The analysis of vulnerabilities in web applications is currently the best field in which to perform security audits. One of the objectives of this chapter was to learn about the tools in the python ecosystem that allow us to identify server vulnerabilities in web applications, such as w3af and sqlmap. In the sql injection section, we covered sql injection and tools for detecting this kind of vulnerability with sqlmap and xssscrapy. Also, we looked at how to detect vulnerabilities related to OpenSSL in servers.

In the next chapter, we will explore programming packages and python modules for extracting information about geolocation IP addresses, extracting metadata from images and documents, and identifying web technology used by a site in the front and the back.