Mastering Python for Networking and Security

Leverage Python scripts and libraries to overcome networking and security issues
 
 
Packt Publishing
  • 1. Auflage
  • |
  • erschienen am 28. September 2018
  • |
  • 426 Seiten
 
E-Book | PDF mit Adobe-DRM | Systemvoraussetzungen
E-Book | ePUB mit Adobe-DRM | Systemvoraussetzungen
978-1-78899-070-7 (ISBN)
 
Master Python scripting to build a network and perform security operationsKey FeaturesLearn to handle cyber attacks with modern Python scriptingDiscover various Python libraries for building and securing your networkUnderstand Python packages and libraries to secure your network infrastructureBook DescriptionIt's becoming more and more apparent that security is a critical aspect of IT infrastructure. A data breach is a major security incident, usually carried out by just hacking a simple network line. Increasing your network's security helps step up your defenses against cyber attacks. Meanwhile, Python is being used for increasingly advanced tasks, with the latest update introducing many new packages. This book focuses on leveraging these updated packages to build a secure network with the help of Python scripting. This book covers topics from building a network to the different procedures you need to follow to secure it. You'll first be introduced to different packages and libraries, before moving on to different ways to build a network with the help of Python scripting. Later, you will learn how to check a network's vulnerability using Python security scripting, and understand how to check vulnerabilities in your network. As you progress through the chapters, you will also learn how to achieve endpoint protection by leveraging Python packages along with writing forensic scripts. By the end of this book, you will be able to get the most out of the Python language to build secure and robust networks that are resilient to attacks.What you will learnDevelop Python scripts for automating security and pentesting tasksDiscover the Python standard library's main modules used for performing security-related tasksAutomate analytical tasks and the extraction of information from serversExplore processes for detecting and exploiting vulnerabilities in serversUse network software for Python programmingPerform server scripting and port scanning with PythonIdentify vulnerabilities in web applications with PythonUse Python to extract metadata and forensicsWho this book is forThis book is ideal for network engineers, system administrators, or any security professional looking at tackling networking and security challenges. Programmers with some prior experience in Python will get the most out of this book. Some basic understanding of general programming structures and Python is required.
weitere Ausgaben werden ermittelt
Jose Manuel Ortega is a Software Engineer and he focuses on new technologies, open source, security and testing. His career target from the beginning has been to specialize in Python and security testing projects. In recent years he has developed interest in security development, especially in pentesting with python. Currently he is working as a security tester engineer and his functions in the project are analysis and testing the security of applications both web and mobile environments. He has taught at university level and collaborated with the official school of computer engineers. He has also been a speaker at various conferences.He is very enthusiastic to learn about new technologies and he loves to share his knowledge with community.
  • Intro
  • Cover
  • Title Page
  • Copyright and Credits
  • Packt Upsell
  • Contributors
  • Table of Contents
  • Preface
  • Chapter 1: Working with Python Scripting
  • Technical requirements
  • Programming and installing Python
  • Introducing Python scripting
  • Why choose Python?
  • Multi-platform
  • Object-Oriented Programming
  • Obtaining and installing Python
  • Installing Python on Windows
  • Installing Python for Linux
  • Python collections
  • Lists
  • Reversing a List
  • Comprehension lists
  • Tuples
  • Dictionaries
  • Python functions and managing exceptions
  • Python functions
  • Managing exceptions
  • Python as an OOP language
  • Inheritance
  • The OMSTD methodology and STB Module for Python scripting
  • Python packages and modules
  • What is a module in Python?
  • Difference Between a Python Module and a Python Package
  • Passing parameters in Python
  • Managing dependencies in a Python project
  • Generating the requirements.txt file
  • Working with virtual environments
  • Using virtualenv and virtualwrapper
  • The STB (Security Tools Builder) module
  • The main development environments for script-development
  • Setting up a development environment
  • Pycharm
  • WingIDE
  • Debugging with WingIDE
  • Summary
  • Questions
  • Further reading
  • Chapter 2: System Programming Packages
  • Technical requirements
  • Introducing system modules in python
  • The system module
  • The operating system module
  • Contents of the current working directory
  • Determining the operating system
  • Subprocess module
  • Working with the filesystem in Python
  • Accessing files and directories
  • Recursing through directories
  • Checking whether a specific path is a file or directory
  • Checking whether a file or directory exists
  • Creating directories in Python
  • Reading and writing files in Python
  • File methods
  • Opening a file
  • With a Context Manager
  • Reading a file line by line
  • Threads in Python
  • Introduction to Threads
  • Types of threads
  • Processes vs Threads
  • Creating a simple Thread
  • Threading module
  • Multithreading and concurrency in Python
  • Introduction to Multithreading
  • Multithreading in Python
  • Limitations with classic python threads
  • Concurrency in python with ThreadPoolExecutor
  • Creating ThreadPoolExecutor
  • ThreadPoolExecutor in practice
  • Executing ThreadPoolExecutor with Context Manager
  • Python Socket.io
  • Introducing WebSockets
  • aiohttp and asyncio
  • Implementing a Server with socket.io
  • Summary
  • Questions
  • Further reading
  • Chapter 3: Socket Programming
  • Technical requirements
  • Introduction to sockets
  • Network sockets in Python
  • The socket module
  • Socket methods
  • Server socket methods
  • Client socket methods
  • Basic client with the socket module
  • Creating a simple TCP client and TCP server
  • Creating a server and client with sockets
  • Implementing the TCP serverIn this example, we are going to create a multithreaded TCP server.
  • Implementing the TCP client
  • Creating a simple UDP client and UDP server
  • Introduction to the UDP protocol
  • UDP client and server with the socket module
  • Implementing the UDP Server
  • Implementing the UDP client
  • Resolving IP addresses and domains
  • Gathering information with sockets
  • Reverse lookup
  • Practical use cases for sockets
  • Port scanner with sockets
  • Managing socket exceptions
  • Summary
  • Questions
  • Further reading
  • Chapter 4: HTTP Programming
  • Technical requirements
  • HTTP protocol and building HTTP clients in python
  • Introduction to the HTTP Protocol
  • Building an HTTP Client with httplib
  • Building an HTTP Client with urllib2
  • Introduction to urllib2
  • Response objects
  • Status codes
  • Checking HTTP headers with urllib2
  • Using the urllib2 Request class
  • Customizing requests with urllib2
  • Getting emails from a URL with urllib2
  • Getting links from a URL with urllib2
  • Building an HTTP Client with requests
  • Introduction to requests
  • Requests advantages
  • Making GET Requests with the REST API
  • Making POST Requests with the REST API
  • Making Proxy Requests
  • Managing exceptions with requests
  • Authentication mechanisms with Python
  • Authentication with the requests module
  • HTTP Basic authentication
  • HTTP Digest Authentication
  • Summary
  • Questions
  • Further Reading
  • Chapter 5: Analyzing Network Traffic
  • Technical requirements
  • Capturing and injecting packets with pcapy
  • Introduction to pcapy
  • Capturing packets with pcapy
  • Reading headers from packets
  • Capturing and injecting packets with scapy
  • What can we do with scapy?
  • Scapy advantages and disadvantages
  • Introduction to scapy
  • Scapy commands
  • Sending packets with scapy
  • Packet-sniffing with scapy
  • Using Lamda functions with scapy
  • Filtering UDP packets
  • Port-scanning and traceroute with scapy
  • Port-scanning with scapy
  • Traceroute command with scapy
  • Reading pcap files with scapy
  • Introduction to the PCAP format
  • Reading pcap files with scapy
  • Writing a pcap file
  • Sniffing from a pcap file with scapy
  • Network Forensic with scapy
  • Summary
  • Questions
  • Further reading
  • Chapter 6: Gathering Information from Servers
  • Technical requirements
  • Introduction to gathering information
  • Extracting information from servers with Shodan
  • Introduction to Shodan
  • Accessing Shodan services
  • Shodan filters
  • Shodan search with python
  • Performing searches by a given host
  • Searching for FTP servers
  • Using python to obtain server information
  • Extracting servers banners with python
  • Finding whois information about a server
  • Getting information on dns servers with DNSPython
  • DNS protocol
  • DNS servers
  • The DNSPython module
  • Getting vulnerable addresses in servers with Fuzzing
  • The Fuzzing process
  • The FuzzDB project
  • Fuzzing with python with pywebfuzz
  • Summary
  • Questions
  • Further reading
  • Chapter 7: Interacting with FTP, SSH, and SNMP Servers
  • Technical requirements
  • Connecting with FTP servers
  • The File Transfer Protocol (FTP)
  • The Python ftplib module
  • Transferring files with FTP
  • Using ftplib to brute force FTP user credentials
  • Building an anonymous FTP scanner with Python
  • Connecting with SSH servers
  • The Secure Shell (SSH) protocol
  • Introduction to Paramiko
  • Installing Paramiko
  • Establishing SSH connection with Paramiko
  • Running commands with Paramiko
  • SSH connection with brute-force processing
  • SSH connection with pxssh
  • Running a command on a remote SSH server
  • Connecting with SNMP servers
  • The Simple Network Management Protocol (SNMP)
  • PySNMP
  • Summary
  • Questions
  • Further reading
  • Chapter 8: Working with Nmap Scanners
  • Technical requirements
  • Introducing port scanning with Nmap
  • Introducing to port scanning
  • Scanning types with Nmap
  • Port scanning with python-nmap
  • Introduction to python-nmap
  • Installing python-nmap
  • Using python-nmap
  • Scan modes with python-nmap
  • Synchronous scanning
  • Asynchronous scanning
  • Vulnerabilities with Nmap scripts
  • Executing Nmap scripts to detect vulnerabilities
  • Detecting vulnerabilities in FTP service
  • Summary
  • Questions
  • Further reading
  • Chapter 9: Connecting with the Metasploit Framework
  • Technical requirements
  • Introducing the Metasploit framework
  • Introduction to exploiting
  • Metasploit framework
  • Metasploit architecture
  • Interacting with the Metasploit framework
  • Introduction to msfconsole
  • Introduction to the Metasploit exploit module
  • Introduction to the Metasploit payload module
  • Introduction to msgrpc
  • Connecting the Metasploit framework and Python
  • Introduction to MessagePack
  • Installing python-msfrpc
  • Executing API calls
  • Exploiting the Tomcat service with Metasploit
  • Using the tomcat_mgr_deploy exploit
  • Connecting Metasploit with pyMetasploit
  • Introduction to PyMetasploit
  • Interacting with the Metasploit framework from python
  • Summary
  • Questions
  • Further reading
  • Chapter 10: Interacting with the Vulnerabilities Scanner
  • Technical requirements
  • Introducing vulnerabilities
  • Vulnerabilities and exploits
  • What is a vulnerability?
  • What is an exploit?
  • Vulnerabilities format
  • Introducing the Nessus Vulnerabilities scanner
  • Installing the Nessus Vulnerabilities scanner
  • Executing the Nessus Vulnerabilities scanner
  • Identifying vulnerabilities with Nessus
  • Accessing the Nessus API with Python
  • Installing the nessrest Python module
  • Interacting with the nesssus server
  • Introducing the Nexpose Vulnerabilities scanner
  • Installing the Nexpose Vulnerabilities scanner
  • Executing the Nexpose Vulnerabilities scanner
  • Accessing the Nexpose API with Python
  • Installing the pynexpose Python Module
  • Summary
  • Questions
  • Further reading
  • Chapter 11: Identifying Server Vulnerabilities in Web Applications
  • Technical requirements
  • Introducing vulnerabilities in web applications with OWASP
  • Introduction to OWASP
  • OWASP common attacks
  • Testing Cross-site scripting (XSS)
  • W3af scanner vulnerabilities in web applications
  • W3af overview
  • W3AF profiles
  • W3af install
  • W3af in Python
  • Discovering sql vulnerabilities with Python tools
  • Introduction to SQL injection
  • Identifying pages vulnerable to SQL Injection
  • Introducing SQLmap
  • Installing SQLmap
  • Using SQLMAP to test a website for a SQL Injection vulnerability
  • Other commands
  • Other tools for detecting SQL Injection vulnerabilities
  • DorkMe
  • XSScrapy
  • Testing heartbleed and SSL/TLS vulnerabilities
  • Introducing OpenSSL
  • Finding vulnerable servers in Shodan
  • Heartbleed vulnerability (OpenSSL CVE-2014-0160)
  • Other tools for testing openssl vulnerability
  • Heartbleed-masstest
  • Scanning for Heartbleed with the nmap port scanner
  • Analyzing SSL/TLS configurations with SSLyze script
  • Other services
  • Summary
  • Questions
  • Further reading
  • Chapter 12: Extracting Geolocation and Metadata from Documents, Images, and Browsers
  • Technical Requirements
  • Extracting geolocation information
  • Introduction to geolocation
  • Introduction to Pygeoip
  • Introduction to pygeocoder
  • The MaxMind database in Python
  • Extracting metadata from images
  • Introduction to Exif and the PIL module
  • Getting the EXIF data from an image
  • Understanding Exif Metadata
  • Extracting metadata from web images
  • Extracting metadata from pdf documents
  • Introduction to PyPDF2
  • Peepdf
  • Identifying the technology used by a website
  • Introduction to the builtwith module
  • Wappalyzer
  • wig - webapp information gatherer
  • Extracting metadata from web browsers
  • Firefox Forensics in Python with dumpzilla
  • Dumpzilla command line
  • Firefox forensics in Python with firefeed
  • Chrome forensics with python
  • Chrome forensics with Hindsight
  • Summary
  • Questions
  • Further reading
  • Chapter 13: Cryptography and Steganography
  • Technical requirements
  • Encrypting and decrypting information with pycrypto
  • Introduction to cryptography
  • Introduction to pycrypto
  • Encrypting and decrypting with the DES algorithm
  • Encrypting and decrypting with the AES algorithm
  • File encryption with AES
  • File decryption with AES
  • Encrypting and decrypting information with cryptography
  • Introduction to cryptography
  • Symmetric encryption with the fernet package
  • Using passwords with the fernet package
  • Symmetric encryption with the ciphers package
  • Steganography techniques for hiding information in images
  • Introduction to Steganography
  • Steganography with Stepic
  • Hiding data inside images with stepic
  • Summary
  • Questions
  • Further reading
  • Assessments
  • Other Books You May Enjoy
  • Index

Dateiformat: PDF
Kopierschutz: Adobe-DRM (Digital Rights Management)

Systemvoraussetzungen:

Computer (Windows; MacOS X; Linux): Installieren Sie bereits vor dem Download die kostenlose Software Adobe Digital Editions (siehe E-Book Hilfe).

Tablet/Smartphone (Android; iOS): Installieren Sie bereits vor dem Download die kostenlose App Adobe Digital Editions (siehe E-Book Hilfe).

E-Book-Reader: Bookeen, Kobo, Pocketbook, Sony, Tolino u.v.a.m. (nicht Kindle)

Das Dateiformat PDF zeigt auf jeder Hardware eine Buchseite stets identisch an. Daher ist eine PDF auch für ein komplexes Layout geeignet, wie es bei Lehr- und Fachbüchern verwendet wird (Bilder, Tabellen, Spalten, Fußnoten). Bei kleinen Displays von E-Readern oder Smartphones sind PDF leider eher nervig, weil zu viel Scrollen notwendig ist. Mit Adobe-DRM wird hier ein "harter" Kopierschutz verwendet. Wenn die notwendigen Voraussetzungen nicht vorliegen, können Sie das E-Book leider nicht öffnen. Daher müssen Sie bereits vor dem Download Ihre Lese-Hardware vorbereiten.

Bitte beachten Sie bei der Verwendung der Lese-Software Adobe Digital Editions: wir empfehlen Ihnen unbedingt nach Installation der Lese-Software diese mit Ihrer persönlichen Adobe-ID zu autorisieren!

Weitere Informationen finden Sie in unserer E-Book Hilfe.


Dateiformat: ePUB
Kopierschutz: Adobe-DRM (Digital Rights Management)

Systemvoraussetzungen:

Computer (Windows; MacOS X; Linux): Installieren Sie bereits vor dem Download die kostenlose Software Adobe Digital Editions (siehe E-Book Hilfe).

Tablet/Smartphone (Android; iOS): Installieren Sie bereits vor dem Download die kostenlose App Adobe Digital Editions (siehe E-Book Hilfe).

E-Book-Reader: Bookeen, Kobo, Pocketbook, Sony, Tolino u.v.a.m. (nicht Kindle)

Das Dateiformat ePUB ist sehr gut für Romane und Sachbücher geeignet - also für "fließenden" Text ohne komplexes Layout. Bei E-Readern oder Smartphones passt sich der Zeilen- und Seitenumbruch automatisch den kleinen Displays an. Mit Adobe-DRM wird hier ein "harter" Kopierschutz verwendet. Wenn die notwendigen Voraussetzungen nicht vorliegen, können Sie das E-Book leider nicht öffnen. Daher müssen Sie bereits vor dem Download Ihre Lese-Hardware vorbereiten.

Bitte beachten Sie bei der Verwendung der Lese-Software Adobe Digital Editions: wir empfehlen Ihnen unbedingt nach Installation der Lese-Software diese mit Ihrer persönlichen Adobe-ID zu autorisieren!

Weitere Informationen finden Sie in unserer E-Book Hilfe.


Download (sofort verfügbar)

44,59 €
inkl. 7% MwSt.
Download / Einzel-Lizenz
PDF mit Adobe-DRM
siehe Systemvoraussetzungen
E-Book bestellen

35,99 €
inkl. 7% MwSt.
Download / Einzel-Lizenz
ePUB mit Adobe-DRM
siehe Systemvoraussetzungen
E-Book bestellen