3. Vulnerability Identification
by Dave Mound, Benjamin May, Andrew Mabbitt, Terry Ip, Cameron Buchanan, Mohit, Chr
Python: Penetration Testing for Developers
- Python: Penetration Testing for Developers
- Table of Contents
- Python: Penetration Testing for Developers
- Python: Penetration Testing for Developers
- Credits
- Preface
- 1. Module 1
- 1. Understanding the Penetration Testing Methodology
- 2. The Basics of Python Scripting
- Understanding the difference between interpreted and compiled languages
- Python – the good and the bad
- A Python interactive interpreter versus a script
- Environmental variables and PATH
- Understanding dynamically typed languages
- The first Python script
- Developing scripts and identifying errors
- Python formatting
- Python variables
- Operators
- Compound statements
- Functions
- The Python style guide
- Arguments and options
- Your first assessor script
- Summary
- 3. Identifying Targets with Nmap, Scapy, and Python
- Understanding how systems communicate
- Understanding Nmap
- Nmap libraries for Python
- The Scapy library for Python
- Summary
- 4. Executing Credential Attacks with Python
- 5. Exploiting Services with Python
- 6. Assessing Web Applications with Python
- 7. Cracking the Perimeter with Python
- 8. Exploit Development with Python, Metasploit, and Immunity
- Getting started with registers
- Understanding the Windows memory structure
- Understanding memory addresses and endianness
- Understanding the manipulation of the stack
- Understanding immunity
- Understanding basic buffer overflow
- Writing a basic buffer overflow exploit
- Understanding stack adjustments
- Understanding the purpose of local exploits
- Understanding other exploit scripts
- Reversing Metasploit modules
- Understanding protection mechanisms
- Summary
- 9. Automating Reports and Tasks with Python
- 10. Adding Permanency to Python Tools
- 2. Module 2
- 1. Python with Penetration Testing and Networking
- Introducing the scope of pentesting
- Approaches to pentesting
- Introducing Python scripting
- Understanding the tests and tools you'll need
- Learning the common testing platforms with Python
- Network sockets
- Server socket methods
- Client socket methods
- General socket methods
- Moving on to the practical
- Summary
- 2. Scanning Pentesting
- 3. Sniffing and Penetration Testing
- 4. Wireless Pentesting
- 5. Foot Printing of a Web Server and a Web Application
- 6. Client-side and DDoS Attacks
- 7. Pentesting of SQLI and XSS
- 1. Python with Penetration Testing and Networking
- 3. Module 3
- 1. Gathering Open Source Intelligence
- Introduction
- Gathering information using the Shodan API
- Scripting a Google+ API search
- Downloading profile pictures using the Google+ API
- Harvesting additional results from the Google+ API using pagination
- Getting screenshots of websites with QtWebKit
- Screenshots based on a port list
- Spidering websites
- 2. Enumeration
- 3. Vulnerability Identification
- 4. SQL Injection
- 5. Web Header Manipulation
- Introduction
- Testing HTTP methods
- Fingerprinting servers through HTTP headers
- Testing for insecure headers
- Brute forcing login through the Authorization header
- Testing for clickjacking vulnerabilities
- Identifying alternative sites by spoofing user agents
- Testing for insecure cookie flags
- Session fixation through a cookie injection
- 6. Image Analysis and Manipulation
- 7. Encryption and Encoding
- Introduction
- Generating an MD5 hash
- Generating an SHA 1/128/256 hash
- Implementing SHA and MD5 hashes together
- Implementing SHA in a real-world scenario
- Generating a Bcrypt hash
- Cracking an MD5 hash
- Encoding with Base64
- Encoding with ROT13
- Cracking a substitution cipher
- Cracking the Atbash cipher
- Attacking one-time pad reuse
- Predicting a linear congruential generator
- Identifying hashes
- 8. Payloads and Shells
- 9. Reporting
- 1. Gathering Open Source Intelligence
- A. Bibliography
- Index
In this chapter, we will cover the following topics:
- Automated URL-based Directory Traversal
- Automated Cross-site scripting (parameter and URL)
- Automated parameter-based Cross-site scripting
- Automated fuzzing
- jQuery checking
- Header-based Cross-site scripting
- Shellshock checking
This chapter focuses on identifying traditional web app vulnerabilities from the Top 10 Open Web Application Security Project (OWASP). This would include Cross-site scripting (XSS), Directory Traversal, and those other vulnerabilities that are simple enough to check for not to warrant their own chapter. This chapter provides a parameter-based and URL-based version of each script to allow for either eventuality and cut down on individual script complexity. Most of these tools have fully crafted alternatives, such as Burp Intruder. The benefit of seeing each tool in its simplistic Python is that it allows you to understand how to build and craft your own versions.
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.