- 176 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
Python for Offensive PenTest
About This Book
Your one-stop guide to using Python, creating your own hacking tools, and making the most out of resources available for this programming languageAbout This Book• Comprehensive information on building a web application penetration testing framework using Python• Master web application penetration testing using the multi-paradigm programming language Python• Detect vulnerabilities in a system or application by writing your own Python scriptsWho This Book Is ForThis book is for ethical hackers; penetration testers; students preparing for OSCP, OSCE, GPEN, GXPN, and CEH; information security professionals; cybersecurity consultants; system and network security administrators; and programmers who are keen on learning all about penetration testing.What You Will Learn• Code your own reverse shell (TCP and HTTP)• Create your own anonymous shell by interacting with Twitter, Google Forms, and SourceForge• Replicate Metasploit features and build an advanced shell• Hack passwords using multiple techniques (API hooking, keyloggers, and clipboard hijacking)• Exfiltrate data from your target• Add encryption (AES, RSA, and XOR) to your shell to learn how cryptography is being abused by malware• Discover privilege escalation on Windows with practical examples• Countermeasures against most attacksIn DetailPython is an easy-to-learn and cross-platform programming language that has unlimited third-party libraries. Plenty of open source hacking tools are written in Python, which can be easily integrated within your script.This book is packed with step-by-step instructions and working examples to make you a skilled penetration tester. It is divided into clear bite-sized chunks, so you can learn at your own pace and focus on the areas of most interest to you. This book will teach you how to code a reverse shell and build an anonymous shell. You will also learn how to hack passwords and perform a privilege escalation on Windows with practical examples. You will set up your own virtual hacking environment in VirtualBox, which will help you run multiple operating systems for your testing environment.By the end of this book, you will have learned how to code your own scripts and mastered ethical hacking from scratch.Style and approachThis book follows a practical approach that takes a gradual learning curve, building up your knowledge about ethical hacking, right from scratch. The focus is less on theory and more on practical examples through a step-by-step approach.
Frequently asked questions
Information
Warming up – Your First Antivirus-Free Persistence Shell
- Preparing the attacker machine
- Preparing the target machine
- TCP reverse Shell
- HTTP reverse Shell
- Persistence
- Tuning connection attempts
- Tips for preventing a shell breakdown
- Countermeasures
Preparing the attacker machine
Setting up internet access
- Click on the Devices menu from VirtualBox's menu bar
- Go to Network and select Network Settings
- Select the network mode as NAT and click on OK as shown in the following screenshot:
apt-get install idle
Preparing the target machine
- Go to Advanced system settings | Environment Variables.
- In System Variables, scroll down until you reach the variable Path. You will need to append the Python path and the pip path here.
- Copy the path where the Python application is installed and append it to the Variable value.
- Ensure that you insert a semicolon at the end, just to make sure that you append it to our existing Variable value.
- Also, copy the path where pip is installed from the /Scripts folder and append it to the Variable value as shown in the following screenshot:
- Restart the machine so that it recognizes the new values we've just inserted.
- After the restart is complete, open a command line and type python and the interactive shell will appear:
- Now, to get connectivity with our Kali machine, make sure that the network setting is set to Internal Network and the network name matches the name on the Kali side, which is intnet:
- Lastly, we need to give this machine an IP address on the same subnet as the Kali machine. We can change the network settings by going to Network and Internet/Network and Sharing Center from the control panel. Click on the Local Area Connection and then click on Properties. From there, go to Internet Protocol Version 4 (TCP/IPv4), enter the IP address as 10.0.2.10 and the rest as shown in the following screenshot. Then click on OK:
TCP reverse shell
Table of contents
- Title Page
- Copyright and Credits
- Packt Upsell
- Contributors
- Preface
- Warming up – Your First Antivirus-Free Persistence Shell
- Advanced Scriptable Shell
- Password Hacking
- Catch Me If You Can!
- Miscellaneous Fun in Windows
- Abuse of Cryptography by Malware
- Other Books You May Enjoy