Scribd
Upload
915 views66 pages

Ethical Hacking With Python Tools

This document summarizes how Python can be used for ethical hacking and penetration testing. It discusses several Python modules like Sockets, Requests, BeautifulSoup, and Shodan that allow analyzing network traffic and metadata. It also covers port scanning and checking for vulnerabilities using tools like Nmap, port scanning networks asynchronously, and using Nmap scripts to detect vulnerabilities on open ports. Advanced techniques discussed include interfacing with Metasploit through its API, scraping a Nexpose vulnerabilities server with BeautifulSoup, and referencing other Python penetration testing tools and libraries.

Uploaded by

korab korab
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
915 views66 pages

Ethical Hacking With Python Tools

This document summarizes how Python can be used for ethical hacking and penetration testing. It discusses several Python modules like Sockets, Requests, BeautifulSoup, and Shodan that allow analyzing network traffic and metadata. It also covers port scanning and checking for vulnerabilities using tools like Nmap, port scanning networks asynchronously, and using Nmap scripts to detect vulnerabilities on open ports. Advanced techniques discussed include interfacing with Metasploit through its API, scraping a Nexpose vulnerabilities server with BeautifulSoup, and referencing other Python penetration testing tools and libraries.

Uploaded by

korab korab
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 66

Ethical hacking with

Python tools
JOSE MANUEL ORTEGA
@JMORTEGAC

https://speakerdeck.com/jmortega

INDEX
Introduction Python pentesting
Modules(Sockets,Requests,BeautifulSoup,Shodan)
Analysis metadata

Port scanning & Checking vulnerabilities


Advanced tools
Pentesting-tool

Python Pentesting
Multi platform
Prototypes and proofs of concept(POC)
Many tools and libraries focused on security
OSINT and Pentesting tools
Very good documentation

Python Pentesting

http://sparta.secforce.com/

The Harvester

The Harvester

W3AF

Tools
Scapy
Capturing

and analysing network packets

FiMap
Detecting

RFI/LFI vulnerabilites

XSScrapy
Detecting

XSS vulnerabilites

Sockets Port scan


import socket
#TCP
sock = socket(socket.AF_INET,socket.SOCK_STREAM)

result = sock.connect_ex(('127.0.0.1',80))
if result == 0:
print "Port is open"
else:
print "Port is filtered"

Sockets Port scan

Socket resolving IP/domain

Banner server

Banner server

Requests

Checking headers

Checking headers

Requests
import requests
http_proxy = "http://10.10.10.10:3000"
https_proxy = "https://10.10.10.10:3000"

proxyDict = {
"http" : http_proxy,
"https" : https_proxy
}

r = requests.get(url,proxies=proxyDict)

Requests Authentication

BeautifulSoup

Internal/external links

Internal/external links

Extract images and documents

Scrapy

Web Scraping

Shodan

https://developer.shodan.io

Shodan
import shodan
SHODAN_API_KEY = "insert your API key here"
api = shodan.Shodan(SHODAN_API_KEY)

Shodan

https://www.shodan.io/host/136.243.32.71

Shodan

Shodan

BuiltWith
pip install builtwith
builtwith.parse(https://ep2016.europython.eu)

Analysis metadata

Analysis metadata

Analysis metadata

Port Scanning

Python-nmap
Automating port scanning
Synchronous and asynchronous modes

import nmap
# Synchronous
nm = nmap.PortScanner()
# nm.scan(ip/range,port_list)
results = nm.scan('127.0.0.1', '22,25,80,443')

NmapScanner

NmapScanner
for port in port_list:
NmapScanner().nmapScan(ip, port)

NmapScanner Async
#Asynchronous
nm_async = nmap.PortScannerAsync()
def callback_result(host, scan_result):
print '------------------'
print host, scan_result
nm_async.scan(hosts='192.168.1.0/30', arguments='-sP',
callback=callback_result)
while nm_async .still_scanning():
print("Waiting >>>")
nm_async.wait(2)

NmapScanner Async

Scripts Nmap

Scripts Nmap
Programming routines allow to find potential

vulnerabilities in a given target


First check if the port is open
Detect vulnerabilities in the service port openned

nm.scan(arguments="-n -A -p3306 -script=/usr/share/nmap/scripts/mysqlinfo.nse")

Mysql Scripts Nmap

Check FTP Login Anonymous

Check FTP Login Anonymous

Check Webs sites


pip install pywebfuzz

https://github.com/disassembler/pywebfuzz

PyWebFuzz
from pywebfuzz import fuzzdb
import requests
logins = fuzzdb.Discovery.PredictableRes.Logins

domain = "http://192.168.56.101"
for login in logins:
print Checking... "+ domain + login
response = requests.get(domain + login)
if response.status_code == 200:
print "Login Resource: " +login

PyWebFuzz

Heartbleed
Vulnerability in OpenSSL V1.0.1
Multi-threaded tool for scanning hosts for CVE-

2014-0160.
https://github.com/musalbas/heartbleed-masstest
https://filippo.io/Heartbleed

Heartbleed

Heartbleed

Advanced tools

Metasploit
python-msfrpc

Metasploit API call


Calls in msgpack format

Nexpose
Tool developed by Rapid7 for scanning

and vulnerability discovery.


It allows programmatic access to other
programs via HTTP/s requests.
BeautifulSoup to obtain data from
vulnerabilities server

Nexpose

Pentesting tool

https://github.com/jmortega/python-pentesting

https://github.com/jmortega/europython_ethical_hacking

References & libs


http://docs.shodanhq.com
http://docs.python-requests.org/en/master/
http://scrapy.org
http://xael.org/pages/python-nmap-en.html
http://www.pythonsecurity.org/libs
https://github.com/dloss/python-pentest-tools
http://kali-linux.co/2016/07/12/python-tools-for-

penetration-testers%E2%80%8B/
https://github.com/PacktPublishing/Effective-PythonPenetration-Testing

Books

Books

THANK YOU!

You might also like