更新时间:2021-06-25 21:50:29
封面
版权信息
Packt Upsell
Why subscribe?
PacktPub.com
Contributors
About the author
About the reviewers
Packt is searching for authors like you
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the example code files
Download the color images
Code in Action
Conventions used
Get in touch
Reviews
Python with Penetration Testing and Networking
Introducing the scope of pentesting
The need for pentesting
Components to be tested
Qualities of a good pentester
Defining the scope of pentesting
Approaches to pentesting
Introducing Python scripting
Understanding the tests and tools you'll need
Learning the common testing platforms with Python
Network sockets
Server socket methods
Client socket methods
General socket methods
Moving on to the practical
Socket exceptions
Useful socket methods
Summary
Scanning Pentesting
How to check live systems in a network and the concept of a live system
Ping sweep
The TCP scan concept and its implementation using a Python script
How to create an efficient IP scanner in Windows
How to create an efficient IP scanner in Linux
The concept of the Linux-based IP scanner
nmap with Python
What are the services running on the target machine?
The concept of a port scanner
How to create an efficient port scanner
Sniffing and Penetration Testing
Introducing a network sniffer
Passive sniffing
Active sniffing
Implementing a network sniffer using Python
Format characters
Learning about packet crafting
Introducing ARP spoofing and implementing it using Python
The ARP request
The ARP reply
The ARP cache
Testing the security system using custom packet crafting
A half-open scan
The FIN scan
ACK flag scanning
Network Attacks and Prevention
Technical requirements
DHCP starvation attack
The MAC flooding attack
How the switch uses the CAM tables
The MAC flood logic
Gateway disassociation by RAW socket
Torrent detection
Running the program in hidden mode
Wireless Pentesting
Introduction to 802.11 frames
Wireless SSID finding and wireless traffic analysis with Python
Detecting clients of an AP
Wireless hidden SSID scanner
Wireless attacks
The deauthentication (deauth) attack
Detecting the deauth attack
Honeypot – Building Traps for Attackers
Fake ARP reply
Fake ping reply
Fake port-scanning reply
Fake OS-signature reply to nmap
Fake web server reply
Foot Printing a Web Server and a Web Application
The concept of foot printing a web server
Introducing information gathering
Checking the HTTP header
Information gathering of a website from whois.domaintools.com
Email address gathering from a web page
Banner grabbing of a website
Hardening of a web server
