Results 1 to 7 of 7

Thread: Python for Pentesintg Share/Save - My123World.Com!

  1. #1

    Lightbulb Python for Pentesintg

    Hello Everybody,

    I started a blog about using Python for penetration testing. I'm going to write about everything useful for pentesters, also some useful Python basics for writing a strong tools.
    you might like to take a look :
    http://pytesting.blogspot.com/

  2. #2
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    Quote Originally Posted by ZeroBoy View Post
    Hello Everybody,

    I started a blog about using Python for penetration testing. I'm going to write about everything useful for pentesters, also some useful Python basics for writing a strong tools.
    you might like to take a look :
    http://pytesting.blogspot.com/
    Cool! Appreciate if you post link to your blog post here each time you put something new there. We'll get to learn some stuff and you'll get traffic on your blog - win-win situation

    Infact you can create a new thread here for your each blog post. Would be each to comment and give feedback.

    Cheers!
    Last edited by b0nd; 09-27-2013 at 11:35 AM.
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

  3. #3
    Thanks for compliments bro, i appreciate it. and yes, i'm gonna update this thread with the new article. also, i created a facebook page (found in the blog) to discuss many issues and contains new updates in the blog. i also replied to your question there

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    Python for Pentesting

  4. #4

    Introducing The Pytesting Concept

    You’re a Pentester, and a company asked you to pentest their system because they realized that someone behind his computer messing with the system. You bring your tools arsenal and start doing penetration testing stuff. Unfortunately, all of your tools have failed to detect and exploit the system. The person who is responsible of information security asked you a full-detailed report of security holes and how you found them (used tools and techniques…). What do you do when all tools fell down? You write in the report that the available tools are sucks?
    Read more -> http://pytesting.blogspot.de/2013/09...g-concept.html

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    Python for Pentesting

  5. #5
    [+] Port Scanning with Python
    1. Introduction
    Port scanning is very important technique to probe a host for open ports. We can define it as trying to connect to the host from a list of ports, with the goal of finding an active ports and identifying running services on a targest to pentest it.

    We can connect to any machine attached to the network using TCP/IP Protocol, by providing it's address and port number. Port number varies from 1 to 65536.
    As a result of scan on a port, we can get:
    [+] Open or Accepted: The host established a connection
    [+] Closed, Denied or Not Listening: The specified port is closed

    Read more -> http://goo.gl/iEz6FJ

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    Python for Pentesting

  6. #6

    SSH Attack Victors and Penetration Testing

    SSH Attack Victors and Penetration Testing

    1. Introduction
    SSH or Secure Shell is a secure network protocol used to log into a remote machine and execute commands. It supports also Secure File Transfer and Tunneling/Forwarding TCP ports connections. All communications are automatically encrypted using the public-key cryptography. SSH supports different types of authentication, what concerns us in this article is the password-based authentication and public key-based authentication.

    [+] Password-based authentication: is simply giving the password to establish a secure shell.
    [+] Public key-based authentication: user should manually generate public-private key pair and store the public key in the directory ~/.ssh/authorized_keys on the remote machine. Everytime the user wants to establish a Secure Shell, he should pass the private-key to the remote machine, and if the matching public-key found in ~/.ssh/authorized_keys directory on the remote machine, the user can authenticate without using a password.


    So basically, we are going to discuss two attack victors:
    [+] SSH Password Brute Force
    [+] SSH Weak Private-Keys Brute Force

    Read more: http://pytesting.blogspot.com/2014/02/ssh-attacks-and-penetration-testing.html

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    Python for Pentesting

  7. #7
    FTP Anonymous Login Scanner

    This script do an Anonymous Login scan of random FTP hosts. It uses threads to scan multiple hosts at the same time in order to make the scan faster.
    The help text of the script looks like this:
    Code:
    Usage: AnonFTP.py [options]
    
    Options:  
      -h, --help            show this help message and exit  
      -n nHost              Number of hosts  
      -o FILE, --output=FILE  
                            File to save logs  
      -v, --verbose         Logs everything  
      -t TIMEOUT, --timeout=TIMEOUT  
                            Timeout in seconds  
      -m MAX, --maxthread=MAX  
                            Maximum thread number
    Screenshot of the script's output:
    Name:  screenshot.png
Views: 1715
Size:  7.9 KB

    The script and the blogpost is HERE

    To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
    Python for Pentesting

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •