Python for Pentesintg
Hello Everybody,
I started a blog about using Python for penetration testing. I'm going to write about everything useful for pentesters, also some useful Python basics for writing a strong tools.
you might like to take a look :
http://pytesting.blogspot.com/
Cool! Appreciate if you post link to your blog post here each time you put something new there. We'll get to learn some stuff and you'll get traffic on your blog - win-win situationOriginally Posted by ZeroBoy
Infact you can create a new thread here for your each blog post. Would be each to comment and give feedback.
Cheers!
Last edited by b0nd; 09-27-2013 at 11:35 AM.
[*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
------> become the master!!! <------
[*] Everyone has a will to WIN but very few have the will to prepare to WIN
[*] Invest yourself in everything you do, there's fun in being serious
Thanks for compliments bro, i appreciate it. and yes, i'm gonna update this thread with the new article. also, i created a facebook page (found in the blog) to discuss many issues and contains new updates in the blog. i also replied to your question there
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.Python for Pentesting
You’re a Pentester, and a company asked you to pentest their system because they realized that someone behind his computer messing with the system. You bring your tools arsenal and start doing penetration testing stuff. Unfortunately, all of your tools have failed to detect and exploit the system. The person who is responsible of information security asked you a full-detailed report of security holes and how you found them (used tools and techniques…). What do you do when all tools fell down? You write in the report that the available tools are sucks?
Read more -> http://pytesting.blogspot.de/2013/09...g-concept.html
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.Python for Pentesting
[+] Port Scanning with Python
1. Introduction
Port scanning is very important technique to probe a host for open ports. We can define it as trying to connect to the host from a list of ports, with the goal of finding an active ports and identifying running services on a targest to pentest it.
We can connect to any machine attached to the network using TCP/IP Protocol, by providing it's address and port number. Port number varies from 1 to 65536.
As a result of scan on a port, we can get:
[+] Open or Accepted: The host established a connection
[+] Closed, Denied or Not Listening: The specified port is closed
Read more -> http://goo.gl/iEz6FJ
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.Python for Pentesting
SSH Attack Victors and Penetration Testing
1. Introduction
SSH or Secure Shell is a secure network protocol used to log into a remote machine and execute commands. It supports also Secure File Transfer and Tunneling/Forwarding TCP ports connections. All communications are automatically encrypted using the public-key cryptography. SSH supports different types of authentication, what concerns us in this article is the password-based authentication and public key-based authentication.
[+] Password-based authentication: is simply giving the password to establish a secure shell.
[+] Public key-based authentication: user should manually generate public-private key pair and store the public key in the directory ~/.ssh/authorized_keys on the remote machine. Everytime the user wants to establish a Secure Shell, he should pass the private-key to the remote machine, and if the matching public-key found in ~/.ssh/authorized_keys directory on the remote machine, the user can authenticate without using a password.
So basically, we are going to discuss two attack victors:
[+] SSH Password Brute Force
[+] SSH Weak Private-Keys Brute Force
Read more: http://pytesting.blogspot.com/2014/02/ssh-attacks-and-penetration-testing.html
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.Python for Pentesting
FTP Anonymous Login Scanner
This script do an Anonymous Login scan of random FTP hosts. It uses threads to scan multiple hosts at the same time in order to make the scan faster.
The help text of the script looks like this:
Screenshot of the script's output:Code:Usage: AnonFTP.py [options] Options: -h, --help show this help message and exit -n nHost Number of hosts -o FILE, --output=FILE File to save logs -v, --verbose Logs everything -t TIMEOUT, --timeout=TIMEOUT Timeout in seconds -m MAX, --maxthread=MAX Maximum thread number
The script and the blogpost is HERE
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.Python for Pentesting
Posting Permissions
Reply With Quote
