Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Checkout

Change country

Modal Close icon
Country selected Country selected
country flag United States
Country selected
country flag Great Britain
Country selected
country flag India
Country selected
country flag Germany
Country selected
country flag France
Country selected
country flag Canada
Country selected
country flag Russia
Country selected
country flag Spain
Country selected
country flag Brazil
Country selected
country flag Australia
Country selected
country flag Singapore
Country selected
country flag Hungary
Country selected
country flag Ukraine
Country selected
country flag Luxembourg
Country selected
country flag Estonia
Country selected
country flag Lithuania
Country selected
country flag South Korea
Country selected
country flag Turkey
Country selected
country flag Switzerland
Country selected
country flag Colombia
Country selected
country flag Taiwan
Country selected
country flag Chile
Country selected
country flag Norway
Country selected
country flag Ecuador
Country selected
country flag Indonesia
Country selected
country flag New Zealand
Country selected
country flag Cyprus
Country selected
country flag Denmark
Country selected
country flag Finland
Country selected
country flag Poland
Country selected
country flag Malta
Country selected
country flag Czechia
Country selected
country flag Austria
Country selected
country flag Sweden
Country selected
country flag Italy
Country selected
country flag Egypt
Country selected
country flag Belgium
Country selected
country flag Portugal
Country selected
country flag Slovenia
Country selected
country flag Ireland
Country selected
country flag Romania
Country selected
country flag Greece
Country selected
country flag Argentina
Country selected
country flag Netherlands
Country selected
country flag Bulgaria
Country selected
country flag Latvia
Country selected
country flag South Africa
Country selected
country flag Malaysia
Country selected
country flag Japan
Country selected
country flag Slovakia
Country selected
country flag Philippines
Country selected
country flag Mexico
Country selected
country flag Thailand
Country selected
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Home > Security > Penetration Testing > Python Penetration Testing Essentials
Python Penetration Testing Essentials
Python Penetration Testing Essentials

Python Penetration Testing Essentials: Employ the power of Python to get the best out of pentesting

Arrow left icon
Profile Icon Mohit Raj
Arrow right icon
Free Trial
Full star icon Full star icon Full star icon Empty star icon Empty star icon 3 (9 Ratings)
Paperback Jan 2015 178 pages 1st Edition
eBook
Can$29.99 Can$33.99
Paperback
Can$41.99
Subscription
Free Trial
Arrow left icon
Profile Icon Mohit Raj
Arrow right icon
Free Trial
Full star icon Full star icon Full star icon Empty star icon Empty star icon 3 (9 Ratings)
Paperback Jan 2015 178 pages 1st Edition
eBook
Can$29.99 Can$33.99
Paperback
Can$41.99
Subscription
Free Trial
eBook
Can$29.99 Can$33.99
Paperback
Can$41.99
Subscription
Free Trial

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing
Table of content icon View table of contents Preview book icon Preview Book

Python Penetration Testing Essentials

Chapter 1. Python with Penetration Testing and Networking

Penetration (pen) tester and hacker are similar terms. The difference is that penetration testers work for an organization to prevent hacking attempts, while hackers hack for any purpose such as fame, selling vulnerability for money, or to exploit vulnerability for personal enmity.

Lots of well-trained hackers have got jobs in the information security field by hacking into a system and then informing the victim of the security bug(s) so that they might be fixed.

A hacker is called a penetration tester when they work for an organization or company to secure its system. A pentester performs hacking attempts to break the network after getting legal approval from the client and then presents a report of their findings. To become an expert in pentesting, a person should have deep knowledge of the concepts of their technology. In this chapter, we will cover the following topics:

  • The scope of pentesting
  • The need for pentesting
  • Components to be tested
  • Qualities of a good pentester
  • Approaches of pentesting
  • Understanding the tests and tools you'll need
  • Network sockets
  • Server socket methods
  • Client socket methods
  • General socket methods
  • Practical examples of sockets
  • Socket exceptions
  • Useful socket methods

Introducing the scope of pentesting

In simple words, penetration testing is to test the information security measures of a company. Information security measures entail a company's network, database, website, public-facing servers, security policies, and everything else specified by the client. At the end of the day, a pentester must present a detailed report of their findings such as weakness, vulnerability in the company's infrastructure, and the risk level of particular vulnerability, and provide solutions if possible.

The need for pentesting

There are several points that describe the significance of pentesting:

  • Pentesting identifies the threats that might expose the confidentiality of an organization
  • Expert pentesting provides assurance to the organization with a complete and detailed assessment of organizational security
  • Pentesting assesses the network's efficiency by producing huge amount of traffic and scrutinizes the security of devices such as firewalls, routers, and switches
  • Changing or upgrading the existing infrastructure of software, hardware, or network design might lead to vulnerabilities that can be detected by pentesting
  • In today's world, potential threats are increasing significantly; pentesting is a proactive exercise to minimize the chance of being exploited
  • Pentesting ensures whether suitable security policies are being followed or not

Consider an example of a well-reputed e-commerce company that makes money from online business. A hacker or group of black hat hackers find a vulnerability in the company's website and hack it. The amount of loss the company will have to bear will be tremendous.

Components to be tested

An organization should conduct a risk assessment operation before pentesting; this will help identify the main threats such as misconfiguration or vulnerability in:

  • Routers, switches, or gateways
  • Public-facing systems; websites, DMZ, e-mail servers, and remote systems
  • DNS, firewalls, proxy servers, FTP, and web servers

Testing should be performed on all hardware and software components of a network security system.

Qualities of a good pentester

The following points describe the qualities of good pentester. They should:

  • Choose a suitable set of tests and tools that balance cost and benefits
  • Follow suitable procedures with proper planning and documentation
  • Establish the scope for each penetration test, such as objectives, limitations, and the justification of procedures
  • Be ready to show how to exploit the vulnerabilities
  • State the potential risks and findings clearly in the final report and provide methods to mitigate the risk if possible
  • Keep themselves updated at all times because technology is advancing rapidly

A pentester tests the network using manual techniques or the relevant tools. There are lots of tools available in the market. Some of them are open source and some of them are highly expensive. With the help of programming, a programmer can make his own tools. By creating your own tools, you can clear your concepts and also perform more R&D. If you are interested in pentesting and want to make your own tools, then the Python programming language is the best, as extensive and freely available pentesting packages are available in Python, in addition to its ease of programming. This simplicity, along with the third-party libraries such as scapy and mechanize, reduces code size. In Python, to make a program, you don't need to define big classes such as Java. It's more productive to write code in Python than in C, and high-level libraries are easily available for virtually any imaginable task.

If you know some programming in Python and are interested in pentesting this book is ideal for you.

Defining the scope of pentesting

Before we get into pentesting, the scope of pentesting should be defined. The following points should be taken into account while defining the scope:

  • You should develop the scope of the project in consultation with the client. For example, if Bob (the client) wants to test the entire network infrastructure of the organization, then pentester Alice would define the scope of pentesting by taking this network into account. Alice will consult Bob on whether any sensitive or restricted areas should be included or not.
  • You should take into account time, people, and money.
  • You should profile the test boundaries on the basis of an agreement signed by the pentester and the client.
  • Changes in business practice might affect the scope. For example, the addition of a subnet, new system component installations, the addition or modification of a web server, and so on, might change the scope of pentesting.

The scope of pentesting is defined in two types of tests:

  • A non-destructive test: This test is limited to finding and carrying out the tests without any potential risks. It performs the following actions:
    • Scans and identifies the remote system for potential vulnerabilities
    • Investigates and verifies the findings
    • Maps the vulnerabilities with proper exploits
    • Exploits the remote system with proper care to avoid disruption
    • Provides a proof of concept
    • Does not attempt a Denial-of-Service (DoS) attack
  • A destructive test: This test can produce risks. It performs the following actions:
    • Attempts DoS and buffer overflow attacks, which have the potential to bring down the system

Approaches to pentesting

There are three types of approaches to pentesting:

  • Black-box pentesting follows non-deterministic approach of testing
    • You will be given just a company name
    • It is like hacking with the knowledge of an outside attacker
    • There is no need of any prior knowledge of the system
    • It is time consuming
  • White-box pentesting follows deterministic approach of testing
    • You will be given complete knowledge of the infrastructure that needs to be tested
    • This is like working as a malicious employee who has ample knowledge of the company's infrastructure
    • You will be provided information on the company's infrastructure, network type, company's policies, do's and don'ts, the IP address, and the IPS/IDS firewall
  • Gray-box pentesting follows hybrid approach of black and white box testing
    • The tester usually has limited information on the target network/system that is provided by the client to lower costs and decrease trial and error on the part of the pentester
    • It performs the security assessment and testing internally

Introducing Python scripting

Before you start reading this book, you should know the basics of Python programming, such as the basic syntax, variable type, data type tuple, list dictionary, functions, strings, methods, and so on. Two versions, 3.4 and 2.7.8, are available at python.org/downloads/.

In this book, all experiments and demonstration have been done in Python 2.7.8 Version. If you use Linux OS such as Kali or BackTrack, then there will be no issue, because many programs, such as wireless sniffing, do not work on the Windows platform. Kali Linux also uses the 2.7 Version. If you love to work on Red Hat or CentOS, then this version is suitable for you.

Most of the hackers choose this profession because they don't want to do programming. They want to use tools. However, without programming, a hacker cannot enhance his2 skills. Every time, they have to search the tools over the Internet. Believe me, after seeing its simplicity, you will love this language.

Understanding the tests and tools you'll need

As you must have seen, this book is divided into seven chapters. To conduct scanning and sniffing pentesting, you will need a small network of attached devices. If you don't have a lab, you can make virtual machines in your computer. For wireless traffic analysis, you should have a wireless network. To conduct a web attack, you will need an Apache server running on the Linux platform. It will be a good idea to use CentOS or Red Hat Version 5 or 6 for the web server because this contains the RPM of Apache and PHP. For the Python script, we will use the Wireshark tool, which is open source and can be run on Windows as well as Linux platforms.

Learning the common testing platforms with Python

You will now perform pentesting; I hope you are well acquainted with networking fundamentals such as IP addresses, classful subnetting, classless subnetting, the meaning of ports, network addresses, and broadcast addresses. A pentester must be perfect in networking fundamentals as well as at least in one operating system; if you are thinking of using Linux, then you are on the right track. In this book, we will execute our programs on Windows as well as Linux. In this book, Windows, CentOS, and Kali Linux will be used.

A hacker always loves to work on a Linux system. As it is free and open source, Kali Linux marks the rebirth of BackTrack and is like an arsenal of hacking tools. Kali Linux NetHunter is the first open source Android penetration testing platform for Nexus devices. However, some tools work on both Linux and Windows, but on Windows, you have to install those tools. I expect you to have knowledge of Linux. Now, it's time to work with networking on Python.

Network sockets

A network socket address contains an IP address and port number. In a very simple way, a socket is a way to talk to other computers. By means of a socket, a process can communicate with another process over the network.

In order to create a socket, use the socket.socket() function that is available in the socket module. The general syntax of a socket function is as follows:

s = socket.socket (socket_family, socket_type, protocol=0)

Here is the description of the parameters:

socket_family: socket.AF_INET, PF_PACKET

AF_INET is the address family for IPv4. PF_PACKET operates at the device driver layer. The pcap library for Linux uses PF_PACKET. You will see more details on PF_PACKET in Chapter 3, Sniffing and Penetration Testing. These arguments represent the address families and the protocol of the transport layer:

Socket_type : socket.SOCK_DGRAM, socket.SOCK_RAW,socket.SOCK_STREAM

The socket.SOCK_DGRAM argument depicts that UDP is unreliable and connectionless, and socket.SOCK_STREAM depicts that TCP is reliable and is a two-way, connection-based service. We will discuss socket.SOCK_RAW in Chapter 3, Sniffing and Penetration Testing.

protocol

Generally, we leave this argument; it takes 0 if not specified. We will see the use of this argument in Chapter 3, Sniffing and Penetration Testing.

Left arrow icon

Page 1 of 12

Right arrow icon

Description

If you are a Python programmer or a security researcher who has basic knowledge of Python programming and want to learn about penetration testing with the help of Python, this book is ideal for you. Even if you are new to the field of ethical hacking, this book can help you find the vulnerabilities in your system so that you are ready to tackle any kind of attack or intrusion.

Who is this book for?

If you are a Python programmer or a security researcher who has basic knowledge of Python programming and want to learn about penetration testing with the help of Python, this book is ideal for you. Even if you are new to the field of ethical hacking, this book can help you find the vulnerabilities in your system so that you are ready to tackle any kind of attack or intrusion.

What you will learn

  • Monitor the Ethernet IP and TCP traffic over the network
  • Explore wireless traffic with the help of various programs
  • Perform wireless attacks with Python programs
  • Check live systems and distinguish between the operating system and services of a remote machine
  • Broaden your concepts in pentesting right from the basics of the client/server architecture in Python
  • Gather passive information from a website using automated scripts
  • Perform XSS, SQL injection, and parameter tampering attacks

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : Jan 28, 2015
Length: 178 pages
Edition : 1st
Language : English
ISBN-13 : 9781784398583
Category :
Security
Languages :
Python
Concepts :
Penetration Testing

What do you get with a Packt Subscription?

Free for first 7 days. $19.99 p/m after that. Cancel any time!
Product feature icon Unlimited ad-free access to the largest independent learning library in tech. Access this title and thousands more!
Product feature icon 50+ new titles added per month, including many first-to-market concepts and exclusive early access to books as they are being written.
Product feature icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Product feature icon Thousands of reference materials covering every tech concept you need to stay up to date.
Subscribe now
View plans & pricing

Product Details

Publication date : Jan 28, 2015
Length: 178 pages
Edition : 1st
Language : English
ISBN-13 : 9781784398583
Category :
Security
Languages :
Python
Concepts :
Penetration Testing

Packt Subscriptions

See our plans and pricing
Modal Close icon
$19.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
START FREE TRIAL
BUY NOW
$199.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just Can$6 each
Feature tick icon Exclusive print discounts
START FREE TRIAL
BUY NOW
$279.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just Can$6 each
Feature tick icon Exclusive print discounts
START FREE TRIAL
BUY NOW

Frequently bought together

Python Web Penetration Testing Cookbook
Python Web Penetration Testing Cookbook
Read more
Jun 2015 224 pages
Full star icon 3.5 (4)
eBook
eBook
  • eBook eBook Can$44.98
  • Paperback Paperback Can$61.99
Can$44.98 Can$49.99
Can$61.99
Python Penetration Testing Essentials
Python Penetration Testing Essentials
Read more
Jan 2015 178 pages
Full star icon 3 (9)
eBook
eBook
  • eBook eBook Can$29.99
  • Paperback Paperback Can$41.99
Can$29.99 Can$33.99
Can$41.99
Kali Linux: Wireless Penetration Testing Beginner's Guide, Second Edition
Kali Linux: Wireless Penetration Testing Beginner's Guide, Second Edition
Read more
Mar 2015 214 pages
Full star icon 4.5 (44)
eBook
eBook
  • eBook eBook Can$44.98
  • Paperback Paperback Can$61.99
Can$44.98 Can$49.99
Can$61.99
Stars icon
Total Can$ 165.97
Python Web Penetration Testing Cookbook
Can$61.99
Python Penetration Testing Essentials
Can$41.99
Kali Linux: Wireless Penetration Testing Beginner's Guide, Second Edition
Can$61.99
Total Can$ 165.97 Stars icon

Table of Contents

8 Chapters
1. Python with Penetration Testing and Networking Chevron down icon Chevron up icon
1. Python with Penetration Testing and Networking
Introducing the scope of pentesting
Approaches to pentesting
Introducing Python scripting
Understanding the tests and tools you'll need
Learning the common testing platforms with Python
Network sockets
Server socket methods
Client socket methods
General socket methods
Moving on to the practical
Summary
2. Scanning Pentesting Chevron down icon Chevron up icon
2. Scanning Pentesting
How to check live systems in a network and the concept of a live system
What are the services running on the target machine?
Summary
3. Sniffing and Penetration Testing Chevron down icon Chevron up icon
3. Sniffing and Penetration Testing
Introducing a network sniffer
Implementing a network sniffer using Python
Learning about packet crafting
Introducing ARP spoofing and implementing it using Python
Testing the security system using custom packet crafting and injection
Summary
4. Wireless Pentesting Chevron down icon Chevron up icon
4. Wireless Pentesting
Wireless SSID finding and wireless traffic analysis by Python
Wireless attacks
Summary
5. Foot Printing of a Web Server and a Web Application Chevron down icon Chevron up icon
5. Foot Printing of a Web Server and a Web Application
The concept of foot printing of a web server
Introducing information gathering
Information gathering of a website from SmartWhois by the parser BeautifulSoup
Banner grabbing of a website
Hardening of a web server
Summary
6. Client-side and DDoS Attacks Chevron down icon Chevron up icon
6. Client-side and DDoS Attacks
Introducing client-side validation
Tampering with the client-side parameter with Python
Effects of parameter tampering on business
Introducing DoS and DDoS
Summary
7. Pentesting of SQLI and XSS Chevron down icon Chevron up icon
7. Pentesting of SQLI and XSS
Introducing the SQL injection attack
Types of SQL injections
Understanding the SQL injection attack by a Python script
Learning about Cross-Site scripting
Summary
Index Chevron down icon Chevron up icon
Index

Recommendations for you

Left arrow icon
CompTIA Security+ SY0-701 Certification Guide
CompTIA Security+ SY0-701 Certification Guide
Read more
Jan 2024 634 pages
Full star icon 4.9 (231)
Paperback
Paperback
  • Paperback Paperback Can$56.99
Can$56.99
Bash Shell Scripting for Pentesters
Bash Shell Scripting for Pentesters
Read more
Dec 2024 402 pages
eBook
eBook
  • eBook eBook Can$40.99
  • Paperback Paperback Can$56.99
Can$40.99 Can$45.99
Can$56.99
The Ultimate Kali Linux Book
The Ultimate Kali Linux Book
Read more
Apr 2024 828 pages
Full star icon 4.8 (30)
eBook
eBook
  • eBook eBook Can$49.99
  • Paperback Paperback Can$69.99
Can$49.99 Can$55.99
Can$69.99
Microsoft Defender for Identity in Depth
Microsoft Defender for Identity in Depth
Read more
Dec 2024 380 pages
eBook
eBook
  • eBook eBook Can$40.99
  • Paperback Paperback Can$56.99
Can$40.99 Can$45.99
Can$56.99
CompTIA Security+ SY0-701 Practice Tests
CompTIA Security+ SY0-701 Practice Tests
Read more
Dec 2024 260 pages
Paperback
Paperback
  • Paperback Paperback Can$31.99
Can$31.99
Mastering Linux Security and Hardening
Mastering Linux Security and Hardening
Read more
Feb 2023 618 pages
Full star icon 4.6 (34)
eBook
eBook
  • eBook eBook Can$44.99
  • Paperback Paperback Can$63.99
Can$44.99 Can$50.99
Can$63.99
Malware Development for Ethical Hackers
Malware Development for Ethical Hackers
Read more
Jun 2024 390 pages
Full star icon 4.3 (9)
eBook
eBook
  • eBook eBook Can$49.99
  • Paperback Paperback Can$69.99
Can$49.99 Can$55.99
Can$69.99
Mastering Microsoft Intune
Mastering Microsoft Intune
Read more
Mar 2024 822 pages
Full star icon 4.5 (27)
eBook
eBook
  • eBook eBook Can$49.99
  • Paperback Paperback Can$69.99
Can$49.99 Can$55.99
Can$69.99
Adversarial AI Attacks, Mitigations, and Defense Strategies
Adversarial AI Attacks, Mitigations, and Defense Strategies
Read more
Jul 2024 586 pages
Full star icon 4.9 (13)
eBook
eBook
  • eBook eBook Can$44.99
  • Paperback Paperback Can$63.99
Can$44.99 Can$50.99
Can$63.99
CISA – Certified Information Systems Auditor Study Guide
CISA – Certified Information Systems Auditor Study Guide
Read more
Oct 2024 356 pages
Full star icon 5 (1)
eBook
eBook
  • eBook eBook Can$44.99
  • Paperback Paperback Can$63.99
Can$44.99 Can$50.99
Can$63.99
Right arrow icon

Customer reviews

Top Reviews
  • Top Reviews
  • Most Recent
Rating distribution
Full star icon Full star icon Full star icon Empty star icon Empty star icon 3
(9 Ratings)
5 star 11.1%
4 star 33.3%
3 star 22.2%
2 star 11.1%
1 star 22.2%
Filter icon Filter
Top Reviews
  • Top Reviews
  • Most Recent

Filter reviews by

Kindle Customer Mar 25, 2015
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Although the subject of security is not my area of expertise I bought this book with the idea of grasping the principles of systems / networks penetration in order to become more familiar with the tools used for such purposes.This is the kind of book that not only teaches you something new but does it in a refreshing way. I made me wonder: why would anyone rewrite some well known script in bash (or even a bat file for that matter) in Python ? because we can ! I can hear a lot of voices saying it outloud. But what if I told you that you can rewrite complete tools to sniff a network ? or how about using sockets directly from the command line ? If you ever wondered that too, well this is the book for us.Below you can see an image of my (Enthought Canopy) command line trying to get through the office's Proxy Server using one of the book's scripts.
Amazon Verified review Amazon
perceive Mar 15, 2015
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
We have another Python book, this time dedicated to Penetration Testing.The book itself is as much as use case scenario for using Python as a guide to Pen Testing, so if you are expecting a pen testing education I'd suggest more than this book here.However, if what you are after is how to use Python with real world examples this book may suit your needs. The provided code examples (you can download the code as well from Packt) are all very helpful in understanding where Python can be used in this field.If you have some experience in Pen testing already, the code will be more useful than nearly anything else.The main reason that I reduced the mark to 4 stars was that the books examples are all Python 2, not 3. For a book published in 2015 I'd like to know that the future proofing of my learning was in place. While there is an abundance of Python 2 code out there and it will not be going away anytime soon, the general python community is showing signs that the schism between 2 and 3 are reducing with more and more python 3 code being written. This is a minor issue for me, as most OS that I use will be maintaining support for both as far as I can see into the future.
Amazon Verified review Amazon
Tim Crothers Mar 16, 2015
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
Solid introduction to using Python for Pentesting applications. The book doesn't go into an extreme amount of depth but then this is an "essentials" book. Topic was covered logically and the included sample code makes for a good baseline for crafting your own penetration related tools in Python. The book could use some more editing to clean up errors but they were all minor in nature so I only dinged one star as a result. Overall very good starting place if you wish to learn to craft some of your own tools for doing pentesting in Python. Well worth the purchase price.
Amazon Verified review Amazon
Finn M Glas Jan 14, 2019
Full star icon Full star icon Full star icon Full star icon Empty star icon 4
Good but long read that tought me a lot
Amazon Verified review Amazon
WagesOfSin Jul 08, 2017
Full star icon Full star icon Full star icon Empty star icon Empty star icon 3
Its a pretty good book, I'm half way through and using it to prep me for other Python Pentest books which delve into the topic deeply. I thought a good strategy would be to use this lighter book as an intro for deeper books such as Violent Python. My biggest concern though is the editing! I have have to correct lines in the code which had typos all through out the book.
Amazon Verified review Amazon

People who bought this also bought

Left arrow icon
Mastering Linux Security and Hardening
Mastering Linux Security and Hardening
Read more
Feb 2023 618 pages
Full star icon 4.6 (34)
eBook
eBook
  • eBook eBook Can$44.99
  • Paperback Paperback Can$63.99
Can$44.99 Can$50.99
Can$63.99
Cybersecurity – Attack and Defense Strategies, 3rd edition
Cybersecurity – Attack and Defense Strategies, 3rd edition
Read more
Sep 2022 570 pages
Full star icon 4.9 (42)
eBook
eBook
  • eBook eBook Can$37.99
  • Paperback Paperback Can$53.99
Can$37.99 Can$42.99
Can$53.99
Mastering Windows Security and Hardening
Mastering Windows Security and Hardening
Read more
Aug 2022 816 pages
Full star icon 4.8 (20)
eBook
eBook
  • eBook eBook Can$49.99
  • Paperback Paperback Can$69.99
Can$49.99 Can$55.99
Can$69.99
Digital Forensics and Incident Response
Digital Forensics and Incident Response
Read more
Dec 2022 532 pages
Full star icon 4.9 (15)
eBook
eBook
  • eBook eBook Can$49.99
  • Paperback Paperback Can$69.99
  • Audiobook Audiobook Can$73.99
Can$49.99 Can$55.99
Can$69.99
Can$73.99
Learn Computer Forensics – 2nd edition
Learn Computer Forensics – 2nd edition
Read more
Jul 2022 434 pages
Full star icon 4.8 (63)
eBook
eBook
  • eBook eBook Can$44.99
  • Paperback Paperback Can$63.99
  • Audiobook Audiobook Can$59.99
Can$44.99 Can$50.99
Can$63.99
Can$59.99
Right arrow icon

About the author

Profile icon Mohit Raj
Mohit Raj
Mohit Raj is a Python programmer with a keen interest in the field of information security. He completed his bachelor's degree in technology in computer science from Kurukshetra University, Kurukshetra, and his masters in engineering (2012) in computer science from Thapar University, Patiala. He is a C|EH, ECSA from EC-Council USA and a former IBMer. Mohit currently works at Sapient, and has published several articles in national and international magazines. He is the author of Python Penetration Testing Essentials and Python: Penetration Testing for Developers, also by Packt Publishing.
Read more
See other products by Mohit Raj
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

What is included in a Packt subscription? Chevron down icon Chevron up icon

A subscription provides you with full access to view all Packt and licnesed content online, this includes exclusive access to Early Access titles. Depending on the tier chosen you can also earn credits and discounts to use for owning content

How can I cancel my subscription? Chevron down icon Chevron up icon

To cancel your subscription with us simply go to the account page - found in the top right of the page or at https://subscription.packtpub.com/my-account/subscription - From here you will see the ‘cancel subscription’ button in the grey box with your subscription information in.

What are credits? Chevron down icon Chevron up icon

Credits can be earned from reading 40 section of any title within the payment cycle - a month starting from the day of subscription payment. You also earn a Credit every month if you subscribe to our annual or 18 month plans. Credits can be used to buy books DRM free, the same way that you would pay for a book. Your credits can be found in the subscription homepage - subscription.packtpub.com - clicking on ‘the my’ library dropdown and selecting ‘credits’.

What happens if an Early Access Course is cancelled? Chevron down icon Chevron up icon

Projects are rarely cancelled, but sometimes it's unavoidable. If an Early Access course is cancelled or excessively delayed, you can exchange your purchase for another course. For further details, please contact us here.

Where can I send feedback about an Early Access title? Chevron down icon Chevron up icon

If you have any feedback about the product you're reading, or Early Access in general, then please fill out a contact form here and we'll make sure the feedback gets to the right team. 

Can I download the code files for Early Access titles? Chevron down icon Chevron up icon

We try to ensure that all books in Early Access have code available to use, download, and fork on GitHub. This helps us be more agile in the development of the book, and helps keep the often changing code base of new versions and new technologies as up to date as possible. Unfortunately, however, there will be rare cases when it is not possible for us to have downloadable code samples available until publication.

When we publish the book, the code files will also be available to download from the Packt website.

How accurate is the publication date? Chevron down icon Chevron up icon

The publication date is as accurate as we can be at any point in the project. Unfortunately, delays can happen. Often those delays are out of our control, such as changes to the technology code base or delays in the tech release. We do our best to give you an accurate estimate of the publication date at any given time, and as more chapters are delivered, the more accurate the delivery date will become.

How will I know when new chapters are ready? Chevron down icon Chevron up icon

We'll let you know every time there has been an update to a course that you've bought in Early Access. You'll get an email to let you know there has been a new chapter, or a change to a previous chapter. The new chapters are automatically added to your account, so you can also check back there any time you're ready and download or read them online.

I am a Packt subscriber, do I get Early Access? Chevron down icon Chevron up icon

Yes, all Early Access content is fully available through your subscription. You will need to have a paid for or active trial subscription in order to access all titles.

How is Early Access delivered? Chevron down icon Chevron up icon

Early Access is currently only available as a PDF or through our online reader. As we make changes or add new chapters, the files in your Packt account will be updated so you can download them again or view them online immediately.

How do I buy Early Access content? Chevron down icon Chevron up icon

Early Access is a way of us getting our content to you quicker, but the method of buying the Early Access course is still the same. Just find the course you want to buy, go through the check-out steps, and you’ll get a confirmation email from us with information and a link to the relevant Early Access courses.

What is Early Access? Chevron down icon Chevron up icon

Keeping up to date with the latest technology is difficult; new versions, new frameworks, new techniques. This feature gives you a head-start to our content, as it's being created. With Early Access you'll receive each chapter as it's written, and get regular updates throughout the product's development, as well as the final course as soon as it's ready.We created Early Access as a means of giving you the information you need, as soon as it's available. As we go through the process of developing a course, 99% of it can be ready but we can't publish until that last 1% falls in to place. Early Access helps to unlock the potential of our content early, to help you start your learning when you need it most. You not only get access to every chapter as it's delivered, edited, and updated, but you'll also get the finalized, DRM-free product to download in any format you want when it's published. As a member of Packt, you'll also be eligible for our exclusive offers, including a free course every day, and discounts on new and popular titles.