Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up for free
Ethical hacking with Python tools at Europython 2016
jmortegac
July 22, 2016
Programming
1
300
Ethical hacking with Python tools at Europython 2016
Ethical hacking with Python tools at Europython 2016
jmortegac
July 22, 2016
Tweet
Share
More Decks by jmortegac
See All by jmortegac
Implementing cert-manager in K8s
jmortega
0
17
Python para equipos de ciberseguridad(pycones)
jmortega
0
49
Python para equipos de ciberseguridad
jmortega
0
150
Shodan Tips and tricks. Automatiza y maximiza las búsquedas shodan
jmortega
1
300
ELK para analistas de seguridad y equipos Blue Team
jmortega
2
500
Monitoring and managing Containers using Open Source tools
jmortega
1
490
Python Memory Management 101.Deeping in Garbage collector
jmortega
1
52
SecDevOps containers
jmortega
1
640
Python Memory Management 101.Deeping in Garbage collector
jmortega
1
600
Other Decks in Programming
See All in Programming
クックパッドマートの失敗したデータ設計 Before / After 大放出
mokuzon
0
150
git on intellij
hiroto_kitamura
0
170
模組化的Swift架構(二) DDD速成
haifengkao
0
390
Get Ready for Jakarta EE 10
ivargrimstad
0
2.4k
Scrum Fest Osaka 2022/5年で200人になったスタートアップの アジャイル開発の歴史とリアル
atamaplus
1
900
Springin‘でみんなもクリエイターに!
ueponx
0
220
BASE BANKチームの技術選定と歴史 / how to decide technology selection for startup
budougumi0617
0
1.1k
JSのウェブフレームワークで高速なルーターを実装する方法
usualoma
1
1.8k
プロダクトのタイプ別 GraphQL クライアントの選び方
shozawa
0
5.1k
Independently together: better developer experience & App performance
bcinarli
0
180
短納期でローンチした新サービスをJavaで開発した話/launched new service using Java
eichisanden
6
1.9k
Lancersをコンテナへ本番移行する取り組み
rvirus0817
1
380
Featured
See All Featured
Fontdeck: Realign not Redesign
paulrobertlloyd
73
4.1k
Why Our Code Smells
bkeepers
PRO
324
55k
Three Pipe Problems
jasonvnalue
89
8.7k
Bootstrapping a Software Product
garrettdimon
296
110k
Rebuilding a faster, lazier Slack
samanthasiow
62
7.2k
Mobile First: as difficult as doing things right
swwweet
213
7.5k
Git: the NoSQL Database
bkeepers
PRO
415
59k
Building a Scalable Design System with Sketch
lauravandoore
448
30k
4 Signs Your Business is Dying
shpigford
169
20k
How To Stay Up To Date on Web Technology
chriscoyier
780
250k
Robots, Beer and Maslow
schacon
152
7.1k
Docker and Python
trallard
27
1.6k
Transcript
JOSE MANUEL ORTEGA @JMORTEGAC Ethical hacking with Python tools
https://speakerdeck.com/jmortega
INDEX Introduction Python pentesting Modules(Sockets,Requests,BeautifulSoup,Shodan) Analysis metadata
Port scanning & Checking vulnerabilities Advanced tools Pentesting-tool
Python Pentesting Multi platform Prototypes and proofs of
concept(POC) Many tools and libraries focused on security OSINT and Pentesting tools Very good documentation
Python Pentesting
http://sparta.secforce.com/
The Harvester
The Harvester
W3AF
Tools Scapy Capturing and analysing network packets
FiMap Detecting RFI/LFI vulnerabilites XSScrapy Detecting XSS vulnerabilites
Sockets Port scan import socket #TCP sock = socket(socket.AF_INET,socket.SOCK_STREAM) result
= sock.connect_ex(('127.0.0.1',80)) if result == 0: print "Port is open" else: print "Port is filtered"
Sockets Port scan
Socket resolving IP/domain
Banner server
Banner server
Requests
Checking headers
Checking headers
Requests import requests http_proxy = "http://10.10.10.10:3000" https_proxy = "https://10.10.10.10:3000" proxyDict
= { "http" : http_proxy, "https" : https_proxy } r = requests.get(url,proxies=proxyDict)
Requests Authentication
BeautifulSoup
Internal/external links
Internal/external links
Extract images and documents
Scrapy
Web Scraping
Shodan
https://developer.shodan.io
Shodan import shodan SHODAN_API_KEY = "insert your API key here"
api = shodan.Shodan(SHODAN_API_KEY)
Shodan
https://www.shodan.io/host/136.243.32.71
Shodan
Shodan
BuiltWith pip install builtwith builtwith.parse(‘https://ep2016.europython.eu’)
Analysis metadata
Analysis metadata
Analysis metadata
Port Scanning
Python-nmap Automating port scanning Synchronous and asynchronous modes
import nmap # Synchronous nm = nmap.PortScanner() # nm.scan(‘ip/range’,’port_list’) results = nm.scan('127.0.0.1', '22,25,80,443')
NmapScanner
NmapScanner for port in port_list: NmapScanner().nmapScan(ip, port)
NmapScanner Async #Asynchronous nm_async = nmap.PortScannerAsync() def callback_result(host, scan_result): print
'------------------' print host, scan_result nm_async.scan(hosts='192.168.1.0/30', arguments='-sP', callback=callback_result) while nm_async .still_scanning(): print("Waiting >>>") nm_async.wait(2)
NmapScanner Async
Scripts Nmap
Scripts Nmap Programming routines allow to find potential vulnerabilities
in a given target First check if the port is open Detect vulnerabilities in the service port openned nm.scan(arguments="-n -A -p3306 -- script=/usr/share/nmap/scripts/mysql- info.nse")
Mysql Scripts Nmap
Check FTP Login Anonymous
Check FTP Login Anonymous
Check Webs sites pip install pywebfuzz https://github.com/disassembler/pywebfuzz
PyWebFuzz from pywebfuzz import fuzzdb import requests logins = fuzzdb.Discovery.PredictableRes.Logins
domain = "http://192.168.56.101" for login in logins: print “Checking... "+ domain + login response = requests.get(domain + login) if response.status_code == 200: print "Login Resource: " +login
PyWebFuzz
Heartbleed Vulnerability in OpenSSL V1.0.1 Multi-threaded tool for
scanning hosts for CVE- 2014-0160. https://github.com/musalbas/heartbleed-masstest https://filippo.io/Heartbleed
Heartbleed
Heartbleed
Advanced tools
Metasploit python-msfrpc
Metasploit API call Calls in msgpack format
Nexpose Tool developed by Rapid7 for scanning and vulnerability
discovery. It allows programmatic access to other programs via HTTP/s requests. BeautifulSoup to obtain data from vulnerabilities server
Nexpose
Pentesting tool
https://github.com/jmortega/python-pentesting
https://github.com/jmortega/europython_ethical_hacking
References & libs http://docs.shodanhq.com http://docs.python-requests.org/en/master/ http://scrapy.org
http://xael.org/pages/python-nmap-en.html http://www.pythonsecurity.org/libs https://github.com/dloss/python-pentest-tools http://kali-linux.co/2016/07/12/python-tools-for- penetration-testers%E2%80%8B/ https://github.com/PacktPublishing/Effective-Python- Penetration-Testing
Books
Books
THANK YOU!