Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Ethical hacking with Python tools at Europython...
Search
jmortegac
July 22, 2016
Programming
670
1
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Ethical hacking with Python tools at Europython 2016
Ethical hacking with Python tools at Europython 2016
jmortegac
July 22, 2016
More Decks by jmortegac
See All by jmortegac
Security in Model Context Protocol: An Analysis of the OWASP MCP Top 10
jmortega
0
19
Simulando ataques adversarios con TextAttack: Vulnerabilidades y defensas en PLN
jmortega
0
33
Seguridad en la nube: defensa para activos digitales
jmortega
0
29
Simulando ataques adversarios con TextAttack: Vulnerabilidades y defensas en PLN
jmortega
1
50
Seguridad y auditorías en Modelos grandes del lenguaje (LLM)
jmortega
1
60
Seguridad y auditorías en Modelos grandes del lenguaje (LLM)
jmortega
1
130
Security and auditing tools in Large Language Models (LLM)
jmortega
1
95
Beyond the hype: The reality of AI security
jmortega
1
98
Seguridad y auditorías en Modelos grandes del lenguaje (LLM)
jmortega
1
140
Other Decks in Programming
See All in Programming
Datadog × OpenTelemetry 入門と実践のあいだ
kn_to_maxpno
1
180
Even G2とAWSで推しのエージェントを召喚しよう!
har1101
1
140
Snowflake Summitでの新機能 CoCo / CoWork / snowflake-summit-2026-overall-what-new-coco
tatsuhiro
1
200
ローカルLLMでどこまでコードが書けるか -拡張版 / How much code can be written on a local LLM Extended
kishida
12
4.5k
メソッドのジェネリクスでGoの夢は広がるか? / Kyoto.go #65
utgwkk
3
1k
AI 輔助遺留系統現代化的經驗分享
jame2408
1
1.1k
エージェンティックRAGにAWSで入門しよう!
har1101
9
1.8k
Agentic UI
manfredsteyer
PRO
0
210
Lessons from Spec-Driven Development
simas
PRO
0
230
作って学ぶ、 JSX (TSX) ランタイムの基本
syumai
7
1.7k
AIキャラアプリkaiwaの低遅延音声通話基盤をどう作ったか - AWS Gravitonで支える低遅延・低コストAI Agent基盤
mogamit
0
140
Vue × Nuxt × Oxc どこまで使える?実運用の現在地
andpad
0
330
Featured
See All Featured
Agile Actions for Facilitating Distributed Teams - ADO2019
mkilby
0
210
Jamie Indigo - Trashchat’s Guide to Black Boxes: Technical SEO Tactics for LLMs
techseoconnect
PRO
0
230
Odyssey Design
rkendrick25
PRO
2
710
Become a Pro
speakerdeck
PRO
31
6k
brightonSEO & MeasureFest 2025 - Christian Goodrich - Winning strategies for Black Friday CRO & PPC
cargoodrich
3
750
Why You Should Never Use an ORM
jnunemaker
PRO
61
9.9k
svc-hook: hooking system calls on ARM64 by binary rewriting
retrage
2
320
Making the Leap to Tech Lead
cromwellryan
135
9.9k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
55k
Fireside Chat
paigeccino
42
4k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
35
3.5k
Leadership Guide Workshop - DevTernity 2021
reverentgeek
1
320
Transcript
JOSE MANUEL ORTEGA @JMORTEGAC Ethical hacking with Python tools
https://speakerdeck.com/jmortega
INDEX Introduction Python pentesting Modules(Sockets,Requests,BeautifulSoup,Shodan) Analysis metadata
Port scanning & Checking vulnerabilities Advanced tools Pentesting-tool
Python Pentesting Multi platform Prototypes and proofs of
concept(POC) Many tools and libraries focused on security OSINT and Pentesting tools Very good documentation
Python Pentesting
http://sparta.secforce.com/
The Harvester
The Harvester
W3AF
Tools Scapy Capturing and analysing network packets
FiMap Detecting RFI/LFI vulnerabilites XSScrapy Detecting XSS vulnerabilites
Sockets Port scan import socket #TCP sock = socket(socket.AF_INET,socket.SOCK_STREAM) result
= sock.connect_ex(('127.0.0.1',80)) if result == 0: print "Port is open" else: print "Port is filtered"
Sockets Port scan
Socket resolving IP/domain
Banner server
Banner server
Requests
Checking headers
Checking headers
Requests import requests http_proxy = "http://10.10.10.10:3000" https_proxy = "https://10.10.10.10:3000" proxyDict
= { "http" : http_proxy, "https" : https_proxy } r = requests.get(url,proxies=proxyDict)
Requests Authentication
BeautifulSoup
Internal/external links
Internal/external links
Extract images and documents
Scrapy
Web Scraping
Shodan
https://developer.shodan.io
Shodan import shodan SHODAN_API_KEY = "insert your API key here"
api = shodan.Shodan(SHODAN_API_KEY)
Shodan
https://www.shodan.io/host/136.243.32.71
Shodan
Shodan
BuiltWith pip install builtwith builtwith.parse(‘https://ep2016.europython.eu’)
Analysis metadata
Analysis metadata
Analysis metadata
Port Scanning
Python-nmap Automating port scanning Synchronous and asynchronous modes
import nmap # Synchronous nm = nmap.PortScanner() # nm.scan(‘ip/range’,’port_list’) results = nm.scan('127.0.0.1', '22,25,80,443')
NmapScanner
NmapScanner for port in port_list: NmapScanner().nmapScan(ip, port)
NmapScanner Async #Asynchronous nm_async = nmap.PortScannerAsync() def callback_result(host, scan_result): print
'------------------' print host, scan_result nm_async.scan(hosts='192.168.1.0/30', arguments='-sP', callback=callback_result) while nm_async .still_scanning(): print("Waiting >>>") nm_async.wait(2)
NmapScanner Async
Scripts Nmap
Scripts Nmap Programming routines allow to find potential vulnerabilities
in a given target First check if the port is open Detect vulnerabilities in the service port openned nm.scan(arguments="-n -A -p3306 -- script=/usr/share/nmap/scripts/mysql- info.nse")
Mysql Scripts Nmap
Check FTP Login Anonymous
Check FTP Login Anonymous
Check Webs sites pip install pywebfuzz https://github.com/disassembler/pywebfuzz
PyWebFuzz from pywebfuzz import fuzzdb import requests logins = fuzzdb.Discovery.PredictableRes.Logins
domain = "http://192.168.56.101" for login in logins: print “Checking... "+ domain + login response = requests.get(domain + login) if response.status_code == 200: print "Login Resource: " +login
PyWebFuzz
Heartbleed Vulnerability in OpenSSL V1.0.1 Multi-threaded tool for
scanning hosts for CVE- 2014-0160. https://github.com/musalbas/heartbleed-masstest https://filippo.io/Heartbleed
Heartbleed
Heartbleed
Advanced tools
Metasploit python-msfrpc
Metasploit API call Calls in msgpack format
Nexpose Tool developed by Rapid7 for scanning and vulnerability
discovery. It allows programmatic access to other programs via HTTP/s requests. BeautifulSoup to obtain data from vulnerabilities server
Nexpose
Pentesting tool
https://github.com/jmortega/python-pentesting
https://github.com/jmortega/europython_ethical_hacking
References & libs http://docs.shodanhq.com http://docs.python-requests.org/en/master/ http://scrapy.org
http://xael.org/pages/python-nmap-en.html http://www.pythonsecurity.org/libs https://github.com/dloss/python-pentest-tools http://kali-linux.co/2016/07/12/python-tools-for- penetration-testers%E2%80%8B/ https://github.com/PacktPublishing/Effective-Python- Penetration-Testing
Books
Books
THANK YOU!