Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Ethical hacking with Python tools at Europython...
Search
jmortegac
July 22, 2016
Programming
1
490
Ethical hacking with Python tools at Europython 2016
Ethical hacking with Python tools at Europython 2016
jmortegac
July 22, 2016
Tweet
Share
More Decks by jmortegac
See All by jmortegac
Seguridad y auditorías en Modelos grandes del lenguaje (LLM)
jmortega
0
20
Seguridad de APIs en Drupal: herramientas, mejores prácticas y estrategias para asegurar las APIs
jmortega
1
19
Security and auditing tools in Large Language Models (LLM)
jmortega
1
26
Herramientas de benchmarks para evaluar el rendimiento en máquinas y aplicaciones
jmortega
0
33
Asegurando tus APIs: Explorando el OWASP Top 10 de Seguridad en APIs
jmortega
1
64
PyGoat: Analizando la seguridad en aplicaciones Django
jmortega
1
170
Evolution of security strategies in K8s environments- All day devops
jmortega
1
54
Ciberseguridad en Blockchain y Smart Contracts: Explorando los desafíos y soluciones
jmortega
1
85
Evolution of security strategies in K8s environments
jmortega
1
42
Other Decks in Programming
See All in Programming
Внедряем бюджетирование, или Как сделать хорошо?
lamodatech
0
940
『改訂新版 良いコード/悪いコードで学ぶ設計入門』活用方法−爆速でスキルアップする!効果的な学習アプローチ / effective-learning-of-good-code
minodriven
28
4.1k
ドメインイベント増えすぎ問題
h0r15h0
2
560
生成AIでGitHubソースコード取得して仕様書を作成
shukob
0
630
AWS re:Invent 2024個人的まとめ
satoshi256kbyte
0
100
技術的負債と向き合うカイゼン活動を1年続けて分かった "持続可能" なプロダクト開発
yuichiro_serita
0
300
サーバーゆる勉強会 DBMS の仕組み編
kj455
1
300
20年もののレガシープロダクトに 0からPHPStanを入れるまで / phpcon2024
hirobe1999
0
1k
為你自己學 Python
eddie
0
520
テストコード書いてみませんか?
onopon
2
340
DevinとCursorから学ぶAIエージェントメモリーの設計とMoatの考え方
itarutomy
0
140
ESLintプラグインを使用してCDKのセオリーを適用する
yamanashi_ren01
2
230
Featured
See All Featured
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
59k
A Philosophy of Restraint
colly
203
16k
Bash Introduction
62gerente
610
210k
The Art of Delivering Value - GDevCon NA Keynote
reverentgeek
8
1.2k
Music & Morning Musume
bryan
46
6.3k
Automating Front-end Workflow
addyosmani
1366
200k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
47
5.1k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
49
2.2k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
3
360
Scaling GitHub
holman
459
140k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
33
2k
Transcript
JOSE MANUEL ORTEGA @JMORTEGAC Ethical hacking with Python tools
https://speakerdeck.com/jmortega
INDEX Introduction Python pentesting Modules(Sockets,Requests,BeautifulSoup,Shodan) Analysis metadata
Port scanning & Checking vulnerabilities Advanced tools Pentesting-tool
Python Pentesting Multi platform Prototypes and proofs of
concept(POC) Many tools and libraries focused on security OSINT and Pentesting tools Very good documentation
Python Pentesting
http://sparta.secforce.com/
The Harvester
The Harvester
W3AF
Tools Scapy Capturing and analysing network packets
FiMap Detecting RFI/LFI vulnerabilites XSScrapy Detecting XSS vulnerabilites
Sockets Port scan import socket #TCP sock = socket(socket.AF_INET,socket.SOCK_STREAM) result
= sock.connect_ex(('127.0.0.1',80)) if result == 0: print "Port is open" else: print "Port is filtered"
Sockets Port scan
Socket resolving IP/domain
Banner server
Banner server
Requests
Checking headers
Checking headers
Requests import requests http_proxy = "http://10.10.10.10:3000" https_proxy = "https://10.10.10.10:3000" proxyDict
= { "http" : http_proxy, "https" : https_proxy } r = requests.get(url,proxies=proxyDict)
Requests Authentication
BeautifulSoup
Internal/external links
Internal/external links
Extract images and documents
Scrapy
Web Scraping
Shodan
https://developer.shodan.io
Shodan import shodan SHODAN_API_KEY = "insert your API key here"
api = shodan.Shodan(SHODAN_API_KEY)
Shodan
https://www.shodan.io/host/136.243.32.71
Shodan
Shodan
BuiltWith pip install builtwith builtwith.parse(‘https://ep2016.europython.eu’)
Analysis metadata
Analysis metadata
Analysis metadata
Port Scanning
Python-nmap Automating port scanning Synchronous and asynchronous modes
import nmap # Synchronous nm = nmap.PortScanner() # nm.scan(‘ip/range’,’port_list’) results = nm.scan('127.0.0.1', '22,25,80,443')
NmapScanner
NmapScanner for port in port_list: NmapScanner().nmapScan(ip, port)
NmapScanner Async #Asynchronous nm_async = nmap.PortScannerAsync() def callback_result(host, scan_result): print
'------------------' print host, scan_result nm_async.scan(hosts='192.168.1.0/30', arguments='-sP', callback=callback_result) while nm_async .still_scanning(): print("Waiting >>>") nm_async.wait(2)
NmapScanner Async
Scripts Nmap
Scripts Nmap Programming routines allow to find potential vulnerabilities
in a given target First check if the port is open Detect vulnerabilities in the service port openned nm.scan(arguments="-n -A -p3306 -- script=/usr/share/nmap/scripts/mysql- info.nse")
Mysql Scripts Nmap
Check FTP Login Anonymous
Check FTP Login Anonymous
Check Webs sites pip install pywebfuzz https://github.com/disassembler/pywebfuzz
PyWebFuzz from pywebfuzz import fuzzdb import requests logins = fuzzdb.Discovery.PredictableRes.Logins
domain = "http://192.168.56.101" for login in logins: print “Checking... "+ domain + login response = requests.get(domain + login) if response.status_code == 200: print "Login Resource: " +login
PyWebFuzz
Heartbleed Vulnerability in OpenSSL V1.0.1 Multi-threaded tool for
scanning hosts for CVE- 2014-0160. https://github.com/musalbas/heartbleed-masstest https://filippo.io/Heartbleed
Heartbleed
Heartbleed
Advanced tools
Metasploit python-msfrpc
Metasploit API call Calls in msgpack format
Nexpose Tool developed by Rapid7 for scanning and vulnerability
discovery. It allows programmatic access to other programs via HTTP/s requests. BeautifulSoup to obtain data from vulnerabilities server
Nexpose
Pentesting tool
https://github.com/jmortega/python-pentesting
https://github.com/jmortega/europython_ethical_hacking
References & libs http://docs.shodanhq.com http://docs.python-requests.org/en/master/ http://scrapy.org
http://xael.org/pages/python-nmap-en.html http://www.pythonsecurity.org/libs https://github.com/dloss/python-pentest-tools http://kali-linux.co/2016/07/12/python-tools-for- penetration-testers%E2%80%8B/ https://github.com/PacktPublishing/Effective-Python- Penetration-Testing
Books
Books
THANK YOU!