You're reading from Python for Security and Networking Leverage Python modules and tools in securing your network and applications

Product type Paperback

Published in Jun 2023

Publisher Packt

ISBN-13 9781837637553

Length 586 pages

Edition 3rd Edition

Languages

Python

Concepts

Information Security

Author (1):

José Manuel Ortega

View More author details

Table of Contents (23) Chapters

Preface

1. Section 1: Python Environment and System Programming Tools

2. Working with Python Scripting FREE CHAPTER

3. System Programming Packages

4. Section 2: Network Scripting and Packet Sniffing with Python

5. Socket Programming

6. HTTP Programming and Web Authentication

7. Analyzing Network Traffic and Packet Sniffing

8. Section 3: Server Scripting and Port Scanning with Python

9. Gathering Information from Servers with OSINT Tools

10. Interacting with FTP, SFTP, and SSH Servers

11. Working with Nmap Scanner

12. Section 4: Server Vulnerabilities and Security in Web Applications

13. Interacting with Vulnerability Scanners

14. Interacting with Server Vulnerabilities in Web Applications

15. Obtain Information from Vulnerabilities Databases

16. Section 5: Python Forensics

17. Extracting Geolocation and Metadata from Documents, Images, and Browsers

18. Python Tools for Brute-Force Attacks

19. Cryptography and Code Obfuscation

20. Assessments – Answers to the End-of-Chapter Questions

21. Other Books You May Enjoy

22. Index

WriteHat as a pentesting reports tool

WriteHat is a reporting tool developed in the Django web framework that provides some components to present beautiful reports for penetration/red/blue/purple team engagements. You can find the source code in the GitHub repository: https://github.com/blacklanternsecurity/writehat.

The fastest way to install this tool is by using Docker and docker-compose, which we can install with the following command:

$ sudo apt install docker.io docker-compose

You can deploy WriteHat with the following commands:

$ git clone https://github.com/blacklanternsecurity/writehat
$ cd writehat
$ sudo chmod -R 777 /writehat/static
$ docker-compose up

The previous command will deploy the application using the following docker-compose.yml file:

version: '3.7'
services:
  nginx:
    image: nginx
    volumes:
      - ./nginx:/opt/writehat/nginx
      - ./writehat/config/nginx.conf:/etc/nginx/conf.d/writehat.conf
      - ./writehat/static:/opt/writehat/static
    ports:
      - 80:80
      - 443:443
    restart: unless-stopped
    depends_on:
      - writehat
  writehat:
    build:
      context: .
      dockerfile: ./writehat/config/Dockerfile.app
    command: bash -c "
      sleep 2 &&
      ./manage.py makemigrations writehat &&
      ./manage.py migrate writehat &&
      ./manage.py makemigrations &&
      ./manage.py migrate &&
      uwsgi --socket 0.0.0.0:8000 --plugin-dir=/usr/lib/uwsgi/plugins --plugin python3 -w writehat.wsgi:application --processes=4 --master --vacuum"
    volumes:
      - .:/opt/writehat
    expose:
      - 8000
    restart: unless-stopped
    depends_on:
      - mongo
      - mysql
  mongo:
    image: mongo:4.4
    volumes:
      - ./mongo/configdb:/data/configdb
      - ./mongo/db:/data/db
    environment:
      - MONGO_INITDB_ROOT_USERNAME=root
      - MONGO_INITDB_ROOT_PASSWORD=FORTHELOVEOFGEEBUSPLEASECHANGETHIS
    expose:
      - 27017
  mysql:
    image: mysql:5
    volumes:
      - ./mysql:/var/lib/mysql
    environment:
      MYSQL_ROOT_PASSWORD: CHANGETHISIFYOUAREANINTELLIGENTHUMANBEING
      MYSQL_DATABASE: writehat
      MYSQL_USER: writehat
      MYSQL_PASSWORD: CHANGETHISIFYOUAREANINTELLIGENTHUMANBEING
    expose:
      - 3306
    restart: unless-stopped
  chrome:
    image: selenium/standalone-chrome:latest
    expose:
      - 4444
    depends_on:
      - writehat

We could start creating an engagement that is where content is created for a customer. An engagement is an overarching container that will hold reports and findings.

Figure 9.28: Creating an engagement

We could continue creating a report template that contains the components we are going to use to generate the report.

Figure 9.29: Creating a report template

We could continue creating a collection of findings that are scored in the same way (CVSS or DREAD). At this point, we could create several findings per engagement.

Figure 9.30: Search Findings Database

When creating a new finding, you have the possibility to select the level of criticality for each of the characteristics, among which we can highlight: Attack Vector, Attack Complexity, Privileges Required, User Interaction, Scope, Confidentiality, Integrity, Availability, Exploit Code Maturity, Remediation Level, Report Confidence, Confidentiality Requirement, and Integrity Requirement.

Figure 9.31: Creating a new finding

In the following screenshot, we can see the details of the Attack Vector feature:

Figure 9.32: Attack Vector feature

At this point, our objective would be to select, for each feature, the level of criticality for the vulnerability we have detected. The Common Vulnerability Scoring System, or CVSS, is a scoring system that allows the severity level of a security flaw to be defined numerically. This tells researchers how damaging it is to exploit the vulnerability. For an attacker, high vulnerability scores mean an opportunity to seriously harm a target.

For an ethical hacker, the base score indicates how alarming the characteristics of a vulnerability are.

Figure 9.33: CVSS risk diagram

To obtain the CVSS value, there are sets of base metrics to determine the CVSS of a vulnerability. There are also CVSS calculators that apply these metrics to represent the risk of a security flaw.

The National Vulnerability Database calculator, https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator, is a standard tool for calculating the CVSS of a security flaw.

Figure 9.34: Common Vulnerability Scoring System Calculator

In this calculator, you can find several different variables that you can fill in with information to find the CVSS of the vulnerability. A high CVSS score implies a high-risk security flaw, while a low CVSS score means a moderate threat level. The higher the CVSS score, the more urgency there is to fix the flaw and the greater the potential for harm to a system or company for the cybercriminal exploiting the system.

The rest of the chapter is locked

You're reading from Python for Security and Networking Leverage Python modules and tools in securing your network and applications

Table of Contents (23) Chapters

WriteHat as a pentesting reports tool

Authors (2)

Personalised recommendations for you

You're reading from Python for Security and Networking Leverage Python modules and tools in securing your network and applications

Table of Contents (23) Chapters

WriteHat as a pentesting reports tool

Unlock this book and the full library FREE for 7 days

Authors (2)

Personalised recommendations for you