Search icon Close icon
Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Checkout

Change country

Modal Close icon
Country selected Country selected
country flag United States
Country selected
country flag Great Britain
Country selected
country flag India
Country selected
country flag Germany
Country selected
country flag France
Country selected
country flag Canada
Country selected
country flag Russia
Country selected
country flag Spain
Country selected
country flag Brazil
Country selected
country flag Australia
Country selected
country flag Singapore
Country selected
country flag Hungary
Country selected
country flag Ukraine
Country selected
country flag Luxembourg
Country selected
country flag Estonia
Country selected
country flag Lithuania
Country selected
country flag South Korea
Country selected
country flag Turkey
Country selected
country flag Switzerland
Country selected
country flag Colombia
Country selected
country flag Taiwan
Country selected
country flag Chile
Country selected
country flag Norway
Country selected
country flag Ecuador
Country selected
country flag Indonesia
Country selected
country flag New Zealand
Country selected
country flag Cyprus
Country selected
country flag Denmark
Country selected
country flag Finland
Country selected
country flag Poland
Country selected
country flag Malta
Country selected
country flag Czechia
Country selected
country flag Austria
Country selected
country flag Sweden
Country selected
country flag Italy
Country selected
country flag Egypt
Country selected
country flag Belgium
Country selected
country flag Portugal
Country selected
country flag Slovenia
Country selected
country flag Ireland
Country selected
country flag Romania
Country selected
country flag Greece
Country selected
country flag Argentina
Country selected
country flag Netherlands
Country selected
country flag Bulgaria
Country selected
country flag Latvia
Country selected
country flag South Africa
Country selected
country flag Malaysia
Country selected
country flag Japan
Country selected
country flag Slovakia
Country selected
country flag Philippines
Country selected
country flag Mexico
Country selected
country flag Thailand
Country selected
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Python: Penetration Testing for Developers

You're reading from   Python: Penetration Testing for Developers Execute effective tests to identify software vulnerabilities

Arrow left icon
Product type Course
Published in Oct 2016
Publisher Packt
ISBN-13 9781787128187
Length 650 pages
Edition 1st Edition
Languages
Tools
Concepts
Arrow right icon
Authors (6):
Arrow left icon
Christopher Duffy Christopher Duffy
Author Profile Icon Christopher Duffy
Christopher Duffy
Christopher Duffy currently leads cybersecurity and penetration testing engagements globally. He has a specialization in advanced technical testing, including penetration testing and security assessment done to evaluate an organization's security strategy from a malicious actor's perspective. He has worked a lot with both network and system engineering teams to evaluate critical system data flows, and identified areas where controls can be put in place to prevent a breach of sensitive or critical data. His work with multiple organizations has been key to protecting resources based on the information they have held, which has helped reduce risks while maintaining resilient and cost-effective security postures. Chris has over 12 years of experience in the information technology and security areas, including security consultation, with a focus on business risk. He has helped build advanced attack and penetration teams. The work that his teams have done has encompassed everything from threat modeling and penetration tests to firewall reviews and FedRAMP readiness assessments. Chris has led, managed, and executed over 400 engagements for Fortune 500 companies, U.S. government entities, medical providers and payers, educational institutes, financial services, research organizations, and cloud providers. For almost a decade prior to private sector work, Chris was a cyber warfare specialist, senior systems engineer, and network infrastructure supervisor for the United States Air Force (USAF). He has been honored with numerous technical and leadership awards. Some of these include the (ISC)2 Information Security Leadership Award (ISLA) for the information security practitioner category in 2013, the noncommissioned officer of the year (both at the base and wing levels) in 2011, and the top technician within the cyber transport career field for the United States Air Force (USAF) Intelligence Surveillance and Reconnaissance Agency. He is a distinguished graduate of USAF network warfare training and has publications to his credit in SANS Reading Room, Hackin9 magazine, eForensics magazine and PenTest magazine. He holds 23 certifications, a degree in computer science, and a master's degree in information security and assurance.
Read more
See other products by Christopher Duffy
Mohit Raj Mohit Raj
Author Profile Icon Mohit Raj
Mohit Raj
Mohit Raj is a Python programmer with a keen interest in the field of information security. He completed his bachelor's degree in technology in computer science from Kurukshetra University, Kurukshetra, and his masters in engineering (2012) in computer science from Thapar University, Patiala. He is a C|EH, ECSA from EC-Council USA and a former IBMer. Mohit currently works at Sapient, and has published several articles in national and international magazines. He is the author of Python Penetration Testing Essentials and Python: Penetration Testing for Developers, also by Packt Publishing.
Read more
See other products by Mohit Raj
Dave Mound Dave Mound
Author Profile Icon Dave Mound
Dave Mound
Dave Mound is a security consultant. He is a Microsoft Certified Application Developer but spends more time developing Python programs these days. He has been studying information security since 1994 and holds the following qualifications: C|EH, SSCP, and MCAD. He recently studied for OSCP certification but is still to appear for the exam. He enjoys talking and presenting and is keen to pass on his skills to other members of the cyber security community. When not attached to a keyboard, he can be found tinkering with his 1978 Chevrolet Camaro. He once wrestled a bear and was declared the winner by omoplata.
Read more
See other products by Dave Mound
Terry Ip Terry Ip
Author Profile Icon Terry Ip
Terry Ip
Terry Ip is a security consultant. After nearly a decade of learning how to support IT infrastructure, he decided that it would be much more fun learning how to break it instead. He is married and lives in Buckinghamshire, where he tends to his chickens.
Read more
See other products by Terry Ip
Cameron Buchanan Cameron Buchanan
Author Profile Icon Cameron Buchanan
Cameron Buchanan
Cameron Buchanan is a penetration tester by trade and a writer in his spare time. He has performed penetration tests around the world for a variety of clients across many industries. Previously, Cameron was a member of the RAF. In his spare time, he enjoys doing stupid things, such as trying to make things fly, getting electrocuted, and dunking himself in freezing cold water. He is married and lives in London.
Read more
See other products by Cameron Buchanan
Andrew Mabbitt Andrew Mabbitt
Author Profile Icon Andrew Mabbitt
Andrew Mabbitt
Andrew Mabbitt is a penetration tester living in London, UK. He spends his time beating down networks, mentoring, and helping newbies break into the industry. In his free time, he loves to travel, break things, and master the art of sarcasm.
Read more
See other products by Andrew Mabbitt
+2 more Show less
Arrow right icon
View More author details
Toc

Table of Contents (32) Chapters Close

Python: Penetration Testing for Developers
Python: Penetration Testing for Developers
Credits
Preface
1. Understanding the Penetration Testing Methodology FREE CHAPTER 2. The Basics of Python Scripting 3. Identifying Targets with Nmap, Scapy, and Python 4. Executing Credential Attacks with Python 5. Exploiting Services with Python 6. Assessing Web Applications with Python 7. Cracking the Perimeter with Python 8. Exploit Development with Python, Metasploit, and Immunity 9. Automating Reports and Tasks with Python 10. Adding Permanency to Python Tools 11. Python with Penetration Testing and Networking 12. Scanning Pentesting 13. Sniffing and Penetration Testing 14. Wireless Pentesting 15. Foot Printing of a Web Server and a Web Application 16. Client-side and DDoS Attacks 17. Pentesting of SQLI and XSS 18. Gathering Open Source Intelligence 19. Enumeration 20. Vulnerability Identification 21. SQL Injection 22. Web Header Manipulation 23. Image Analysis and Manipulation 24. Encryption and Encoding 25. Payloads and Shells 26. Reporting Bibliography
Index

Index

A

  • Access Control List (ACL)
    • about / The execution of file inclusion attacks
  • Access Control Lists (ACL)
    • about / The Scapy library for Python
  • Access Points (AP)
    • about / Layer 2 in wireless networks
  • accounts, and services
    • linkage, finding / Understanding the link between accounts and services
  • ACK flag scanning / ACK flag scanning
  • ACK scans
    • executing / Executing ACK scans
  • Active Directory (AD) / Defining the online credential attack
  • active sniffing / Active sniffing
  • Address Resolution Protocol (ARP)
    • about / Understanding how systems communicate
  • Address Space Layer Randomization (ASLR)
    • about / Understanding protection mechanisms
  • admin console page
    • URL / Understanding the SQL injection attack by a Python script
  • Advanced Encryption Standard (AES) / Veil
  • alternative sites
    • identifying, by spoofing user agents / Identifying alternative sites by spoofing user agents, How it works…
  • American Registry of Internet Numbers (ARIN) / Intelligence gathering
  • American Standard Code for Information Interchange (ASCII)
    • about / Understanding basic buffer overflow
  • AP
    • clients, detecting / Detecting clients of an AP
  • Apache / Introducing information gathering
  • Application Program Interfaces (APIs) / Creating a multiprocessing script in Python
  • Application Programming Interface (API)
    • about / Gathering information using the Shodan API
  • approaches, pen testing
    • black-box pen testing / Approaches to pentesting
    • white-box pen testing / Approaches to pentesting
    • gray-box pen testing / Approaches to pentesting
  • arguments
    • about / Arguments and options
  • arithmetic operators
    • about / Arithmetic operators
  • ARP
    • about / Introducing ARP spoofing and implementing it using Python
    • request / The ARP request
    • reply / The ARP reply
    • cache / The ARP cache
  • ARP cache
    • about / The ARP cache
  • ARP reply
    • about / The ARP reply
  • ARP request
    • about / The ARP request
  • ARP spoofing
    • about / Introducing ARP spoofing and implementing it using Python
    • implementing, with Python / Introducing ARP spoofing and implementing it using Python
  • ASP.NET / Checking the HTTP header
  • assessment methodologies
    • about / Assessment methodologies
    • Open Source Security Testing Methodology Manual (OSSTMM) / Assessment methodologies
    • Open Web Application Security Project (OWASP) / Assessment methodologies
    • National Institute of Standards and Technology (NIST) / Assessment methodologies
  • assessor script
    • about / Your first assessor script
    • reference link / Your first assessor script
  • assignment operators
    • about / Assignment operators
  • Atbash cipher
    • cracking / Cracking the Atbash cipher, How it works…
  • attack path
    • identifying / Identifying the attack path
  • automated fuzzing
    • about / Automated fuzzing, How to do it…, How it works…
  • automated URL-based Cross-site scripting / Automated URL-based Cross-site scripting, How it works…, Automated parameter-based Cross-site scripting, How to do it…, How it works…, There's more…
  • automated URL-based Directory Traversal / Automated URL-based Directory Traversal, How it works…
  • automatic pivot
    • reference link / Understanding the Nmap Grepable output

B

  • backdoors
    • reference link / Exploiting the hosts through RFI
  • backup filenames
    • determining / Determining the backup filenames
  • backup files
    • downloading, from TFTP server / Downloading backup files from a TFTP server
  • Base64 encoding
    • about / Encoding with Base64, How it works…
  • basic buffer overflow
    • about / Understanding basic buffer overflow
  • basic buffer overflow exploit
    • writing / Writing a basic buffer overflow exploit
  • Basic Service Set (BSS)
    • about / Layer 2 in wireless networks
  • Basic Service Set Identifiers (BSSIDs)
    • about / Layer 2 in wireless networks
  • Bcrypt hash
    • generating / Generating a Bcrypt hash, How to do it…, How it works…
    • about / Generating a Bcrypt hash
  • BeautifulSoup
    • URL / Information gathering of a website from SmartWhois by the parser BeautifulSoup
  • BeautifulSoup library / There’s more…
  • BeautifulSoup parser
    • used, for website information gathering from SmartWhois / Information gathering of a website from SmartWhois by the parser BeautifulSoup
  • black-box pen testing / Approaches to pentesting
  • blind SQL Injection
    • exploiting / Exploiting Blind SQL Injection, How it works…
  • blind SQL injection / Blind SQL injection
  • Boolean SQLi
    • exploiting / Exploiting Boolean SQLi, How it works…, There's more…
  • Bourne-again Shell (BASH)
    • about / Understanding the difference between interpreted and compiled languages
  • break condition
    • about / The break condition
  • brute forcing login
    • through authorization header / Brute forcing login through the Authorization header, How it works…, There's more…
  • built-in functions
    • about / Reserved words, keywords, and built-in functions
    • reference link / Reserved words, keywords, and built-in functions
  • Burp Suite / Burp Suite
    • URL / Credential attacks with Burp Suite
    • inboxes, cracking with / Cracking inboxes with Burp Suite

C

  • CAM
    • about / The MAC flooding attack
  • CAM tables
    • switches, using / How the switch uses the CAM tables
  • Capture The Flag (CTF) challenges / Encoding with ROT13
  • Centrify
    • about / Understanding the link between accounts and services
  • Cewl / Cewl
  • chaining, of exploits
    • about / Understanding the chaining of exploits
    • checking for weak, default, or known passwords / Checking for weak, default, or known passwords
    • root access, gaining to system / Gaining root access to the system
    • cracking, of Linux hashes / Understanding the cracking of Linux hashes
    • testing, for synchronization of account credentials / Testing for the synchronization of account credentials
  • Cisco MD5 Hashes
    • cracking / Cracking Cisco MD5 hashes
  • classes
    • about / Classes
  • Classes Inter Domain Routing (CIDR) / Automating the exploit train with Python
  • Classless Inter-domain Routing (CIDR)
    • about / Determining the backup filenames
  • Classless Inter-Domain Routing (CIDR)
    • about / Inputting the target ranges for Nmap
  • clear-text protocols
    • about / Clear-text protocols
  • clickjacking
    • about / Testing for clickjacking vulnerabilities
  • clickjacking vulnerabilities
    • testing for / Testing for clickjacking vulnerabilities, How to do it…, How it works…
  • client-side parameter, by Python
    • tampering / Tampering with the client-side parameter with Python
  • client-side parameter tampering
    • effects, on business / Effects of parameter tampering on business
  • client-side validation
    • about / Introducing client-side validation
  • clients, AP
    • detecting / Detecting clients of an AP
  • client socket methods
    • about / Client socket methods
    • socket.connect(address) / Client socket methods
  • code
    • commenting / How to comment your code
  • combined UDP and TCP scans
    • executing / Executing combined UDP and TCP scans
  • command
    • enabling, steganography used / Getting ready, How to do it…, How it works…
  • Command-line Injection (CLI)
    • about / Gaining access through websites
  • Command-line Interface (CLI)
    • about / Converting string and number variables
    / Creating a multiprocessing script in Python
  • Command-line interface (CLI)
    • about / Inputting the target ranges for Nmap
  • Command Line Interface (CLI) / Veil
  • comma separated variables (CSV) / Introduction
    • Nmap XML, converting to / Converting Nmap XML to CSV, Getting ready, How it works…
    • Sslscan, parsing / Parsing Sslscan into CSV, How it works…
  • comment
    • about / How to comment your code
  • comments
    • searching, in source code / Finding comments in source code, How it works…, There's more…
  • common transfer files (CTFs) / Shellshock checking
  • Common Vulnerabilities and Exposures (CVE) / How it works…
  • Compact Disk (CD) / Ophcrack
  • comparison operators
    • about / Comparison operators
  • compiled languages
    • about / Understanding the difference between interpreted and compiled languages
  • compound statements
    • about / Compound statements
    • if statements / The if statements
  • conditional handlers
    • about / Conditional handlers
  • constructors
    • about / Understanding default values and constructors
  • Content Delivery Networks (CDN)
    • about / Identifying live applications versus open ports, Web applications
  • control
    • enabling, steganography used / Enabling command and control using steganography, How to do it…, How it works…
  • credential attack
    • types / The types of credential attacks
  • credential attack, types
    • online credential attack / Defining the online credential attack
    • offline credential attack / Defining the offline credential attack
  • credential attacks, with Burp Suite / Credential attacks with Burp Suite
  • Cross-site scripting (XSS) / Introduction
  • Cross-site Scripting (XSS)
    • about / Credential attacks with Burp Suite
  • Cross Site Tracing (XST) / Testing HTTP methods
  • Crystal Box testing / White Box Testing
  • custom packet crafting
    • used, for testing security system / Testing the security system using custom packet crafting and injection
  • CVE-2010-1146
    • about / Gaining root access to the system
  • CVE Details
    • URL / Gaining root access to the system

D

  • Damn Vulnerable Web App (DVWA) / How to do it…
  • Damn Vulnerable Web Application (DVWA)
    • about / Identifying hidden files and directories with Python
  • data
    • extracting, through HTTP requests / Extracting data through HTTP requests, How to do it…, How it works…
  • Data Breach Investigation Report (DBIR) / Threat modeling
  • Data Execution Prevention (DEP)
    • about / Understanding protection mechanisms
  • data structures
    • about / Python variables
  • DDoS
    • about / Introducing DoS and DDoS
    • single IP, using with single port address / Single IP single port
    • single IP, using with multiple ports / Single IP multiple port
    • multiple IP, using with multiple ports / Multiple IP multiple port
  • deauthentication (deauth) attacks
    • about / The deauthentication (deauth) attacks
  • default values
    • about / Understanding default values and constructors
  • del() function / How to create an efficient port scanner
  • Demilitarized Zone (DMZ)
    • about / User Datagram Protocol (UDP) services
  • Denial of Service (DoS)
    • about / Executing SYN scans, Understanding basic buffer overflow
  • Denial of Service (DoS) attack / Defining the scope of pentesting
  • destructive test / Defining the scope of pentesting
  • dictionary variables
    • about / Dictionary variables
  • Direct Object Reference (DOR) / Automated URL-based Directory Traversal
  • dirtester.py script
    • reference link / Identifying hidden files and directories with Python
  • Distribution System (DS)
    • about / Layer 2 in wireless networks
  • Domain Administrator (DA)
    • about / Understanding the new age of service exploitation
  • Domain Name Service (DNS)
    • about / Domain Name Service (DNS), Understanding how to parse XML files for reports
  • DoS
    • about / Introducing DoS and DDoS
    • single IP, using with single port address / Single IP single port
    • single IP, using with multiple ports / Single IP multiple port
    • multiple IP, using with multiple ports / Multiple IP multiple port
    • detecting / Detection of DDoS
  • Double Blind tests / Double Blind Testing
  • dynamically typed languages
    • about / Understanding dynamically typed languages
  • Dynamic Link Libraries (DLL) / Understanding the stack and the heap
  • dynamic typed languages
    • impact on functions / The impact of dynamically typed languages on functions on functions

E

  • e-mail addresses
    • generating, from names / Generating e-mail addresses from names, How to do it…
    • searching, from web pages / Finding e-mail addresses from web pages, How it works…, There's more…
  • e-mails
    • extracting, to Maltego / Extracting e-mails to Maltego, How it works…
  • elements
    • about / Understanding how to parse XML files for reports
  • encrypted remote access services
    • about / Encrypted remote access services
  • endianness
    • about / Understanding memory addresses and endianness
  • Engagement Letter (EL) / Pre-engagement interactions
  • Enterprise Service Set (ESS)
    • about / Layer 2 in wireless networks
  • Enterprise SSID (ESSID)
    • about / Layer 2 in wireless networks
  • environmental variables
    • about / Environmental variables and PATH
    • references / Environmental variables and PATH
  • ephemeral port range
    • about / Understanding how systems communicate
  • errors
    • identifying / Developing scripts and identifying errors
  • escalate
    • about / Gaining root access to the system
  • Ethernet frame architecture
    • about / The Ethernet frame architecture
    • layer 2 in Ethernet networks / Layer 2 in Ethernet networks
    • layer 2 in wireless networks / Layer 2 in wireless networks
  • etree library
    • about / Understanding how to parse XML files for reports
    • reference link / Understanding how to parse XML files for reports
  • Excel spreadsheets
    • generating, with Python script / Creating a Python script to generate Excel spreadsheets
  • exploitation
    • about / Understanding the new age of service exploitation
  • exploit scripts
    • about / Understanding other exploit scripts
    • standalones, exploiting by execution / Exploiting standalone binaries by executing scripts
    • systems, exploiting by TCP service / Exploiting systems by TCP service
    • systems, exploiting by UDP service / Exploiting systems by UDP service
  • exploit train
    • automating, with Python / Automating the exploit train with Python
  • expoloit-db
    • reference link / Gaining root access to the system
  • extended attributes (xattr)
    • about / Gaining root access to the system
  • eXtensible Markup Language (XML) / Automating the exploit train with Python
  • EyeWitness
    • about / Identifying live applications versus open ports

F

  • fgdump / pwdump and fgdump
  • file inclusion attacks
    • executing / The execution of file inclusion attacks, Verifying an RFI vulnerability
  • files
    • enumerating / Enumerating files, How to do it…, How it works…
  • File Transfer Protocol (FTP)
    • about / Understanding how systems communicate, Clear-text protocols
  • FIN scan / The FIN scan
  • firewall-based website
    • Python program, creating / Understanding the SQL injection attack by a Python script
  • foot printing
    • web server / The concept of foot printing of a web server
  • for loop
    • about / The for loop
    • break condition / The break condition
  • format characters / Format characters
  • FTP C2
    • creating / Creating an FTP C2, How it works…
  • Full Disk Encryption (FDE) / Ophcrack
  • fully qualified domain name (FQDN) / Useful socket methods
  • Fully Qualified Domain Name (FQDN)
    • about / Your first assessor script
  • Fully Qualified Domain Names (FQDN)
    • about / Domain Name Service (DNS)
  • functions
    • about / Functions, Functions
    • curly brackets / Curly brackets
  • funkandwagnalls/pythonpentest, GitHub
    • URL / Automating the exploit train with Python
  • FuzzDB
    • URL / Getting ready
  • fuzzing
    • about / Automated fuzzing

G

  • general purpose registers
    • about / Understanding general purpose registers
    • EAX / The EAX
    • EBX / The EBX
    • ECX / The ECX
    • EDX / The EDX
  • general socket methods
    • socket.recv(bufsize) / General socket methods
    • socket.recvfrom(bufsize) / General socket methods
    • socket.recv_into(buffer) / General socket methods
    • socket.recvfrom_into(buffer) / General socket methods
    • socket.send(bytes) / General socket methods
    • socket.sendto(data, address) / General socket methods
    • socket.sendall(data) / General socket methods
  • GETmethod / Tampering with the client-side parameter with Python, Effects of parameter tampering on business
  • gevent
    • reference link / Creating a multithreaded script in Python
  • Global Interpreter Lock (GIL)
    • about / Creating a multithreaded script in Python
    • URL / Creating a multithreaded script in Python
  • Globally Unique Identifier (GUID) / Gaining root access to the system
  • global variables
    • about / Global and local variables
  • Google+ API
    • used, for downloading profile pictures / Downloading profile pictures using the Google+ API, How it works
    • additional results, harvesting using pagination / How it works
  • Google+ API search
    • scripting / Scripting a Google+ API search, How it works…, See also…
  • Google+ pagination API
    • additional results, harvesting using pagination / Harvesting additional results from the Google+ API using pagination
  • Google Hacking Database (GHDB) / Intelligence gathering
  • Graphical User Interface (GUI) / Metasploit, Understanding the Nmap Grepable output
  • Graphics Processing Unit (GPU) / oclHashcat
  • graphs
    • generating, plot.ly used / Generating graphs using plot.ly, How it works…
  • gray-box pen testing / Approaches to pentesting
  • Grey Box format / Grey Box Testing

H

  • HackThisSite
    • URL / Information gathering of a website from SmartWhois by the parser BeautifulSoup
  • HackTop
    • about / Understanding the difference between interpreted and compiled languages
  • half open scan (stealth scan) / A half-open scan
    • steps / A half-open scan
    • about / A half-open scan
  • Hardware Access Layer (HAL)
    • about / Kernel
  • hashes
    • identifying / Identifying hashes, How it works…
  • header based Cross-site scripting
    • about / Header-based Cross-site scripting, How it works…, See also
  • heterogeneous environment
    • about / Understanding the difference between interpreted and compiled languages
  • hidden files, and directories
    • identifying, with Python / Identifying hidden files and directories with Python
  • Hide_message function
    • about / How it works…
    • carrier parameter / How it works…
    • message parameter / How it works…
    • outfile parameter / How it works…
  • Host Intrusion Prevention System (HIPS)
    • about / Testing for the synchronization of account credentials
  • Host Intrusion Prevention Systems (HIPS)
    • about / Understanding the process environment block
  • hosts
    • exploiting, through RFI / Exploiting the hosts through RFI
  • HPing
    • about / Understanding Nmap
  • Hping / A half-open scan
  • HTTP banner grabbing
    • of website / Banner grabbing of a website
  • HTTP C2
    • creating / Creating an HTTP C2, Getting Started, How it works…
  • HTTP header
    • checking / Checking the HTTP header
  • HTTP headers
    • servers, fingerprinting through / Fingerprinting servers through HTTP headers, How it works…, There's more…
  • httplib2 library / Understanding when to use specific libraries
  • httplib2 script
    • reference link / Understanding when to use specific libraries
  • HTTP methods
    • testing / Testing HTTP methods, How it works…, There's more…
  • HTTP requests
    • data, extracting through / Extracting data through HTTP requests, How to do it…, How it works…
  • HTTP RFC handy
    • URL / Introduction
  • Hydra / Hydra
  • Hypertext Preprocessor (PHP)
    • about / The execution of file inclusion attacks
  • HyperText Transfer Protocol Secure (HTTPS)
    • about / Testing for the synchronization of account credentials

I

  • ICMP ECHO Reply / How to check live systems in a network and the concept of a live system
  • ICMP ECHO Request / How to check live systems in a network and the concept of a live system
  • if statements
    • about / The if statements
  • IIS 6.0 / Checking the HTTP header
  • Imgur
    • URL / Getting ready
  • Immunity
    • about / Understanding immunity
  • imports
    • about / Modules and imports
  • inboxes
    • cracking, with Burp Suite / Cracking inboxes with Burp Suite
  • Incident Response (IR)
    • about / Executing TCP full connection scans
  • Incognito / Mimikatz and Incognito
  • indentation
    • about / Indentation
  • Industrial Control Systems (ICS)
    • about / The Scapy library for Python
  • industry-standard tools
    • building / Building industry-standard tools
  • information
    • obtaining, Shodan API used / Getting ready, How to do it…, How it works…, There's more…
  • information gathering
    • about / Introducing information gathering
    • HTTP header, checking / Checking the HTTP header
  • Information Technology (IT)
    • about / Executing the different scan types
  • injection
    • used, for testing security system / Testing the security system using custom packet crafting and injection
  • Input/Output (I/O) / Creating a multiprocessing script in Python
  • insecure cookie flags
    • testing for / Testing for insecure cookie flags, How it works…, There's more…
  • insecure headers
    • testing for / Testing for insecure headers, How it works…
  • instance names
    • about / Variables and instance names
  • interactive interpreter
    • versus script / A Python interactive interpreter versus a script
  • interface details
    • determining, with netifaces library / Determining your interface details with the netifaces library
  • Internet Control Message Protocol (ICMP)
    • about / Understanding how systems communicate, Verifying an RFI vulnerability
  • Internet Control Message Protocol (ICMP) packet / Performing a ping sweep with Scapy
  • Internet Protocol (IP) / Pre-engagement interactions
    • about / Identifying live applications versus open ports, Domain Name Service (DNS), Understanding how to parse XML files for reports, Creating a multithreaded script in Python
  • Internet Protocol version 4 (IPv4) / Creating a Python script to parse an Nmap XML
  • Internet Security Association and Key Management Protocol (ISAKMP)
    • about / Virtual Private Networks (VPNs)
  • Internet Service Provider (ISP)
    • about / Executing the different scan types, Executing TCP full connection scans
  • Internet Service Providers (ISP)
    • about / Domain Name Service (DNS)
  • interpreted code
    • about / Understanding the difference between interpreted and compiled languages
  • interpreted language
    • about / Understanding the difference between interpreted and compiled languages
  • intruder attacks
    • reference link / Credential attacks with Burp Suite
  • Intrusion Detection System (IDS) / The FIN scan, Enabling command and control using steganography
  • Intrusion Detection Systems (IDS) / An overview of penetration testing
  • Intrusion Prevention System (IPS) / Metasploit
  • Intrusion Protection Systems (IPS) / An overview of penetration testing
  • IP Packet architecture
    • about / The IP packet architecture
  • IP scanner
    • creating / How to create an efficient IP scanner
  • IP version 6 (IPv6) / Creating a Python script to parse an Nmap XML

J

  • jitter
    • checking / Checking jitter, How to do it…, How it works…
    • about / Checking jitter
  • John the Ripper (JtR)
    • about / John the Ripper
    • used, for cracking Windows passwords / Cracking Windows passwords with John
  • jQuery checking
    • about / jQuery checking, How it works…, There's more…
  • Juggyboy
    • URL / Checking the HTTP header

K

  • 10k common passwords, GitHub
    • reference / Getting ready
  • kernel
    • about / Kernel
  • keywords
    • about / Reserved words, keywords, and built-in functions
    • reference link / Reserved words, keywords, and built-in functions
    • For / Reserved words, keywords, and built-in functions
    • Def / Reserved words, keywords, and built-in functions
    • If / Reserved words, keywords, and built-in functions
    • Elif / Reserved words, keywords, and built-in functions
    • Import / Reserved words, keywords, and built-in functions
    • Print / Reserved words, keywords, and built-in functions
    • Try / Reserved words, keywords, and built-in functions
  • Korn Shell (KSH)
    • about / Understanding the difference between interpreted and compiled languages

L

  • Last In First Out (LIFO) structure / Understanding the stack and the heap
  • least significant bit (LSB)
    • about / Introduction
  • libnmap
    • about / Understanding how to parse XML files for reports
    • reference link / Understanding how to parse XML files for reports
  • Limited Liability Corporations (LLCs) / Pre-engagement interactions
  • linear congruential generator
    • predicting / Predicting a linear congruential generator , Getting ready, How it works…
  • links
    • extracting, from URL to Maltego / Extracting links from a URL to Maltego, How it works…
  • list variables
    • about / List variables
  • live applications, versus open ports
    • identifying / Identifying live applications versus open ports
  • live system
    • checking, in network / How to check live systems in a network and the concept of a live system
    • ping sweep / Ping sweep
    • IP scanner, creating / How to create an efficient IP scanner
  • Local Area Network (LAN) / Cracking Windows passwords with John
  • Local Area Network Manager (LM)
    • about / Understanding the Nmap Grepable output, Testing for the synchronization of account credentials
  • local exploits
    • purpose / Understanding the purpose of local exploits
  • Local Link Multicast Name Request (LLMNR) / Responder
  • local variables
    • about / Global and local variables
  • logger library
    • about / Understanding logging within Python
    • reference link / Understanding logging within Python
  • logging
    • within Python / Understanding logging within Python
  • logical operators
    • about / Logical and membership operators
  • loopback interfaces
    • reference link, for testing / The Scapy library for Python
  • loops
    • about / Python loops
    • while loop / The while loop
    • for loop / The for loop
  • LSB steganography
    • used, for hiding message / Hiding a message using LSB steganography, How to do it…, How it works…

M

  • MAC flooding attack
    • about / The MAC flooding attack
    • MAC flood logic / The MAC flood logic
  • MAC flood logic / The MAC flood logic
  • mail services
    • about / Mail services
  • Maltego
    • links, extracting from URL / Extracting links from a URL to Maltego, How it works…
    • e-mails, extracting to / Extracting e-mails to Maltego, How it works…
  • Man-in-the-Middle (MitM) attacks
    • about / Layer 2 in Ethernet networks, Encrypted remote access services
  • man in the middle (MITM) attacks / How it works…
  • manual pivot
    • reference link / Understanding the Nmap Grepable output
  • MD5 hash
    • about / Generating an MD5 hash
    • generating / How to do it…, How it works…
    • cracking / Cracking an MD5 hash, How to do it…, How it works…
  • mechanize, Python browser / Tampering with the client-side parameter with Python
  • mechanize library / Understanding when to use specific libraries
  • Media Access Control (MAC)
    • about / Your first assessor script, The Ethernet frame architecture
  • membership operators
    • about / Logical and membership operators
  • memory addresses
    • about / Understanding memory addresses and endianness
  • message
    • hiding, LSB steganography used / Hiding a message using LSB steganography, How to do it…, How it works…
    • extracting, hidden in LSB / Extracting messages hidden in LSB, How it works…
  • Message Digest 5 (MD5) / Defining the offline credential attack
    • about / Gaining root access to the system
  • Metasploit / Metasploit
  • Metasploitable
    • about / Understanding the chaining of exploits
  • Metasploit Framework's Remote Procedure Call (MSFRPC) / Nmap libraries for Python
  • Metasploit modules
    • reversing / Reversing Metasploit modules
  • Metasploit Professional
    • about / Understanding the Nmap Grepable output
  • Metasploit Remote Procedure Call (MSFRPC)
    • about / Automating the exploit train with Python
  • Microsoft-like color selection tool
    • reference link / Creating a Python script to generate Excel spreadsheets
  • milworm.com
    • reference link / Gaining root access to the system
  • Mimikatz / Mimikatz and Incognito
  • modules
    • about / Modules and imports
  • Mozilla add-on Tamper Data
    • URL / Effects of parameter tampering on business
  • multiprocessing
    • versus multithreading / Understanding the difference between multithreading and multiprocessing
    • reference link / Creating a multiprocessing script in Python
  • multiprocessing script
    • creating, in Python / Creating a multiprocessing script in Python
  • multithreaded script
    • creating, in Python / Creating a multithreaded script in Python
  • multithreading
    • versus multiprocessing / Understanding the difference between multithreading and multiprocessing
  • mysql_real_escape_string()function / Understanding the SQL injection attack by a Python script

N

  • Name Service (NB-NS) / Responder
  • namespace
    • about / Understanding a namespace
  • nested statement
    • about / Curly brackets
  • Netcat
    • about / Netcat
    • URL / Netcat
  • netifaces library
    • interface details, determining with / Determining your interface details with the netifaces library
  • Network Basic Input Output System (NetBIOS) / Responder
  • network disassociation
    • about / Network disassociation
  • Network Mapper (Nmap) / NMAP
  • Network or IP layer / Format characters
  • network sniffer
    • about / Introducing a network sniffer
    • implementing, with Python / Implementing a network sniffer using Python, Format characters
    • format characters / Format characters
  • Network Sockets
    • about / Network sockets
  • Network Time Protocol (NTP) / Converting Nmap XML to CSV
  • New Technology LM (NTLM) / Cracking Windows passwords with John
    • about / Understanding the Nmap Grepable output, Testing for the synchronization of account credentials
  • nmap
    • about / Understanding Nmap
    • target ranges, inputting for / Inputting the target ranges for Nmap
    • output types / Different output types
    • reference link / Determining the backup filenames
  • Nmap
    • about / Converting Nmap XML to CSV
  • Nmap Grepable output
    • about / Understanding the Nmap Grepable output
  • nmap libraries, for Python
    • about / Nmap libraries for Python
  • nmap port scanning techniques
    • reference link / Understanding how UDP works
  • Nmap scans
    • efficiency feature / Being efficient with Nmap scans
  • Nmap scripting engine
    • about / The Nmap scripting engine
  • nmap scripts
    • references / The Nmap scripting engine
  • Nmap XML
    • parsing, with Python script / Creating a Python script to parse an Nmap XML
    • converting, to CSV / Converting Nmap XML to CSV, Getting ready, How it works…
  • Nmap XML output
    • about / Understanding the Nmap XML output
  • non-destructive test / Defining the scope of pentesting
  • non penetration testing
    • Vulnerability Assessment (VA) / Vulnerability assessments
    • reverse engineering engagements / Reverse engineering engagements
    • hacking / Hacking
  • nonpersistent (reflected) XSS / Nonpersistent or reflected XSS
  • No Operation (NOP) modules / Metasploit
  • No Operations (NOPs)
    • about / Understanding the manipulation of the stack
  • Not Safe For Work (NSFW) tag / Encoding with ROT13
  • number variables
    • about / Number variables
    • converting / Converting string and number variables

O

  • Object-oriented (OO)
    • about / Python – the good and the bad
  • oclHashcat / oclHashcat
  • offline credential attack
    • defining / Defining the offline credential attack
  • one-time pad reuse
    • attacking / Attacking one-time pad reuse, Getting ready, How it works…
  • online credential attack
    • defining / Defining the online credential attack
  • online CVE databases
    • reference / There's more…
  • OO programming
    • about / Python – the good and the bad
  • Open Source Intelligence (OSINT) / Black Box Testing, theHarvester and Recon-NG, Introduction
    • about / Introduction
  • Open Systems Interconnect (OSI) model
    • about / Understanding how systems communicate
  • Open Web Application Security Project's (OWASP) / Building industry-standard tools
  • Open Web Application Security Project (OWASP) / Introduction
  • Operating System (OS) / Generating the usernames
  • Operating Systems (OS)
    • about / Understanding the difference between multithreading and multiprocessing
  • operating system scans
    • skipping / Skipping the operating system scans
  • operators
    • about / Operators
    • reference link / Operators
    • comparison operators / Comparison operators
    • assignment operators / Assignment operators
    • arithmetic operators / Arithmetic operators
    • logical operators / Logical and membership operators
    • membership operators / Logical and membership operators
  • Ophcrack / Ophcrack
  • options
    • about / Arguments and options
  • order by query / Understanding the SQL injection attack by a Python script
  • OS fingerprinting / Banner grabbing of a website
  • Outlook Web Access (OWA)
    • about / Cracking inboxes with Burp Suite

P

  • Packet Capture (PCAP) / Verifying an RFI vulnerability
  • packet crafting
    • about / Learning about packet crafting
  • pagination
    • used, for harvesting additional results from Google+ API / Harvesting additional results from the Google+ API using pagination, How it works
  • Pass-the-Hash (PtH)
    • about / Understanding the Nmap Grepable output
  • Pass-the-Hash (PtH) attack / An example engagement
  • Pass-the-Hash attack (PtH)
    • about / Testing for the synchronization of account credentials
  • passive sniffing / Passive sniffing
  • passwords
    • brute forcing / Brute forcing passwords, How to do it…, How it works…
  • PATH environmental variable
    • about / Environmental variables and PATH
  • payloads
    • encoding / Encoding payloads, How it works…
  • penetration testing
    • overview / An overview of penetration testing
    • Aabout / Understanding what penetration testing is not
    • tools / Penetration testing tools
  • pen tester
    • qualities / Qualities of a good pentester
  • pen testing
    • scope / Introducing the scope of pentesting
    • need for / The need for pentesting
    • components, to be tested / Components to be tested
    • scope, defining / Defining the scope of pentesting
    • non-destructive test / Defining the scope of pentesting
    • destructive test / Defining the scope of pentesting
    • approaches / Approaches to pentesting
    • prerequisites tools / Understanding the tests and tools you'll need
  • PeppingTom
    • about / Identifying live applications versus open ports
  • perimeter scanning
    • limitations / Understanding the limitations of perimeter scanning
  • Perl function
    • example / Curly brackets
  • persistent (stored) XSS / Persistent or stored XSS
  • PF_PACKET / Format characters
  • PHPSESSION
    • URL / There's more…
  • Physical layer / Format characters
  • ping command / How to check live systems in a network and the concept of a live system
  • ping of death / Ping of death
  • ping sweep
    • about / Ping sweep
  • pingsweep
    • performing, Scapy used / Performing a ping sweep with Scapy, How to do it…, How it works…
  • pivoting
    • about / Understanding the new age of service exploitation
  • plot.ly
    • used, for generating graphs / Generating graphs using plot.ly, How it works…
  • Point-to-Point Tunneling Protocol (PPTP)
    • about / Virtual Private Networks (VPNs)
  • Portable Executable (PE) / Understanding the program image and dynamic-link libraries
  • port scanner
    • about / The concept of a port scanner
    • creating / How to create an efficient port scanner
  • post exploitation modules, Metasploit
    • reference link / Understanding the Nmap Grepable output
  • POSTmethod / Tampering with the client-side parameter with Python
  • pre-engagement interactions, PTES
    • categories / Pre-engagement interactions
    • White Box testing / White Box Testing
    • Grey Box format / Grey Box Testing
    • Black Box / Black Box Testing
    • Double Blind tests / Double Blind Testing
  • Pretty Good Privacy (PGP) / Pre-engagement interactions
  • print function
    • about / Python – the good and the bad
  • Process Environment Block (PEB)
    • about / Understanding the process environment block
  • Process Execution (PSEXEC) attack
    • about / Understanding the Nmap Grepable output
  • Process Identifier (PID)
    • about / Gaining root access to the system
  • profile pictures
    • downloading, Google+ API used / Downloading profile pictures using the Google+ API, How it works
  • program image
    • about / Understanding the program image and dynamic-link libraries
    • PE header / Understanding the program image and dynamic-link libraries
    • .text / Understanding the program image and dynamic-link libraries
    • .rdata / Understanding the program image and dynamic-link libraries
    • .data / Understanding the program image and dynamic-link libraries
    • .rsrc / Understanding the program image and dynamic-link libraries
  • prohibited
    • about / Reserved words, keywords, and built-in functions
  • protection mechanisms
    • about / Understanding protection mechanisms
  • pseudorandom number generator (PRNG) / John the Ripper
  • psexec module
    • about / Testing for the synchronization of account credentials
  • PTES
    • about / The penetration testing execution standard
    • pre-engagement interactions / Pre-engagement interactions
    • intelligence gathering / Intelligence gathering
    • threat modeling / Threat modeling
    • vulnerability analysis / Vulnerability analysis
    • exploitation / Exploitation
    • post exploitation / Post exploitation
    • reporting / Reporting
    • example engagement / An example engagement
  • PtH
    • about / Understanding the Nmap Grepable output
  • pwdump / pwdump and fgdump
  • Python
    • about / Understanding the difference between interpreted and compiled languages
    • overview / Python – the good and the bad
    • exploit train, automating with / Automating the exploit train with Python
    • used, for identifying hidden files and directories / Identifying hidden files and directories with Python
    • using, for web assessments / Understanding when to use Python for web assessments
    • specific libraries, using / Understanding when to use specific libraries
    • multithreaded script, creating in / Creating a multithreaded script in Python
    • multiprocessing script, creating in / Creating a multiprocessing script in Python
    • URL, for downloading versions / Introducing Python scripting
    • testing platforms / Learning the common testing platforms with Python
    • used, for implementing network sniffer / Implementing a network sniffer using Python, Format characters
    • used, for implementing ARP spoofing / Introducing ARP spoofing and implementing it using Python
    • wireless SSID finding / Wireless SSID finding and wireless traffic analysis by Python
    • wireless traffic analysis / Wireless SSID finding and wireless traffic analysis by Python
    • client-side parameter, tampering / Tampering with the client-side parameter with Python
  • Python class
    • creating / Understanding how to create a Python class
  • Python classes
    • reference link / Understanding how to create a Python class
  • Python formatting
    • about / Python formatting
    • indentation / Indentation
  • Pythonic
    • about / Python – the good and the bad
  • Python Image Library (PIL) / Getting ready
  • Python multiprocessing
    • reference link / Creating a multiprocessing script in Python
  • Python nmap library
    • URL / Nmap libraries for Python
  • Python script
    • creating, for parsing Nmap XML / Creating a Python script to parse an Nmap XML
    • creating, for generating Excel spreadsheets / Creating a Python script to generate Excel spreadsheets
    • used, for implementing TCP scan / The TCP scan concept and its implementation using a Python script
    • SQL injection attack / Understanding the SQL injection attack by a Python script
  • Python script, GitHub page
    • reference link / Creating a Python script to parse an Nmap XML
  • Python scripting
    • about / Introducing Python scripting

Q

  • QtWebKit
    • used, for obtaining website screenshots / Getting screenshots of websites with QtWebKit, How it works…
    • about / Getting ready

R

  • raw socket / Format characters
  • Recon-NG / theHarvester and Recon-NG
  • registers
    • about / Getting started with registers
    • general purpose registers / Understanding general purpose registers
    • special purpose registers / Understanding special purpose registers
  • regular expressions (Regex) / Identifying hashes
  • Reiser File System (ReiserFS)
    • about / Gaining root access to the system
  • Remote and Local File Inclusion (RFI/LFI)
    • about / Gaining access through websites
  • Remote Code Execution (RCE)
    • about / Assignment operators, Understanding basic buffer overflow
  • Remote Desktop Protocol (RDP)
    • about / Encrypted remote access services
  • remote file inclusion
    • references / The execution of file inclusion attacks
  • reports
    • XML files, parsing for / Understanding how to parse XML files for reports
  • request-based script
    • reference link / Understanding when to use specific libraries
  • Request For Comment (RFC) / Creating a Python script to parse an Nmap XML
  • Request for Proposal (RFP) / Pre-engagement interactions
  • request library / Understanding when to use specific libraries
  • reserved words
    • about / Reserved words, keywords, and built-in functions
  • Responder / Responder
  • Return-Oriented Programming (ROP) chaining
    • about / Understanding protection mechanisms
  • RFI
    • hosts, exploring through / Exploiting the hosts through RFI
  • RFI vulnerability
    • verifying / Verifying an RFI vulnerability
  • ROT13 encoding
    • about / Encoding with ROT13
    • using / How to do it…, How it works…

S

  • scan types
    • executing / Executing the different scan types
    • TCP connection scan, executing / Executing TCP full connection scans, Executing ACK scans
    • SYN scans, executing / Executing SYN scans
    • ACK scans, executing / Executing ACK scans
    • UDP scans, executing / Executing UDP scans
  • Scapy
    • used, for performing pingsweep / Performing a ping sweep with Scapy, How it works…
    • about / Performing a ping sweep with Scapy
    • scanning with / Scanning with Scapy, How it works…
    • URL / There's more…
  • scapy
    • about / A half-open scan
  • Scapy library, for Python
    • about / The Scapy library for Python
  • screenshots
    • based on port list / Screenshots based on a port list, How it works…, There's more…
  • script
    • versus interactive interpreter / A Python interactive interpreter versus a script
    • about / The first Python script
    • developing / Developing scripts and identifying errors
  • Secure Copy (SCP) / Gaining root access to the system
  • Secure Hashing Algorithm 1 (SHA-1) / Defining the offline credential attack
  • Secure Shell (SSH) / Hydra
    • about / Nmap libraries for Python, Checking for weak, default, or known passwords, Encrypted remote access services
  • Security Accounts Manager (SAM)
    • about / Testing for the synchronization of account credentials
  • Security by obscurity
    • about / Understanding how systems communicate
  • Security Identifier (SID) / An example engagement
  • Security Operation Centre (SOC) analyst / Creating an Twitter C2
  • security system
    • testing, with injection / Testing the security system using custom packet crafting and injection
    • testing, with custom packet crafting / Testing the security system using custom packet crafting and injection
  • server-side program
    • creating, for client connection / Moving on to the practical
  • Server Message Block (SMB) / An example engagement
    • about / Understanding the Nmap Grepable output, Testing for the synchronization of account credentials, The execution of file inclusion attacks
  • servers
    • fingerprinting, through HTTP headers / Fingerprinting servers through HTTP headers, How it works…, There's more…
  • server socket methods
    • about / Server socket methods
    • socket.bind(address) / Server socket methods
    • socket.listen(q) / Server socket methods
    • socket.accept() / Server socket methods
  • service exploitation
    • about / Understanding the new age of service exploitation
  • Service Pack (SP) / Understanding the program image and dynamic-link libraries
  • Service Set Identifier (SSID)
    • about / Layer 2 in wireless networks
  • session fixation
    • about / Session fixation through a cookie injection
    • through cookie injection / Session fixation through a cookie injection, How it works…, There's more…
  • Set User Identifier (SUID) / Gaining root access to the system
  • SHA
    • implementing, in real-world scenario / Implementing SHA in a real-world scenario, How it works…
  • SHA 1/128/256 hash
    • generating / Generating an SHA 1/128/256 hash, How it works…
  • SHA and MD5 hashes
    • implementing together / Getting ready, How it works…
  • shared memory
    • reference link / Creating a multiprocessing script in Python
  • Shellshock checking
    • about / Shellshock checking, How it works…
  • Shodan
    • about / Gathering information using the Shodan API
    • URL / Gathering information using the Shodan API
  • Shodan API
    • used, for obtaining information / Gathering information using the Shodan API, How to do it…, How it works…, There's more…
  • simple-requests
    • reference link / Creating a multithreaded script in Python
  • Simple Mail Transfer Protocol (SMTP) / Identifying the target
  • simple Netcat shell
    • creating / Creating a simple Netcat shell, How it works…
  • Simple Network Management Protocol (SNMP)
    • about / User Datagram Protocol (UDP) services
  • simple SQL injection / Simple SQL injection
  • SmartWhois
    • website information, gathering by parser BeautifulSoup / Information gathering of a website from SmartWhois by the parser BeautifulSoup
    • URL / Information gathering of a website from SmartWhois by the parser BeautifulSoup
  • SMBexec / SMBexec
  • SMTP VRFY script
    • used, for testing users / Testing for users using SMTP VRFY
    • creating / Creating the SMTP VRFY script
    • URL / Creating the SMTP VRFY script
  • sniffing process
    • about / Introducing a network sniffer
    • passive sniffing / Passive sniffing
    • active sniffing / Active sniffing
  • socket.accept() method / Server socket methods
  • socket.connect(address) method / Client socket methods
  • socket.connect_ex(address) method / Useful socket methods
  • socket.getfqdn([name]) method / Useful socket methods
  • socket.gethostbyaddr(ip_address) method / Useful socket methods
  • socket.gethostbyname(hostname) method / Useful socket methods
  • socket.gethostbyname_ex(name) method / Useful socket methods
  • socket.gethostname() method / Useful socket methods
  • socket.getservbyname(servicename[, protocol_name]) method / Useful socket methods
  • socket.getservbyport(port[, protocol_name]) method / Useful socket methods
  • socket.htonl(x) method / Format characters
  • socket.htons(x) method / Format characters
  • socket.listen(q) method / Server socket methods
  • socket.ntohl(x) method / Format characters
  • socket.ntohs(x) method / Format characters
  • socket.recv(bufsize) method / General socket methods
  • socket.recvfrom_into(buffer) method / General socket methods
  • socket.recv_into(buffer) method / General socket methods
  • socket.send(bytes) method / General socket methods
  • socket.sendall(data) method / General socket methods
  • socket.sendto(data, address) method / General socket methods
  • socket.setdefaulttimeout(1) method / How to create an efficient port scanner
  • socket.socket() function / Network sockets
  • socket exceptions
    • handling / Socket exceptions
    • exception socket.herror / Socket exceptions
    • exception socket.timeout / Socket exceptions
    • exception socket.gaierror / Socket exceptions
    • exception socket.error / Socket exceptions
  • socket methods
    • socket.gethostbyname(hostname) / Useful socket methods
    • socket.gethostbyname_ex(name) / Useful socket methods
    • socket.gethostname() / Useful socket methods
    • socket.getfqdn([name]) / Useful socket methods
    • socket.gethostbyaddr(ip_address) / Useful socket methods
    • socket.getservbyname(servicename[, protocol_name]) / Useful socket methods
    • socket.getservbyport(port[, protocol_name]) / Useful socket methods
    • socket.connect_ex(address) / Useful socket methods
  • SoupStrainer / There’s more…
  • special purpose registers
    • about / Understanding special purpose registers
    • EBP / The EBP
    • EDI / The EDI
    • EIP / The EIP
    • ESP / The ESP
  • SpiderLabs msfrpc library
    • reference link / Automating the exploit train with Python
  • SQLi lists, for common injection types
    • reference link / Being efficient during web assessments
  • SQL Injection
    • about / Introduction
  • SQL injection / Introducing the SQL injection attack
  • SQL injection attack
    • about / Introducing the SQL injection attack
    • types / Types of SQL injections
    • by Python script / Understanding the SQL injection attack by a Python script
  • SQL injection attack, types
    • simple SQL injection attack / Simple SQL injection
    • blind SQL injection / Blind SQL injection
  • SQLi test pages
    • reference / There's more…
  • sqlmap
    • about / Being efficient during web assessments
  • sqlmap tool / Understanding the SQL injection attack by a Python script
  • Sslscan
    • about / Parsing Sslscan into CSV
    • parsing, into CSV / Parsing Sslscan into CSV, How it works…
  • stack adjustments
    • about / Understanding stack adjustments
  • stack manipulation
    • about / Understanding the manipulation of the stack
  • Standard Error (STDERR)
    • about / Understanding logging within Python
  • Standard Input (STDIN)
    • about / Inputting the target ranges for Nmap
  • Standard Out (STDOUT)
    • about / Reserved words, keywords, and built-in functions, Understanding Nmap
  • Standard Output (STDOUT)
    • about / Understanding logging within Python
  • standard twitter API
    • URL / How it works…
  • Statement of Work (SOW) / Pre-engagement interactions
  • steganography
    • about / Introduction
    • used, for enabling command and control / Enabling command and control using steganography, How to do it…, How it works…
  • string
    • variable, passing to / Passing a variable to a string
  • string variables
    • about / String variables
    • converting / Converting string and number variables
  • Structured Exception Handling (SEH)
    • about / Understanding protection mechanisms
  • Structured Query Language (SQL)
    • about / Gaining access through websites
  • Structured Query Language injection (SQLi)
    • about / Gaining access through websites
  • style guide
    • about / The Python style guide
    • reference link / The Python style guide
  • substitution cipher
    • cracking / Cracking a substitution cipher, How it works…
  • SYN scans
    • executing / Executing SYN scans
  • Sysinternals tools / Sysinternals tools
  • system communication
    • about / Understanding how systems communicate
  • System Development Life cycle (SDLC)
    • about / Python – the good and the bad

T

  • target
    • identifying / Identifying the target
  • targeted usernames
    • creating / Creating targeted usernames
    • URLs / Creating targeted usernames
    • generating, with U.S census / Generating and verifying usernames with help from the U.S. census
    • verifying, with U.S census / Generating and verifying usernames with help from the U.S. census
    • generating / Generating the usernames
    • excel spreadsheet, URL / Generating the usernames
    • script download, URL / Generating the usernames
  • target machine
    • running services / What are the services running on the target machine?
    • port scanner / The concept of a port scanner
    • port scanner, creating / How to create an efficient port scanner
  • target ranges
    • inputting, for nmap / Inputting the target ranges for Nmap
  • TCP
    • working / Understanding how TCP works
  • TCP/IP stack
    • about / Understanding how systems communicate
  • TCP full connection scans
    • executing / Executing TCP full connection scans
  • TCP header / Format characters
  • TCP header architecture
    • about / The TCP header architecture
  • TCP scan
    • about / The TCP scan concept and its implementation using a Python script
    • implementing, by Python script / The TCP scan concept and its implementation using a Python script
  • TCP three-way handshake
    • about / The TCP three-way handshake
  • testing platforms, with Python / Learning the common testing platforms with Python
  • text
    • hiding, in images / Hiding text in images, How it works…, There's more…
    • extracting, from images / Extracting text from images, How it works…, There's more…
  • TFTP server
    • backup files, downloading from / Downloading backup files from a TFTP server
  • theHarvester / theHarvester and Recon-NG
  • Thread Environment Block (TEB)
    • about / Understanding the thread environment block
  • threading.activeCount() method / How to create an efficient port scanner
  • thread safe
    • about / Creating a multithreaded script in Python
  • tools, penetration testing
    • about / Penetration testing tools
    • Network Mapper (Nmap) / NMAP
    • Metasploit / Metasploit
    • Veil / Veil
    • Burp Suite / Burp Suite
    • Hydra / Hydra
    • John the Ripper (JtR) / John the Ripper
    • oclHashcat / oclHashcat
    • Ophcrack / Ophcrack
    • Mimikatz / Mimikatz and Incognito
    • Incognito / Mimikatz and Incognito
    • SMBexec / SMBexec
    • Cewl / Cewl
    • Responder / Responder
    • theHarvester / theHarvester and Recon-NG
    • Recon-NG / theHarvester and Recon-NG
    • pwdump / pwdump and fgdump
    • fgdump / pwdump and fgdump
    • Netcat / Netcat
    • Sysinternals tools / Sysinternals tools
  • TRACE / Testing HTTP methods
  • Transmission Control Protocol (TCP) / NMAP
    • about / Understanding how to parse XML files for reports
  • Trivial File Transfer Protocol (TFTP)
    • about / User Datagram Protocol (UDP) services
  • tuple variables
    • about / Tuple variables
  • twill
    • using / Using twill to walk through the source
  • twill library / Understanding when to use specific libraries
  • Twitter C2
    • creating / Creating an Twitter C2, How to do it…, How it works…

U

  • Ubuntu TFTP server
    • reference link / User Datagram Protocol (UDP) services
  • UDP
    • working / Understanding how UDP works
  • UDP header architecture
    • about / The UDP header architecture
  • UDP scans
    • executing / Executing UDP scans
  • Uniform Resource Locator (URL)
    • about / Identifying live applications versus open ports, The execution of file inclusion attacks
  • Uniform Resource Locators (URLs)
    • about / Understanding the new age of service exploitation
  • union query / Understanding the SQL injection attack by a Python script
  • Universal Serial Bus (USB) / Ophcrack
    • about / Testing for the synchronization of account credentials
  • Universal Serial Bus (USB) drive / Understanding the program image and dynamic-link libraries
  • update() function / How to create an efficient port scanner
  • URL-based SQLi
    • identifying / Identifying URL-based SQLi, How to do it…, How it works…, There's more…
  • urllib library
    • URL / Understanding the SQL injection attack by a Python script
  • User Datagram Protocol (UDP)
    • about / Understanding how systems communicate, Understanding how to parse XML files for reports
  • User Datagram Protocol (UDP) services
    • about / User Datagram Protocol (UDP) services
  • usernames
    • brute forcing / Brute forcing usernames, How to do it…, How it works…
  • username validity
    • checking / Checking username validity, Getting ready, How it works…

V

  • variable
    • passing, to string / Passing a variable to a string
  • variables
    • about / Python variables
    • string variables / String variables
    • number variables / Number variables
    • list variables / List variables
    • tuple variables / Tuple variables
    • dictionary variables / Dictionary variables
  • variables names
    • about / Variables and instance names
  • variable values
    • debugging / Debugging variable values
  • Veil / Veil
    • reference link / Testing for the synchronization of account credentials
  • Virtual Local Area Networks (VLANs)
    • about / The Scapy library for Python
  • Virtual Machines (VMs)
    • about / Understanding the difference between interpreted and compiled languages
  • Virtual Private Networks (VPNs)
    • about / Virtual Private Networks (VPNs)
  • Vulnerability Assessment (VA) / Vulnerability assessments
  • Vulnerability Management Solution (VMS) / An overview of penetration testing

W

  • Web App Firewalls (WAFs) / Encoding payloads
  • Web Application Firewalls (WAFs)
    • about / Being efficient during web assessments
  • web applications
    • about / Web applications
  • web assessments
    • Python, using for / Understanding when to use Python for web assessments
    • efficiency feature / Being efficient during web assessments
  • Web Proxy AutoDiscovery (WPAD) / Responder
  • web server
    • foot printing / The concept of foot printing of a web server
    • hardening / Hardening of a web server
  • website
    • HTTP banner grabbing / Banner grabbing of a website
  • websites
    • spidering / Spidering websites, How it works…
  • website screenshots
    • obtaining, QtWebKit used / Getting screenshots of websites with QtWebKit, How to do it…, How it works…
  • while loop
    • about / The while loop
  • white-box pen testing / Approaches to pentesting
  • White Box testing (Clear Box testing) / White Box Testing
  • Wikipedia page on ANSI
    • URL / How it works…
  • Windows Active Directory password complexity requirements
    • reference link / Understanding the chaining of exploits
  • Windows memory structure
    • about / Understanding the Windows memory structure
    • stack / Understanding the stack and the heap
    • heap / Understanding the stack and the heap
    • program image / Understanding the program image and dynamic-link libraries
    • dynamic-link libraries / Understanding the program image and dynamic-link libraries
    • process environment block / Understanding the process environment block
    • thread environment block / Understanding the thread environment block
    • kernel / Kernel
  • wireless attacks
    • about / Wireless attacks
    • deauthentication (deauth) attacks / The deauthentication (deauth) attacks
    • MAC flooding attack / The MAC flooding attack
  • wireless SSID finding
    • performing, by Python / Wireless SSID finding and wireless traffic analysis by Python
  • wireless traffic analysis
    • performing, by Python / Wireless SSID finding and wireless traffic analysis by Python

X

  • XML files
    • parsing, for reports / Understanding how to parse XML files for reports
  • XSS
    • about / Learning about Cross-Site scripting
    • types / Learning about Cross-Site scripting
    • persistent (stored) XSS) / Persistent or stored XSS
    • nonpersistent (reflected) XSS / Nonpersistent or reflected XSS
  • XSS lists
    • reference link / Being efficient during web assessments

Z

  • Zed Attack Proxy (ZAP) / Burp Suite
    • about / Understanding the difference between interpreted and compiled languages
  • Zelster
    • URL / Understanding the new age of service exploitation
lock icon The rest of the chapter is locked
arrow left Previous Section
Section 1 of 1
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Sign up now
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Start free trial
Renews at €18.99/month. Cancel anytime

Authors (7)

Left arrow icon
Profile icon Christopher Duffy
Christopher Duffy
Christopher Duffy currently leads cybersecurity and penetration testing engagements globally. He has a specialization in advanced technical testing, including penetration testing and security assessment done to evaluate an organization's security strategy from a malicious actor's perspective. He has worked a lot with both network and system engineering teams to evaluate critical system data flows, and identified areas where controls can be put in place to prevent a breach of sensitive or critical data. His work with multiple organizations has been key to protecting resources based on the information they have held, which has helped reduce risks while maintaining resilient and cost-effective security postures. Chris has over 12 years of experience in the information technology and security areas, including security consultation, with a focus on business risk. He has helped build advanced attack and penetration teams. The work that his teams have done has encompassed everything from threat modeling and penetration tests to firewall reviews and FedRAMP readiness assessments. Chris has led, managed, and executed over 400 engagements for Fortune 500 companies, U.S. government entities, medical providers and payers, educational institutes, financial services, research organizations, and cloud providers. For almost a decade prior to private sector work, Chris was a cyber warfare specialist, senior systems engineer, and network infrastructure supervisor for the United States Air Force (USAF). He has been honored with numerous technical and leadership awards. Some of these include the (ISC)2 Information Security Leadership Award (ISLA) for the information security practitioner category in 2013, the noncommissioned officer of the year (both at the base and wing levels) in 2011, and the top technician within the cyber transport career field for the United States Air Force (USAF) Intelligence Surveillance and Reconnaissance Agency. He is a distinguished graduate of USAF network warfare training and has publications to his credit in SANS Reading Room, Hackin9 magazine, eForensics magazine and PenTest magazine. He holds 23 certifications, a degree in computer science, and a master's degree in information security and assurance.
Read more
See other products by Christopher Duffy
Profile icon Mohit
Mohit
Mohit Raj is a Python programmer with a keen interest in the field of information security. He completed his bachelor's degree in technology in computer science from Kurukshetra University, Kurukshetra, and his masters in engineering (2012) in computer science from Thapar University, Patiala. He is a C|EH, ECSA from EC-Council USA and a former IBMer. Mohit currently works at Sapient, and has published several articles in national and international magazines. He is the author of Python Penetration Testing Essentials and Python: Penetration Testing for Developers, also by Packt Publishing.
Read more
See other products by Mohit
Profile icon Cameron Buchanan
Cameron Buchanan
Cameron Buchanan is a penetration tester by trade and a writer in his spare time. He has performed penetration tests around the world for a variety of clients across many industries. Previously, Cameron was a member of the RAF. In his spare time, he enjoys doing stupid things, such as trying to make things fly, getting electrocuted, and dunking himself in freezing cold water. He is married and lives in London.
Read more
See other products by Cameron Buchanan
Profile icon Andrew Mabbitt
Andrew Mabbitt
Andrew Mabbitt is a penetration tester living in London, UK. He spends his time beating down networks, mentoring, and helping newbies break into the industry. In his free time, he loves to travel, break things, and master the art of sarcasm.
Read more
See other products by Andrew Mabbitt
Profile icon Terry Ip
Terry Ip
Terry Ip is a security consultant. After nearly a decade of learning how to support IT infrastructure, he decided that it would be much more fun learning how to break it instead. He is married and lives in Buckinghamshire, where he tends to his chickens.
Read more
See other products by Terry Ip
Profile icon Dave Mound
Dave Mound
Dave Mound is a security consultant. He is a Microsoft Certified Application Developer but spends more time developing Python programs these days. He has been studying information security since 1994 and holds the following qualifications: C|EH, SSCP, and MCAD. He recently studied for OSCP certification but is still to appear for the exam. He enjoys talking and presenting and is keen to pass on his skills to other members of the cyber security community. When not attached to a keyboard, he can be found tinkering with his 1978 Chevrolet Camaro. He once wrestled a bear and was declared the winner by omoplata.
Read more
See other products by Dave Mound
Profile icon Benjamin May
Benjamin May
Benjamin May is a security test engineer from Cambridge. He studied computing for business at Aston University. With a background in software testing, he recently combined this with his passion for security to create a new role in his current company. He has a broad interest in security across all aspects of the technology field, from reverse engineering embedded devices to hacking with Python and participating in CTFs. He is a husband and a father.
Read more
See other products by Benjamin May
Right arrow icon

Personalised recommendations for you

Based on your interests and search pattern
Left arrow icon
The Aspiring CIO and CISO
The Aspiring CIO and CISO
Read more
This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.
Read more
Jun 2024 8h 32m
Malware Development for Ethical Hackers
Malware Development for Ethical Hackers
Read more
This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.
Read more
Jun 2024 13h 0m
API Security for White Hat Hackers
API Security for White Hat Hackers
Read more
API Security for White Hat Hackers is a comprehensive guide that simplifies API security by showing you how to identify and fix vulnerabilities. From emerging threats to best practices, this book helps you defend and safeguard your APIs.
Read more
Jun 2024 13h 56m
Securing Cloud PCs and Azure Virtual Desktop
Securing Cloud PCs and Azure Virtual Desktop
Read more
This book covers the fundamentals of Windows 365 and Azure Virtual Desktop, addressing endpoint security challenges. You'll also explore advanced security measures for virtual environments.
Read more
Jun 2024 13h 12m
Cybersecurity Strategies and Best Practices
Cybersecurity Strategies and Best Practices
Read more
This book offers real-world case studies, holistic approaches, and practical guidance to boost your cybersecurity expertise. You'll learn how to align security strategies with business objectives and stay ahead of the evolving threat landscape.
Read more
May 2024 8h 24m
PowerShell for Penetration Testing
PowerShell for Penetration Testing
Read more
Designed for security professionals and aspiring pentesters, this book equips you with the skills and knowledge to exploit vulnerabilities, gain access, and navigate post-exploitation scenarios across diverse platforms.
Read more
May 2024 9h 56m
Securing Industrial Control Systems and Safety Instrumented Systems
Securing Industrial Control Systems and Safety Instrumented Systems
Read more
The book provides a solid understanding of SIS cybersecurity challenges and artifacts required to ensure the safety of mission-critical systems. It also serves as a strong foundation for anyone looking to boost their industrial security skill set.
Read more
Aug 2024 8h 32m
Incident Response for Windows
Incident Response for Windows
Read more
This exhaustive book helps you detect, respond to, and prevent cyberattacks on Windows-based systems by equipping you with the knowledge and tools needed to safeguard your organization's critical assets based on the actual threat landscape.
Read more
Aug 2024 8h 8m
CCSP (ISC)2 Certified Cloud Security Professional Exam Guide
CCSP (ISC)2 Certified Cloud Security Professional Exam Guide
Read more
Explore all aspects of cloud security to pass the CCSP exam and boost your career with this guide packed with use cases, mock exam questions, and tips. You'll be able to apply your new-found knowledge not only to pass the exam but also at work.
Read more
Jun 2024 18h 40m
Cryptography Algorithms
Cryptography Algorithms
Read more
Get ahead in cryptography with this second edition, covering symmetric and asymmetric encryption, zero-knowledge protocols, and quantum cryptography. Designed for cybersecurity pros, it covers updated techniques to combat evolving cyber threats.
Read more
Aug 2024 13h 40m
Right arrow icon