DMZ, email servers, and remote systems
  • DNS, firewalls, proxy servers, FTP, and web servers

Testing should be performed on all hardware and software components of a network security system.

Qualities of a good pentester

The following points describe the qualities of a good pentester. They should:

  • Choose a suitable set of tests and tools that balance cost and benefits
  • Follow suitable procedures with proper planning and documentation
  • Establish the scope for each penetration test, such as objectives, limitations, and the justification of procedures
  • Be ready to show how to exploit the vulnerabilities that they find
  • State the potential risks and findings clearly in the final report and provide methods to mitigate the risk(s) if possible
  • Keep themselves updated at all times because technology is advancing rapidly

A pentester tests the network using manual techniques or the relevant tools. There are lots of tools available on the market. Some of them are open source and some of them are highly expensive. With the help of programming, a programmer can make his/her own tools. By creating your own tools, you can clear your concepts and also perform more R&D. If you are interested in pentesting and want to make your own tools, then the Python programming language is the best, since extensive and freely available pentesting packages are available in Python, in addition to its ease of programming. This simplicity, along with the third-party libraries such as scapy and mechanize, reduces the code size. In Python, to make a program, you don't need to define big classes such as Java. It's more productive to write code in Python than in C, and high-level libraries are easily available for virtually any imaginable task.

If you know some programming in Python and are interested in pentesting, this book is perfect for you.

Defining the scope of pentesting

Before we get into pentesting, the scope of pentesting should be defined. The following points should be taken into account while defining the scope:

  • You should develop the scope of the project by consulting with the client. For example, if Bob (the client) wants to test the entire network infrastructure of the organization, then pentester Alice would define the scope of pentesting by taking this network into account. Alice will consult Bob on whether any sensitive or restricted areas should be included or not.
  • You should take into account time, people, and money.
  • You should profile the test boundaries on the basis of an agreement signed by the pentester and the client.
  • Changes in business practice might affect the scope. For example, the addition of a subnet, new system component installations, the addition or modification of a web server, and so on, might change the scope of pentesting.

The scope of pentesting is defined in two types of tests:

  • A non-destructive test: This test is limited to finding and carrying out the tests without any potential risks. It performs the following actions:
    • Scans and identifies the remote system for potential vulnerabilities
    • Investigates and verifies the findings
    • Maps the vulnerabilities with proper exploits
    • Exploits the remote system with proper care to avoid disruption
    • Provides a proof of concept
    • Does not attempt a Denial-of-Service (DoS) attack
  • A destructive test: This test can produce risks. It performs the following actions:
    • Attempts a DoS attack and a buffer overflow attack, which have the potential to bring down the system
lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime