Internformat: Python penetration testing essentials :

Python penetration testing essentials :: techniques for ethical hacking with Python /

This book gives you the skills you need to use Python for penetration testing, with the help of detailed code examples. This book has been updated for Python 3.6.3 and Kali Linux 2018.1. About This Book Detect and avoid various attack types that put the privacy of a system at risk Leverage Python to...

Ausführliche Beschreibung

Gespeichert in:

Bibliographische Detailangaben
1. Verfasser:	Mohit (VerfasserIn)
Format:	Elektronisch E-Book
Sprache:	English
Veröffentlicht:	Birmingham, UK : Packt Publishing, 2018.
Ausgabe:	Second edition.
Schlagworte:	Python (Computer program language) Penetration testing (Computer security) Python (Langage de programmation) Tests d'intrusion. Computer security. Network security. Programming & scripting languages: general. COMPUTERS > Programming Languages > Python. COMPUTERS > Security > General.
Online-Zugang:	Volltext
Zusammenfassung:	This book gives you the skills you need to use Python for penetration testing, with the help of detailed code examples. This book has been updated for Python 3.6.3 and Kali Linux 2018.1. About This Book Detect and avoid various attack types that put the privacy of a system at risk Leverage Python to build efficient code and eventually build a robust environment Learn about securing wireless applications and information gathering on a web server Who This Book Is For If you are a Python programmer, a security researcher, or an ethical hacker and are interested in penetration testing with the help of Python, then this book is for you. Even if you are new to the field of ethical hacking, this book can help you find the vulnerabilities in your system so that you are ready to tackle any kind of attack or intrusion. What You Will Learn The basics of network pentesting including network scanning and sniffing Wireless, wired attacks, and building traps for attack and torrent detection Web server footprinting and web application attacks, including the XSS and SQL injection attack Wireless frames and how to obtain information such as SSID, BSSID, and the channel number from a wireless frame using a Python script The importance of web server signatures, email gathering, and why knowing the server signature is the first step in hacking In Detail This book gives you the skills you need to use Python for penetration testing (pentesting), with the help of detailed code examples. We start by exploring the basics of networking with Python and then proceed to network hacking. Then, you will delve into exploring Python libraries to perform various types of pentesting and ethical hacking techniques. Next, we delve into hacking the application layer, where we start by gathering information from a website. We then move on to concepts related to website hacking - such as parameter tampering, DDoS, XSS, and SQL injection. By reading this book, you will learn different techniques and methodologies that will familiarize you with Python pentesting techniques, how to protect yourself, and how to create automated programs to find the admin console, SQL injection, and XSS attacks. Style and approach The book starts at a basic level and moves to a higher level of network and web security. The execution and performance of code are both taken into account.
Beschreibung:	1 online resource (1 volume) : illustrations
ISBN:	9781789136043 1789136040

Internformat

MARC


LEADER	00000cam a2200000 i 4500
001	ZDB-4-EBA-on1041187915
003	OCoLC
005	20241004212047.0
006	m o d
007	cr unu\|\|\|\|\|\|\|\|
008	180621t20182018enka o 000 0 eng d
040			\|a UMI \|b eng \|e rda \|e pn \|c UMI \|d STF \|d OCLCF \|d TOH \|d DEBBG \|d CEF \|d G3B \|d S9I \|d N$T \|d YDX \|d OCLCQ \|d UKMGB \|d UAB \|d UKAHL \|d CZL \|d OCLCQ \|d OCLCO \|d OCLCQ \|d OCLCO \|d OCLCL \|d DXU
015			\|a GBB8O1555 \|2 bnb
016	7		\|a 018897109 \|2 Uk
019			\|a 1039295616
020			\|a 9781789136043
020			\|a 1789136040
020			\|z 9781789138962
020			\|z 1789138965
035			\|a (OCoLC)1041187915 \|z (OCoLC)1039295616
037			\|a CL0500000973 \|b Safari Books Online
050		4	\|a QA76.73.P98
072		7	\|a COM \|x 051360 \|2 bisacsh
072		7	\|a COM \|x 053000 \|2 bisacsh
082	7		\|a 005.133 \|2 23
049			\|a MAIN
100	0		\|a Mohit, \|e author.
245	1	0	\|a Python penetration testing essentials : \|b techniques for ethical hacking with Python / \|c Mohit.
250			\|a Second edition.
264		1	\|a Birmingham, UK : \|b Packt Publishing, \|c 2018.
264		4	\|c ©2018
300			\|a 1 online resource (1 volume) : \|b illustrations
336			\|a text \|b txt \|2 rdacontent
337			\|a computer \|b c \|2 rdamedia
338			\|a online resource \|b cr \|2 rdacarrier
347			\|a data file
588	0		\|a Online resource; title from title page (Safari, viewed June 20, 2018).
520			\|a This book gives you the skills you need to use Python for penetration testing, with the help of detailed code examples. This book has been updated for Python 3.6.3 and Kali Linux 2018.1. About This Book Detect and avoid various attack types that put the privacy of a system at risk Leverage Python to build efficient code and eventually build a robust environment Learn about securing wireless applications and information gathering on a web server Who This Book Is For If you are a Python programmer, a security researcher, or an ethical hacker and are interested in penetration testing with the help of Python, then this book is for you. Even if you are new to the field of ethical hacking, this book can help you find the vulnerabilities in your system so that you are ready to tackle any kind of attack or intrusion. What You Will Learn The basics of network pentesting including network scanning and sniffing Wireless, wired attacks, and building traps for attack and torrent detection Web server footprinting and web application attacks, including the XSS and SQL injection attack Wireless frames and how to obtain information such as SSID, BSSID, and the channel number from a wireless frame using a Python script The importance of web server signatures, email gathering, and why knowing the server signature is the first step in hacking In Detail This book gives you the skills you need to use Python for penetration testing (pentesting), with the help of detailed code examples. We start by exploring the basics of networking with Python and then proceed to network hacking. Then, you will delve into exploring Python libraries to perform various types of pentesting and ethical hacking techniques. Next, we delve into hacking the application layer, where we start by gathering information from a website. We then move on to concepts related to website hacking - such as parameter tampering, DDoS, XSS, and SQL injection. By reading this book, you will learn different techniques and methodologies that will familiarize you with Python pentesting techniques, how to protect yourself, and how to create automated programs to find the admin console, SQL injection, and XSS attacks. Style and approach The book starts at a basic level and moves to a higher level of network and web security. The execution and performance of code are both taken into account.
505	0		\|a Cover -- Title Page -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Python with Penetration Testing and Networking -- Introducing the scope of pentesting -- The need for pentesting -- Components to be tested -- Qualities of a good pentester -- Defining the scope of pentesting -- Approaches to pentesting -- Introducing Python scripting -- Understanding the tests and tools you'll need -- Learning the common testing platforms with Python -- Network sockets -- Server socket methods -- Client socket methods -- General socket methods -- Moving on to the practical -- Socket exceptions -- Useful socket methods -- Summary -- Chapter 2: Scanning Pentesting -- How to check live systems in a network and the concept of a live system -- Ping sweep -- The TCP scan concept and its implementation using a Python script -- How to create an efficient IP scanner in Windows -- How to create an efficient IP scanner in Linux -- The concept of the Linux-based IP scanner -- nmap with Python -- What are the services running on the target machine? -- The concept of a port scanner -- How to create an efficient port scanner -- Summary -- Chapter 3: Sniffing and Penetration Testing -- Introducing a network sniffer -- Passive sniffing -- Active sniffing -- Implementing a network sniffer using Python -- Format characters -- Learning about packet crafting -- Introducing ARP spoofing and implementing it using Python -- The ARP request -- The ARP reply -- The ARP cache -- Testing the security system using custom packet crafting -- A half-open scan -- The FIN scan -- ACK flag scanning -- Summary -- Chapter 4: Network Attacks and Prevention -- Technical requirements -- DHCP starvation attack -- The MAC flooding attack -- How the switch uses the CAM tables -- The MAC flood logic -- Gateway disassociation by RAW socket.
505	8		\|a Torrent detection -- Running the program in hidden mode -- Summary -- Chapter 5: Wireless Pentesting -- Introduction to 802.11 frames -- Wireless SSID finding and wireless traffic analysis with Python -- Detecting clients of an AP -- Wireless hidden SSID scanner -- Wireless attacks -- The deauthentication (deauth) attack -- Detecting the deauth attack -- Summary -- Chapter 6: Honeypot -- Building Traps for Attackers -- Technical requirements -- Fake ARP reply -- Fake ping reply -- Fake port-scanning reply -- Fake OS-signature reply to nmap -- Fake web server reply -- Summary -- Chapter 7: Foot Printing a Web Server and a Web Application -- The concept of foot printing a web server -- Introducing information gathering -- Checking the HTTP header -- Information gathering of a website from whois.domaintools.com -- Email address gathering from a web page -- Banner grabbing of a website -- Hardening of a web server -- Summary -- Chapter 8: Client-Side and DDoS Attacks -- Introducing client-side validation -- Tampering with the client-side parameter with Python -- Effects of parameter tampering on business -- Introducing DoS and DDoS -- Single IP, single ports -- Single IP, multiple port -- Multiple IP, multiple ports -- Detection of DDoS -- Summary -- Chapter 9: Pentesting SQL and XSS -- Introducing the SQL injection attack -- Types of SQL injections -- Simple SQL injection -- Blind SQL injection -- Understanding the SQL injection attack by a Python script -- Learning about cross-site scripting -- Persistent or stored XSS -- Nonpersistent or reflected XSS -- Summary -- Other Books You May Enjoy -- Index.
650		0	\|a Python (Computer program language) \|0 http://id.loc.gov/authorities/subjects/sh96008834
650		0	\|a Penetration testing (Computer security) \|0 http://id.loc.gov/authorities/subjects/sh2011003137
650		6	\|a Python (Langage de programmation)
650		6	\|a Tests d'intrusion.
650		7	\|a Computer security. \|2 bicssc
650		7	\|a Network security. \|2 bicssc
650		7	\|a Programming & scripting languages: general. \|2 bicssc
650		7	\|a COMPUTERS \|x Programming Languages \|x Python. \|2 bisacsh
650		7	\|a COMPUTERS \|x Security \|x General. \|2 bisacsh
650		7	\|a Penetration testing (Computer security) \|2 fast
650		7	\|a Python (Computer program language) \|2 fast
758			\|i has work: \|a Python Penetration Testing Essentials (Work) \|1 https://id.oclc.org/worldcat/entity/E39PCYRyxtmFGbgM4v6Hb3qXJP \|4 https://id.oclc.org/worldcat/ontology/hasWork
856	4	0	\|l FWS01 \|p ZDB-4-EBA \|q FWS_PDA_EBA \|u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1823683 \|3 Volltext
938			\|a Askews and Holts Library Services \|b ASKH \|n BDZ0036924781
938			\|a EBSCOhost \|b EBSC \|n 1823683
938			\|a YBP Library Services \|b YANK \|n 15497361
994			\|a 92 \|b GEBAY
912			\|a ZDB-4-EBA
049			\|a DE-863

Datensatz im Suchindex

DE-BY-FWS_katkey	ZDB-4-EBA-on1041187915
_version_	1816882463036669953
adam_text
any_adam_object
author	Mohit
author_facet	Mohit
author_role	aut
author_sort	Mohit
author_variant	m
building	Verbundindex
bvnumber	localFWS
callnumber-first	Q - Science
callnumber-label	QA76
callnumber-raw	QA76.73.P98
callnumber-search	QA76.73.P98
callnumber-sort	QA 276.73 P98
callnumber-subject	QA - Mathematics
collection	ZDB-4-EBA
contents	Cover -- Title Page -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Python with Penetration Testing and Networking -- Introducing the scope of pentesting -- The need for pentesting -- Components to be tested -- Qualities of a good pentester -- Defining the scope of pentesting -- Approaches to pentesting -- Introducing Python scripting -- Understanding the tests and tools you'll need -- Learning the common testing platforms with Python -- Network sockets -- Server socket methods -- Client socket methods -- General socket methods -- Moving on to the practical -- Socket exceptions -- Useful socket methods -- Summary -- Chapter 2: Scanning Pentesting -- How to check live systems in a network and the concept of a live system -- Ping sweep -- The TCP scan concept and its implementation using a Python script -- How to create an efficient IP scanner in Windows -- How to create an efficient IP scanner in Linux -- The concept of the Linux-based IP scanner -- nmap with Python -- What are the services running on the target machine? -- The concept of a port scanner -- How to create an efficient port scanner -- Summary -- Chapter 3: Sniffing and Penetration Testing -- Introducing a network sniffer -- Passive sniffing -- Active sniffing -- Implementing a network sniffer using Python -- Format characters -- Learning about packet crafting -- Introducing ARP spoofing and implementing it using Python -- The ARP request -- The ARP reply -- The ARP cache -- Testing the security system using custom packet crafting -- A half-open scan -- The FIN scan -- ACK flag scanning -- Summary -- Chapter 4: Network Attacks and Prevention -- Technical requirements -- DHCP starvation attack -- The MAC flooding attack -- How the switch uses the CAM tables -- The MAC flood logic -- Gateway disassociation by RAW socket. Torrent detection -- Running the program in hidden mode -- Summary -- Chapter 5: Wireless Pentesting -- Introduction to 802.11 frames -- Wireless SSID finding and wireless traffic analysis with Python -- Detecting clients of an AP -- Wireless hidden SSID scanner -- Wireless attacks -- The deauthentication (deauth) attack -- Detecting the deauth attack -- Summary -- Chapter 6: Honeypot -- Building Traps for Attackers -- Technical requirements -- Fake ARP reply -- Fake ping reply -- Fake port-scanning reply -- Fake OS-signature reply to nmap -- Fake web server reply -- Summary -- Chapter 7: Foot Printing a Web Server and a Web Application -- The concept of foot printing a web server -- Introducing information gathering -- Checking the HTTP header -- Information gathering of a website from whois.domaintools.com -- Email address gathering from a web page -- Banner grabbing of a website -- Hardening of a web server -- Summary -- Chapter 8: Client-Side and DDoS Attacks -- Introducing client-side validation -- Tampering with the client-side parameter with Python -- Effects of parameter tampering on business -- Introducing DoS and DDoS -- Single IP, single ports -- Single IP, multiple port -- Multiple IP, multiple ports -- Detection of DDoS -- Summary -- Chapter 9: Pentesting SQL and XSS -- Introducing the SQL injection attack -- Types of SQL injections -- Simple SQL injection -- Blind SQL injection -- Understanding the SQL injection attack by a Python script -- Learning about cross-site scripting -- Persistent or stored XSS -- Nonpersistent or reflected XSS -- Summary -- Other Books You May Enjoy -- Index.
ctrlnum	(OCoLC)1041187915
dewey-full	005.133
dewey-hundreds	000 - Computer science, information, general works
dewey-ones	005 - Computer programming, programs, data, security
dewey-raw	005.133
dewey-search	005.133
dewey-sort	15.133
dewey-tens	000 - Computer science, information, general works
discipline	Informatik
edition	Second edition.
format	Electronic eBook
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>08449cam a2200649 i 4500</leader><controlfield tag="001">ZDB-4-EBA-on1041187915</controlfield><controlfield tag="003">OCoLC</controlfield><controlfield tag="005">20241004212047.0</controlfield><controlfield tag="006">m o d </controlfield><controlfield tag="007">cr unu\|\|\|\|\|\|\|\|</controlfield><controlfield tag="008">180621t20182018enka o 000 0 eng d</controlfield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">UMI</subfield><subfield code="b">eng</subfield><subfield code="e">rda</subfield><subfield code="e">pn</subfield><subfield code="c">UMI</subfield><subfield code="d">STF</subfield><subfield code="d">OCLCF</subfield><subfield code="d">TOH</subfield><subfield code="d">DEBBG</subfield><subfield code="d">CEF</subfield><subfield code="d">G3B</subfield><subfield code="d">S9I</subfield><subfield code="d">N$T</subfield><subfield code="d">YDX</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">UKMGB</subfield><subfield code="d">UAB</subfield><subfield code="d">UKAHL</subfield><subfield code="d">CZL</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCL</subfield><subfield code="d">DXU</subfield></datafield><datafield tag="015" ind1=" " ind2=" "><subfield code="a">GBB8O1555</subfield><subfield code="2">bnb</subfield></datafield><datafield tag="016" ind1="7" ind2=" "><subfield code="a">018897109</subfield><subfield code="2">Uk</subfield></datafield><datafield tag="019" ind1=" " ind2=" "><subfield code="a">1039295616</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781789136043</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1789136040</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781789138962</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">1789138965</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1041187915</subfield><subfield code="z">(OCoLC)1039295616</subfield></datafield><datafield tag="037" ind1=" " ind2=" "><subfield code="a">CL0500000973</subfield><subfield code="b">Safari Books Online</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">QA76.73.P98</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="x">051360</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="072" ind1=" " ind2="7"><subfield code="a">COM</subfield><subfield code="x">053000</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="082" ind1="7" ind2=" "><subfield code="a">005.133</subfield><subfield code="2">23</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">MAIN</subfield></datafield><datafield tag="100" ind1="0" ind2=" "><subfield code="a">Mohit,</subfield><subfield code="e">author.</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Python penetration testing essentials :</subfield><subfield code="b">techniques for ethical hacking with Python /</subfield><subfield code="c">Mohit.</subfield></datafield><datafield tag="250" ind1=" " ind2=" "><subfield code="a">Second edition.</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Birmingham, UK :</subfield><subfield code="b">Packt Publishing,</subfield><subfield code="c">2018.</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">©2018</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (1 volume) :</subfield><subfield code="b">illustrations</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="347" ind1=" " ind2=" "><subfield code="a">data file</subfield></datafield><datafield tag="588" ind1="0" ind2=" "><subfield code="a">Online resource; title from title page (Safari, viewed June 20, 2018).</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">This book gives you the skills you need to use Python for penetration testing, with the help of detailed code examples. This book has been updated for Python 3.6.3 and Kali Linux 2018.1. About This Book Detect and avoid various attack types that put the privacy of a system at risk Leverage Python to build efficient code and eventually build a robust environment Learn about securing wireless applications and information gathering on a web server Who This Book Is For If you are a Python programmer, a security researcher, or an ethical hacker and are interested in penetration testing with the help of Python, then this book is for you. Even if you are new to the field of ethical hacking, this book can help you find the vulnerabilities in your system so that you are ready to tackle any kind of attack or intrusion. What You Will Learn The basics of network pentesting including network scanning and sniffing Wireless, wired attacks, and building traps for attack and torrent detection Web server footprinting and web application attacks, including the XSS and SQL injection attack Wireless frames and how to obtain information such as SSID, BSSID, and the channel number from a wireless frame using a Python script The importance of web server signatures, email gathering, and why knowing the server signature is the first step in hacking In Detail This book gives you the skills you need to use Python for penetration testing (pentesting), with the help of detailed code examples. We start by exploring the basics of networking with Python and then proceed to network hacking. Then, you will delve into exploring Python libraries to perform various types of pentesting and ethical hacking techniques. Next, we delve into hacking the application layer, where we start by gathering information from a website. We then move on to concepts related to website hacking - such as parameter tampering, DDoS, XSS, and SQL injection. By reading this book, you will learn different techniques and methodologies that will familiarize you with Python pentesting techniques, how to protect yourself, and how to create automated programs to find the admin console, SQL injection, and XSS attacks. Style and approach The book starts at a basic level and moves to a higher level of network and web security. The execution and performance of code are both taken into account.</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">Cover -- Title Page -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Python with Penetration Testing and Networking -- Introducing the scope of pentesting -- The need for pentesting -- Components to be tested -- Qualities of a good pentester -- Defining the scope of pentesting -- Approaches to pentesting -- Introducing Python scripting -- Understanding the tests and tools you'll need -- Learning the common testing platforms with Python -- Network sockets -- Server socket methods -- Client socket methods -- General socket methods -- Moving on to the practical -- Socket exceptions -- Useful socket methods -- Summary -- Chapter 2: Scanning Pentesting -- How to check live systems in a network and the concept of a live system -- Ping sweep -- The TCP scan concept and its implementation using a Python script -- How to create an efficient IP scanner in Windows -- How to create an efficient IP scanner in Linux -- The concept of the Linux-based IP scanner -- nmap with Python -- What are the services running on the target machine? -- The concept of a port scanner -- How to create an efficient port scanner -- Summary -- Chapter 3: Sniffing and Penetration Testing -- Introducing a network sniffer -- Passive sniffing -- Active sniffing -- Implementing a network sniffer using Python -- Format characters -- Learning about packet crafting -- Introducing ARP spoofing and implementing it using Python -- The ARP request -- The ARP reply -- The ARP cache -- Testing the security system using custom packet crafting -- A half-open scan -- The FIN scan -- ACK flag scanning -- Summary -- Chapter 4: Network Attacks and Prevention -- Technical requirements -- DHCP starvation attack -- The MAC flooding attack -- How the switch uses the CAM tables -- The MAC flood logic -- Gateway disassociation by RAW socket.</subfield></datafield><datafield tag="505" ind1="8" ind2=" "><subfield code="a">Torrent detection -- Running the program in hidden mode -- Summary -- Chapter 5: Wireless Pentesting -- Introduction to 802.11 frames -- Wireless SSID finding and wireless traffic analysis with Python -- Detecting clients of an AP -- Wireless hidden SSID scanner -- Wireless attacks -- The deauthentication (deauth) attack -- Detecting the deauth attack -- Summary -- Chapter 6: Honeypot -- Building Traps for Attackers -- Technical requirements -- Fake ARP reply -- Fake ping reply -- Fake port-scanning reply -- Fake OS-signature reply to nmap -- Fake web server reply -- Summary -- Chapter 7: Foot Printing a Web Server and a Web Application -- The concept of foot printing a web server -- Introducing information gathering -- Checking the HTTP header -- Information gathering of a website from whois.domaintools.com -- Email address gathering from a web page -- Banner grabbing of a website -- Hardening of a web server -- Summary -- Chapter 8: Client-Side and DDoS Attacks -- Introducing client-side validation -- Tampering with the client-side parameter with Python -- Effects of parameter tampering on business -- Introducing DoS and DDoS -- Single IP, single ports -- Single IP, multiple port -- Multiple IP, multiple ports -- Detection of DDoS -- Summary -- Chapter 9: Pentesting SQL and XSS -- Introducing the SQL injection attack -- Types of SQL injections -- Simple SQL injection -- Blind SQL injection -- Understanding the SQL injection attack by a Python script -- Learning about cross-site scripting -- Persistent or stored XSS -- Nonpersistent or reflected XSS -- Summary -- Other Books You May Enjoy -- Index.</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Python (Computer program language)</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh96008834</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Penetration testing (Computer security)</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh2011003137</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Python (Langage de programmation)</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Tests d'intrusion.</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer security.</subfield><subfield code="2">bicssc</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Network security.</subfield><subfield code="2">bicssc</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Programming & scripting languages: general.</subfield><subfield code="2">bicssc</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS</subfield><subfield code="x">Programming Languages</subfield><subfield code="x">Python.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">COMPUTERS</subfield><subfield code="x">Security</subfield><subfield code="x">General.</subfield><subfield code="2">bisacsh</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Penetration testing (Computer security)</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Python (Computer program language)</subfield><subfield code="2">fast</subfield></datafield><datafield tag="758" ind1=" " ind2=" "><subfield code="i">has work:</subfield><subfield code="a">Python Penetration Testing Essentials (Work)</subfield><subfield code="1">https://id.oclc.org/worldcat/entity/E39PCYRyxtmFGbgM4v6Hb3qXJP</subfield><subfield code="4">https://id.oclc.org/worldcat/ontology/hasWork</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="l">FWS01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1823683</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">Askews and Holts Library Services</subfield><subfield code="b">ASKH</subfield><subfield code="n">BDZ0036924781</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">EBSCOhost</subfield><subfield code="b">EBSC</subfield><subfield code="n">1823683</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">YBP Library Services</subfield><subfield code="b">YANK</subfield><subfield code="n">15497361</subfield></datafield><datafield tag="994" ind1=" " ind2=" "><subfield code="a">92</subfield><subfield code="b">GEBAY</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-863</subfield></datafield></record></collection>
id	ZDB-4-EBA-on1041187915
illustrated	Illustrated
indexdate	2024-11-27T13:29:00Z
institution	BVB
isbn	9781789136043 1789136040
language	English
oclc_num	1041187915
open_access_boolean
owner	MAIN DE-863 DE-BY-FWS
owner_facet	MAIN DE-863 DE-BY-FWS
physical	1 online resource (1 volume) : illustrations
psigel	ZDB-4-EBA
publishDate	2018
publishDateSearch	2018
publishDateSort	2018
publisher	Packt Publishing,
record_format	marc
spelling	Mohit, author. Python penetration testing essentials : techniques for ethical hacking with Python / Mohit. Second edition. Birmingham, UK : Packt Publishing, 2018. ©2018 1 online resource (1 volume) : illustrations text txt rdacontent computer c rdamedia online resource cr rdacarrier data file Online resource; title from title page (Safari, viewed June 20, 2018). This book gives you the skills you need to use Python for penetration testing, with the help of detailed code examples. This book has been updated for Python 3.6.3 and Kali Linux 2018.1. About This Book Detect and avoid various attack types that put the privacy of a system at risk Leverage Python to build efficient code and eventually build a robust environment Learn about securing wireless applications and information gathering on a web server Who This Book Is For If you are a Python programmer, a security researcher, or an ethical hacker and are interested in penetration testing with the help of Python, then this book is for you. Even if you are new to the field of ethical hacking, this book can help you find the vulnerabilities in your system so that you are ready to tackle any kind of attack or intrusion. What You Will Learn The basics of network pentesting including network scanning and sniffing Wireless, wired attacks, and building traps for attack and torrent detection Web server footprinting and web application attacks, including the XSS and SQL injection attack Wireless frames and how to obtain information such as SSID, BSSID, and the channel number from a wireless frame using a Python script The importance of web server signatures, email gathering, and why knowing the server signature is the first step in hacking In Detail This book gives you the skills you need to use Python for penetration testing (pentesting), with the help of detailed code examples. We start by exploring the basics of networking with Python and then proceed to network hacking. Then, you will delve into exploring Python libraries to perform various types of pentesting and ethical hacking techniques. Next, we delve into hacking the application layer, where we start by gathering information from a website. We then move on to concepts related to website hacking - such as parameter tampering, DDoS, XSS, and SQL injection. By reading this book, you will learn different techniques and methodologies that will familiarize you with Python pentesting techniques, how to protect yourself, and how to create automated programs to find the admin console, SQL injection, and XSS attacks. Style and approach The book starts at a basic level and moves to a higher level of network and web security. The execution and performance of code are both taken into account. Cover -- Title Page -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Python with Penetration Testing and Networking -- Introducing the scope of pentesting -- The need for pentesting -- Components to be tested -- Qualities of a good pentester -- Defining the scope of pentesting -- Approaches to pentesting -- Introducing Python scripting -- Understanding the tests and tools you'll need -- Learning the common testing platforms with Python -- Network sockets -- Server socket methods -- Client socket methods -- General socket methods -- Moving on to the practical -- Socket exceptions -- Useful socket methods -- Summary -- Chapter 2: Scanning Pentesting -- How to check live systems in a network and the concept of a live system -- Ping sweep -- The TCP scan concept and its implementation using a Python script -- How to create an efficient IP scanner in Windows -- How to create an efficient IP scanner in Linux -- The concept of the Linux-based IP scanner -- nmap with Python -- What are the services running on the target machine? -- The concept of a port scanner -- How to create an efficient port scanner -- Summary -- Chapter 3: Sniffing and Penetration Testing -- Introducing a network sniffer -- Passive sniffing -- Active sniffing -- Implementing a network sniffer using Python -- Format characters -- Learning about packet crafting -- Introducing ARP spoofing and implementing it using Python -- The ARP request -- The ARP reply -- The ARP cache -- Testing the security system using custom packet crafting -- A half-open scan -- The FIN scan -- ACK flag scanning -- Summary -- Chapter 4: Network Attacks and Prevention -- Technical requirements -- DHCP starvation attack -- The MAC flooding attack -- How the switch uses the CAM tables -- The MAC flood logic -- Gateway disassociation by RAW socket. Torrent detection -- Running the program in hidden mode -- Summary -- Chapter 5: Wireless Pentesting -- Introduction to 802.11 frames -- Wireless SSID finding and wireless traffic analysis with Python -- Detecting clients of an AP -- Wireless hidden SSID scanner -- Wireless attacks -- The deauthentication (deauth) attack -- Detecting the deauth attack -- Summary -- Chapter 6: Honeypot -- Building Traps for Attackers -- Technical requirements -- Fake ARP reply -- Fake ping reply -- Fake port-scanning reply -- Fake OS-signature reply to nmap -- Fake web server reply -- Summary -- Chapter 7: Foot Printing a Web Server and a Web Application -- The concept of foot printing a web server -- Introducing information gathering -- Checking the HTTP header -- Information gathering of a website from whois.domaintools.com -- Email address gathering from a web page -- Banner grabbing of a website -- Hardening of a web server -- Summary -- Chapter 8: Client-Side and DDoS Attacks -- Introducing client-side validation -- Tampering with the client-side parameter with Python -- Effects of parameter tampering on business -- Introducing DoS and DDoS -- Single IP, single ports -- Single IP, multiple port -- Multiple IP, multiple ports -- Detection of DDoS -- Summary -- Chapter 9: Pentesting SQL and XSS -- Introducing the SQL injection attack -- Types of SQL injections -- Simple SQL injection -- Blind SQL injection -- Understanding the SQL injection attack by a Python script -- Learning about cross-site scripting -- Persistent or stored XSS -- Nonpersistent or reflected XSS -- Summary -- Other Books You May Enjoy -- Index. Python (Computer program language) http://id.loc.gov/authorities/subjects/sh96008834 Penetration testing (Computer security) http://id.loc.gov/authorities/subjects/sh2011003137 Python (Langage de programmation) Tests d'intrusion. Computer security. bicssc Network security. bicssc Programming & scripting languages: general. bicssc COMPUTERS Programming Languages Python. bisacsh COMPUTERS Security General. bisacsh Penetration testing (Computer security) fast Python (Computer program language) fast has work: Python Penetration Testing Essentials (Work) https://id.oclc.org/worldcat/entity/E39PCYRyxtmFGbgM4v6Hb3qXJP https://id.oclc.org/worldcat/ontology/hasWork FWS01 ZDB-4-EBA FWS_PDA_EBA https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1823683 Volltext
spellingShingle	Mohit Python penetration testing essentials : techniques for ethical hacking with Python / Cover -- Title Page -- Copyright and Credits -- Packt Upsell -- Contributors -- Table of Contents -- Preface -- Chapter 1: Python with Penetration Testing and Networking -- Introducing the scope of pentesting -- The need for pentesting -- Components to be tested -- Qualities of a good pentester -- Defining the scope of pentesting -- Approaches to pentesting -- Introducing Python scripting -- Understanding the tests and tools you'll need -- Learning the common testing platforms with Python -- Network sockets -- Server socket methods -- Client socket methods -- General socket methods -- Moving on to the practical -- Socket exceptions -- Useful socket methods -- Summary -- Chapter 2: Scanning Pentesting -- How to check live systems in a network and the concept of a live system -- Ping sweep -- The TCP scan concept and its implementation using a Python script -- How to create an efficient IP scanner in Windows -- How to create an efficient IP scanner in Linux -- The concept of the Linux-based IP scanner -- nmap with Python -- What are the services running on the target machine? -- The concept of a port scanner -- How to create an efficient port scanner -- Summary -- Chapter 3: Sniffing and Penetration Testing -- Introducing a network sniffer -- Passive sniffing -- Active sniffing -- Implementing a network sniffer using Python -- Format characters -- Learning about packet crafting -- Introducing ARP spoofing and implementing it using Python -- The ARP request -- The ARP reply -- The ARP cache -- Testing the security system using custom packet crafting -- A half-open scan -- The FIN scan -- ACK flag scanning -- Summary -- Chapter 4: Network Attacks and Prevention -- Technical requirements -- DHCP starvation attack -- The MAC flooding attack -- How the switch uses the CAM tables -- The MAC flood logic -- Gateway disassociation by RAW socket. Torrent detection -- Running the program in hidden mode -- Summary -- Chapter 5: Wireless Pentesting -- Introduction to 802.11 frames -- Wireless SSID finding and wireless traffic analysis with Python -- Detecting clients of an AP -- Wireless hidden SSID scanner -- Wireless attacks -- The deauthentication (deauth) attack -- Detecting the deauth attack -- Summary -- Chapter 6: Honeypot -- Building Traps for Attackers -- Technical requirements -- Fake ARP reply -- Fake ping reply -- Fake port-scanning reply -- Fake OS-signature reply to nmap -- Fake web server reply -- Summary -- Chapter 7: Foot Printing a Web Server and a Web Application -- The concept of foot printing a web server -- Introducing information gathering -- Checking the HTTP header -- Information gathering of a website from whois.domaintools.com -- Email address gathering from a web page -- Banner grabbing of a website -- Hardening of a web server -- Summary -- Chapter 8: Client-Side and DDoS Attacks -- Introducing client-side validation -- Tampering with the client-side parameter with Python -- Effects of parameter tampering on business -- Introducing DoS and DDoS -- Single IP, single ports -- Single IP, multiple port -- Multiple IP, multiple ports -- Detection of DDoS -- Summary -- Chapter 9: Pentesting SQL and XSS -- Introducing the SQL injection attack -- Types of SQL injections -- Simple SQL injection -- Blind SQL injection -- Understanding the SQL injection attack by a Python script -- Learning about cross-site scripting -- Persistent or stored XSS -- Nonpersistent or reflected XSS -- Summary -- Other Books You May Enjoy -- Index. Python (Computer program language) http://id.loc.gov/authorities/subjects/sh96008834 Penetration testing (Computer security) http://id.loc.gov/authorities/subjects/sh2011003137 Python (Langage de programmation) Tests d'intrusion. Computer security. bicssc Network security. bicssc Programming & scripting languages: general. bicssc COMPUTERS Programming Languages Python. bisacsh COMPUTERS Security General. bisacsh Penetration testing (Computer security) fast Python (Computer program language) fast
subject_GND	http://id.loc.gov/authorities/subjects/sh96008834 http://id.loc.gov/authorities/subjects/sh2011003137
title	Python penetration testing essentials : techniques for ethical hacking with Python /
title_auth	Python penetration testing essentials : techniques for ethical hacking with Python /
title_exact_search	Python penetration testing essentials : techniques for ethical hacking with Python /
title_full	Python penetration testing essentials : techniques for ethical hacking with Python / Mohit.
title_fullStr	Python penetration testing essentials : techniques for ethical hacking with Python / Mohit.
title_full_unstemmed	Python penetration testing essentials : techniques for ethical hacking with Python / Mohit.
title_short	Python penetration testing essentials :
title_sort	python penetration testing essentials techniques for ethical hacking with python
title_sub	techniques for ethical hacking with Python /
topic	Python (Computer program language) http://id.loc.gov/authorities/subjects/sh96008834 Penetration testing (Computer security) http://id.loc.gov/authorities/subjects/sh2011003137 Python (Langage de programmation) Tests d'intrusion. Computer security. bicssc Network security. bicssc Programming & scripting languages: general. bicssc COMPUTERS Programming Languages Python. bisacsh COMPUTERS Security General. bisacsh Penetration testing (Computer security) fast Python (Computer program language) fast
topic_facet	Python (Computer program language) Penetration testing (Computer security) Python (Langage de programmation) Tests d'intrusion. Computer security. Network security. Programming & scripting languages: general. COMPUTERS Programming Languages Python. COMPUTERS Security General.
url	https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=1823683
work_keys_str_mv	AT mohit pythonpenetrationtestingessentialstechniquesforethicalhackingwithpython

Verfügbarkeit

MARC

Datensatz im Suchindex

Ähnliche Einträge