Python for Cybersecurity
Using Python for Cyber Offense and Defense
Howard E. Poston, III
- English
- ePUB (adapté aux mobiles)
- Disponible sur iOS et Android
Python for Cybersecurity
Using Python for Cyber Offense and Defense
Howard E. Poston, III
Ă propos de ce livre
Discover an up-to-date and authoritative exploration of Python cybersecurity strategies
Python For Cybersecurity: Using Python for Cyber Offense and Defense delivers an intuitive and hands-on explanation of using Python for cybersecurity. It relies on the MITRE ATT&CK framework to structure its exploration of cyberattack techniques, attack defenses, and the key cybersecurity challenges facing network administrators and other stakeholders today.
Offering downloadable sample code, the book is written to help you discover how to use Python in a wide variety of cybersecurity situations, including:
- Reconnaissance, resource development, initial access, and execution
- Persistence, privilege escalation, defense evasion, and credential access
- Discovery, lateral movement, collection, and command and control
- Exfiltration and impact
Each chapter includes discussions of several techniques and sub-techniques that could be used to achieve an attacker's objectives in any of these use cases. The ideal resource for anyone with a professional or personal interest in cybersecurity, Python For Cybersecurity offers in-depth information about a wide variety of attacks and effective, Python-based defenses against them.
Foire aux questions
Informations
CHAPTER 1
Fulfilling Pre-ATT&CK Objectives
scapy
and various DNS libraries.https://www.wiley.com/go/pythonforcybersecurity
and contains the following sample code files:PortScan.py
HoneyScan.py
DNSExploration.py
HoneyResolver.py
Active Scanning
Scanning Networks with scapy
- SYN scan: A SYN scan sends a TCP SYN packet to a port and looks for a SYN/ACK packet in response.
- DNS scan: A DNS scan tests to see whether a DNS server is running on the target system.
scapy
library in Python. scapy
makes it easy to create and send custom packets over the network and to sniff network traffic for responses.PortScan.py
from scapy.all import *
import ipaddress
ports = [25,80,53,443,445,8080,8443]
def SynScan(host):
ans,unans = sr(
IP(dst=host)/
TCP(sport=33333,dport=ports,flags="S")
,timeout=2,verbose=0)
print("Open ports at %s:" % host)
for (s,r,) in ans:
if s[TCP].dport == r[TCP].sport and r[TCP].flags=="SA":
print(s[TCP].dport)
def DNSScan(host):
ans,unans = sr(
IP(dst=host)/
...
Table des matiĂšres
- Cover
- Table of Contents
- Title Page
- Introduction
- CHAPTER 1: Fulfilling Pre-ATT&CK Objectives
- CHAPTER 2: Gaining Initial Access
- CHAPTER 3:Achieving Code Execution
- CHAPTER 4: Maintaining Persistence
- CHAPTER 5: Performing Privilege Escalation
- CHAPTER 6: Evading Defenses
- CHAPTER 7: Accessing Credentials
- CHAPTER 8: Performing Discovery
- CHAPTER 9: Moving Laterally
- CHAPTER 10: Collecting Intelligence
- CHAPTER 11: Implementing Command and Control
- CHAPTER 12: Exfiltrating Data
- CHAPTER 13: Achieving Impact
- Index
- Copyright
- Dedication
- About the Author
- About the Technical Editor
- End User License Agreement