Chapter 1, Introduction to Python, covers the basics of Python, focusing primarily on data types, variables, expressions, and program structures utilized by Python. The objective is to familiarize the reader with the basics of the Python programming language with a view to using and leveraging it in forthcoming chapters.
Chapter 2, Building Python Scripts, covers further concepts of Python that form the basis for writing a Python script, while also exploring concepts such as functions, modules, loops, packages, and imports.
Chapter 3, Concept Handling, introduces the reader to other Python-related concepts, including classes, objects, IO and directory access, regular expressions, exception handling, and the parsing of CSV, JSON, and XML files.
Chapter 4, Advanced Python Modules, takes the learning process to an advanced level and explores the power of Python to understand multiprocessing and multithreading concepts, along with socket programming.
Chapter 5, Vulnerability Scanner Python - Part 1, explores the advanced concepts that are required in order to make a mini vulnerability scanning engine, which would take the port scanning results from a custom port scanner build over Nmap and apply various open source scripts and Metasploit modules, along with Python, Ruby, and NSE scripts. The results would be aggregated and finally, a report would be drafted for analysts to analyze. This chapter is very big in terms of complexity and lines of code and is split into two pars. This part focuses on the automation of port scanning with Python.
Chapter 6, Vulnerability Scanner Python - Part 2, explores the advanced concepts that are required in order to make a mini vulnerability scanning engine. This chapter is a continuation of the previous chapter, with the reader learning how to orchestrate a variety of Kali Linux tools to work together in order to automate the service enumeration phase of the vulnerability assessment, thereby completing the development of the custom vulnerability scanner.
Chapter 7, Machine Learning and Cybersecurity, tries to connect the cyber security space with data science and shed some light as to how we can use machine learning and natural language processing to automate the manual report analysis phase of penetration testing. This chapter will also glue all the previous parts together to make a mini penetration testing toolkit based on the learning we have acquired hitherto.
Chapter 8, Automating Web Application Scanning - Part 1, explains to readers how they can use Python to automate various web application attack categories, with some of the most well known being SQL injection, XSS, CSRF, and clickjacking.
Chapter 9, Automated Web Application Scanning - Part 2, is a continuation of the previous chapter. Here, the reader is going to understand how they can use Python to develop custom exploits that will exploit the web application and end up giving shell access to a user using Python.
Chapter 10, Building a Custom Crawler, explains how to build a custom crawler coded in Python in order to crawl through the application, with and without authentication, while listing out injection points and web pages of the application under testing. The capabilities of the crawler can be extended and tailored as per requirements.
Chapter 11, Reverse Engineering Linux Applications and Buffer Overflows, explains how to perform reverse engineering with Linux applications. The reader is also going to understand how Python can be used in aiding buffer overflow vulnerabilities in the Linux environment. The chapter also guides readers on custom exploit development, targeting buffer overflow vulnerabilities.
Chapter 12, Reverse Engineering Windows Applications, explains how to perform reverse engineering with Windows applications and how Python can be used in aiding buffer overflow vulnerabilities in the Windows environment. The chapter also guides readers on custom exploit development, targeting buffer overflow vulnerabilities.
Chapter 13, Exploit Development, explains how readers can create their own exploits written in Python, exploits that can be extended as Metasploit modules, and also covers the encoding of shells to avoid detection.
Chapter 14, Cyber Threat Intelligence, guides readers on how to use Python for cyber threat intelligence and the gathering of threat feeds, threat scoring, and finally, how to utilize the information obtained such that the SIEMs, IPS, and IDS systems are powered by the latest threat information to aid in early detection.
Chapter 15, Other Wonders of Python, covers how to use Python for extracting Google browser-saved passwords, developing a custom keylogger, parsing Nessus and Nmap report files, and more.
