Cover image for Mastering Python for Networking and Security - Second Edition

Mastering Python for Networking and Security - Second Edition

Release Date: 2021/01/01
ISBN: 9781839217166
Topic:
0%
25
Chapters
0-1
Hours read
0k
Total Words
    Start Reading Now    
       Add to Wishlist       
View table of contents

Tackle security and networking issues using Python libraries such as Nmap, requests, asyncio, and scapy

Key Features

  • Enhance your Python programming skills in securing systems and executing networking tasks
  • Explore Python scripts to debug and secure complex networks
  • Learn to avoid common cyber events with modern Python scripting

Book Description

It's now more apparent than ever that security is a critical aspect of IT infrastructure, and that devastating data breaches can occur from simple network line hacks. As shown in this book, combining the latest version of Python with an increased focus on network security can help you to level up your defenses against cyber attacks and cyber threats.

Python is being used for increasingly advanced tasks, with the latest update introducing new libraries and packages featured in the Python 3.7.4 recommended version. Moreover, most scripts are compatible with the latest versions of Python and can also be executed in a virtual environment.

This book will guide you through using these updated packages to build a secure network with the help of Python scripting. You'll cover a range of topics, from building a network to the procedures you need to follow to secure it. Starting by exploring different packages and libraries, you'll learn about various ways to build a network and connect with the Tor network through Python scripting. You will also learn how to assess a network's vulnerabilities using Python security scripting. Later, you'll learn how to achieve endpoint protection by leveraging Python packages, along with writing forensic scripts.

By the end of this Python book, you'll be able to use Python to build secure apps using cryptography and steganography techniques.

What you will learn

  • Create scripts in Python to automate security and pentesting tasks
  • Explore Python programming tools that are used in network security processes
  • Automate tasks such as analyzing and extracting information from servers
  • Understand how to detect server vulnerabilities and analyze security modules
  • Discover ways to connect to and get information from the Tor network
  • Focus on how to extract information with Python forensics tools

Who this book is for

This Python network security book is for network engineers, system administrators, or any security professional looking to overcome networking and security challenges. You will also find this book useful if you're a programmer with prior experience in Python. A basic understanding of general programming structures and the Python programming language is required before getting started.

Table of Contents

  1. Mastering Python for Networking and Security Second Edition
  2. Why subscribe?
  3. Contributors
  4. About the author
  5. About the reviewers
  6. Packt is searching for authors like you
  7. Preface
    1. Who this book is for
    2. What this book covers
    3. To get the most out of this book
    4. Download the example code files
    5. Code in Action
    6. Download the color images
    7. Conventions used
    8. Get in touch
    9. Reviews
  8. Section 1: The Python Environment and System Programming Tools
  9. Chapter 1: Working with Python Scripting
    1. Technical requirements
    2. Introduction to Python scripting
    3. Why choose Python?
    4. Multi-platform capabilities and versions
    5. Python 3 features
    6. Exploring Python data structures
    7. Lists
    8. Tuples
    9. Python dictionaries
    10. Python functions, classes, and managing exceptions
    11. Python functions
    12. Python classes
    13. Python inheritance
    14. Managing exceptions
    15. Python modules and packages
    16. What is a module in Python?
    17. Getting information from standard modules
    18. Difference between a Python module and a Python package
    19. Python Module Index
    20. Managing parameters in Python
    21. Managing dependencies and virtual environments
    22. Managing dependencies in a Python project
    23. Generating the requirements.txt file
    24. Working with virtual environments
    25. Configuring virtualenv
    26. Development environments for Python scripting
    27. Setting up a development environment
    28. PyCharm
    29. Debugging with PyCharm
    30. Debugging with Python IDLE
    31. Summary
    32. Questions
    33. Further reading
  10. Chapter 2: System Programming Packages
    1. Technical requirements
    2. Introducing system modules in Python
    3. The system (sys) module
    4. The operating system (os) module
    5. The platform module
    6. The subprocess module
    7. Working with the filesystem in Python
    8. Working with files and directories
    9. Reading and writing files in Python
    10. Opening a file with a context manager
    11. Reading a ZIP file using Python
    12. Managing threads in Python
    13. Creating a simple thread
    14. Working with the threading module
    15. Multithreading in Python
    16. Limitations of classic Python threads
    17. Concurrency in Python with ThreadPoolExecutor
    18. Executing ThreadPoolExecutor with a context manager
    19. Working with socket.io
    20. Implementing a server with socket.io
    21. Implementing a client that connects to the server
    22. Summary
    23. Questions
    24. Further reading
  11. Section 2: Network Scripting and Extracting Information from the Tor Network with Python
  12. Chapter 3: Socket Programming
    1. Technical requirements
    2. Introducing sockets in Python
    3. Network sockets in Python
    4. The socket module
    5. Basic client with the socket module
    6. Implementing an HTTP server in Python
    7. Testing the HTTP server
    8. Implementing a reverse shell with sockets
    9. Resolving IPS domains, addresses, and managing exceptions
    10. Gathering information with sockets
    11. Using the reverse lookup command
    12. Managing socket exceptions
    13. Port scanning with sockets
    14. Implementing a basic port scanner
    15. Advanced port scanner
    16. Implementing a simple TCP client and TCP server
    17. Implementing a server and client with sockets
    18. Implementing the TCP server
    19. Implementing the TCP client
    20. Implementing a simple UDP client and UDP server
    21. Implementing the UDP server
    22. Implementing the UDP client
    23. Summary
    24. Questions
    25. Further reading
  13. Chapter 4: HTTP Programming
    1. Technical requirements
    2. Introducing the HTTP protocol
    3. Reviewing the status codes
    4. Building an HTTP client with http.client
    5. Building an HTTP client with urllib.request
    6. Get response and request headers
    7. Extracting emails from a URL with urllib.request
    8. Downloading files with urllib.request
    9. Handling exceptions with urllib.request
    10. Building an HTTP client with requests
    11. Getting images and links from a URL with requests
    12. Making GET requests with the REST API
    13. Making POST requests with the REST API
    14. Managing a proxy with requests
    15. Managing exceptions with requests
    16. Building an HTTP client with httpx
    17. Authentication mechanisms with Python
    18. HTTP basic authentication with a requests module
    19. HTTP digest authentication with the requests module
    20. Summary
    21. Questions
    22. Further reading
  14. Chapter 5: Connecting to the Tor Network and Discovering Hidden Services
    1. Technical requirements
    2. Understanding the Tor Project and hidden services
    3. Exploring the Tor network
    4. What are hidden services?
    5. Tools for anonymity in the Tor network
    6. Connecting to the Tor network
    7. Node types in the Tor network
    8. Installing the Tor service
    9. ExoneraTor and Nyx
    10. Discovering hidden services with OSINT tools
    11. Search engines
    12. Inspecting onion address with onioff
    13. OnionScan as a research tool for the deep web
    14. Docker onion-nmap
    15. Modules and packages in Python for connecting to the Tor network
    16. Connecting to the Tor network from Python
    17. Extracting information from the Tor network with the stem module
    18. Tools that allow us to search hidden services and automate the crawling process in the Tor network
    19. Scraping information from the Tor network with Python tools
    20. Summary
    21. Questions
  15. Section 3: Server Scripting and Port Scanning with Python
  16. Chapter 6: Gathering Information from Servers
    1. Technical requirements
    2. Extracting information from servers with Shodan
    3. Accessing Shodan services
    4. The Shodan RESTful API
    5. Shodan search with Python
    6. Using Shodan filters and the BinaryEdge search engine
    7. Shodan filters
    8. BinaryEdge search engine
    9. Using the socket module to obtain server information
    10. Extracting server banners with Python
    11. Getting information on DNS servers with DNSPython
    12. DNS protocol
    13. DNS servers
    14. The DNSPython module
    15. Getting vulnerable addresses in servers with fuzzing
    16. The fuzzing process
    17. Understanding and using the FuzzDB project
    18. Summary
    19. Questions
    20. Further reading
  17. Chapter 7: Interacting with FTP, SFTP, and SSH Servers
    1. Technical requirements
    2. Connecting with FTP servers
    3. Using the Python ftplib module
    4. Using ftplib to brute-force FTP user credentials
    5. Building an anonymous FTP scanner with Python
    6. Connecting with SSH servers with paramiko and pysftp
    7. Executing an SSH server on Debian Linux
    8. Introducing the paramiko module
    9. Establishing an SSH connection with paramiko
    10. Running commands with paramiko
    11. Using paramiko to brute-force SSH user credentials
    12. Establishing an SSH connection with pysftp
    13. Implementing SSH clients and servers with the asyncSSH and asyncio modules
    14. Checking the security in SSH servers with the ssh-audit tool
    15. Installing and executing ssh-audit
    16. Rebex SSH Check
    17. Summary
    18. Questions
    19. Further reading
  18. Chapter 8: Working with Nmap Scanner
    1. Technical requirements
    2. Introducing port scanning with Nmap
    3. Scan modes with python-nmap
    4. Implementing synchronous scanning
    5. Implementing asynchronous scanning
    6. Working with Nmap through the os and subprocess modules
    7. Discovering services and vulnerabilities with Nmap scripts
    8. Executing Nmap scripts to discover services
    9. Executing Nmap scripts to discover vulnerabilities
    10. Summary
    11. Questions
    12. Further reading
  19. Section 4: Server Vulnerabilities and Security in Python Modules
  20. Chapter 9: Interacting with Vulnerability Scanners
    1. Technical requirements
    2. Understanding vulnerabilities and exploits
    3. What is an exploit?
    4. Vulnerability formats
    5. Introducing the Nessus vulnerability scanner
    6. Installing and executing the Nessus vulnerability scanner
    7. Nessus vulnerabilities reports
    8. Accessing the Nessus API with Python
    9. Interacting with the Nessus server
    10. Introducing the OpenVAS vulnerability scanner
    11. Installing the OpenVAS vulnerability scanner
    12. Understanding the web interface
    13. Scanning a machine using OpenVAS
    14. Accessing OpenVAS with Python
    15. Summary
    16. Questions
    17. Further reading
  21. Chapter 10: Identifying Server Vulnerabilities in Web Applications
    1. Technical requirements
    2. Understanding vulnerabilities in web applications with OWASP
    3. Testing XSS
    4. Analyzing and discovering vulnerabilities in CMS web applications
    5. Using CMSMap
    6. Other CMS scanners
    7. Discovering SQL vulnerabilities with Python tools
    8. Introduction to SQL injection
    9. Identifying pages vulnerable to SQL injection
    10. Introducing SQLmap
    11. Using SQLmap to test a website for a SQL injection vulnerability
    12. Scanning for SQL injection vulnerabilities with the Nmap port scanner
    13. Testing Heartbleed and SSL/TLS vulnerabilities
    14. Vulnerabilities in the Secure Sockets Layer (SSL) protocol
    15. Finding vulnerable servers in the Censys search engine
    16. Analyzing and exploiting the Heartbleed vulnerability (OpenSSL CVE-2014-0160)
    17. Scanning for the Heartbleed vulnerability with the Nmap port scanner
    18. Scanning TLS/SSL configurations with SSLyze
    19. Summary
    20. Questions
    21. Further reading
  22. Chapter 11: Security and Vulnerabilities in Python Modules
    1. Technical requirements
    2. Exploring security in Python modules
    3. Python functions with security issues
    4. Input/output validation
    5. Eval function security
    6. Controlling user input in dynamic code evaluation
    7. Pickle module security
    8. Security in a subprocess module
    9. Using the shlex module
    10. Insecure temporary files
    11. Static code analysis for detecting vulnerabilities
    12. Introducing static code analysis
    13. Introducing Pylint and Dlint
    14. The Bandit static code analyzer
    15. Bandit test plugins
    16. Detecting Python modules with backdoors and malicious code
    17. Insecure packages in PyPi
    18. Backdoor detection in Python modules
    19. Denial-of-service vulnerability in urllib3
    20. Security in Python web applications with the Flask framework
    21. Rendering an HTML page with Flask
    22. Cross-site scripting (XSS) in Flask
    23. Disabling debug mode in the Flask app
    24. Security redirections with Flask
    25. Python security best practices
    26. Using packages with the __init__.py interface
    27. Updating your Python version
    28. Installing virtualenv
    29. Installing dependencies
    30. Using services to check security in Python projects
    31. Summary
    32. Questions
    33. Further reading
  23. Section 5: Python Forensics
  24. Chapter 12: Python Tools for Forensics Analysis
    1. Technical requirements
    2. Volatility framework for extracting data from memory and disk images
    3. Installing Volatility
    4. Identifying the image profile
    5. Volatility plugins
    6. Connecting and analyzing SQLite databases
    7. SQLite databases
    8. The sqlite3 module
    9. Network forensics with PcapXray
    10. Getting information from the Windows registry
    11. Introducing python-registry
    12. Logging in Python
    13. Logging levels
    14. Logging module components
    15. Summary
    16. Questions
    17. Further reading
  25. Chapter 13: Extracting Geolocation and Metadata from Documents, Images, and Browsers
    1. Technical requirements
    2. Extracting geolocation information
    3. Extracting metadata from images
    4. Introduction to EXIF and the PIL module
    5. Getting the EXIF data from an image
    6. Extracting metadata from PDF documents
    7. Identifying the technology used by a website
    8. Extracting metadata from web browsers
    9. Firefox forensics with Python
    10. Chrome forensics with Python
    11. Summary
    12. Questions
    13. Further reading
  26. Chapter 14: Cryptography and Steganography
    1. Technical requirements
    2. Encrypting and decrypting information with pycryptodome
    3. Introduction to cryptography
    4. Introduction to pycryptodome
    5. Encrypting and decrypting information with cryptography
    6. Introduction to the cryptography module
    7. Steganography techniques for hiding information in images
    8. Introduction to steganography
    9. Steganography with Stepic
    10. Generating keys securely with the secrets and hashlib modules
    11. Generating keys securely with the secrets module
    12. Generating keys securely with the hashlib module
    13. Summary
    14. Questions
    15. Further reading
  27. Assessments
    1. Chapter 1 – Working with Python Scripting
    2. Chapter 2 – System Programming Packages
    3. Chapter 3 – Socket Programming
    4. Chapter 4 – HTTP Programming
    5. Chapter 5 – Connecting to the Tor Network and Discovering Hidden Services
    6. Chapter 6 – Gathering Information from Servers
    7. Chapter 7 – Interacting with FTP, SFTP, and SSH Servers
    8. Chapter 8 – Working with Nmap Scanner
    9. Chapter 9 – Interacting with Vulnerability Scanners
    10. Chapter 10 – Identifying Server Vulnerabilities in Web Applications
    11. Chapter 11 – Security and Vulnerabilities in Python Modules
    12. Chapter 12 – Python Tools for Forensics Analysis
    13. Chapter 13 – Extracting Geolocation and Metadata from Documents, Images, and Browsers
    14. Chapter 14 – Cryptography and Steganography
  28. Other Books You May Enjoy
    1. Leave a review - let other readers know what you think
3.135.190.101