Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Speaker Deck
PRO
Sign in
Sign up for free
Ethical hacking with Python tools at Europython 2016
jmortegac
July 22, 2016
Programming
1
330
Ethical hacking with Python tools at Europython 2016
Ethical hacking with Python tools at Europython 2016
jmortegac
July 22, 2016
Tweet
Share
More Decks by jmortegac
See All by jmortegac
Sharing secret keys in Docker containers and K8s
jmortega
0
29
Implementing cert-manager in K8s
jmortega
0
60
Python para equipos de ciberseguridad(pycones)
jmortega
0
73
Python para equipos de ciberseguridad
jmortega
0
240
Shodan Tips and tricks. Automatiza y maximiza las búsquedas shodan
jmortega
1
400
ELK para analistas de seguridad y equipos Blue Team
jmortega
2
620
Monitoring and managing Containers using Open Source tools
jmortega
1
610
Python Memory Management 101.Deeping in Garbage collector
jmortega
1
69
SecDevOps containers
jmortega
1
700
Other Decks in Programming
See All in Programming
Cloudflare WorkersでGoを動かすライブラリを作っている話
syumai
1
300
Excelの助けを借りて楽にシナリオを作ろう
rpa_niiyama
0
240
How to Fight Production Incidents?
asatarin
0
160
NGK2023S - OCaml最高! スマホ開発にも使えちゃう?!
haochenxie
0
110
フロントエンドで学んだことをデータ分析で使ってみた話
daichi_igarashi
0
170
まだ日本国内で利用できないAppActionsにトライしてみた / MoT TechTalk #15
mot_techtalk
0
110
AWS App Runnerがそろそろ本番環境でも使い物になりそう
n1215
PRO
0
900
Spring BootとKubernetesで実現する今どきのDevOps入門
xblood
0
340
LIFFで動く割り勘アプリTATEKAをリリースしてみた話
inoue2002
0
230
Showkase、Paparazziを用いたビジュアルリグレッションテストの導入にチャレンジした話 / MoT TechTalk #15
mot_techtalk
0
100
Writing Greener Java Applications
hollycummins
0
330
社会人 20 年目エンジニア、発信で技術学びなおしてる話
e99h2121
1
140
Featured
See All Featured
Building Your Own Lightsaber
phodgson
96
4.9k
Building Flexible Design Systems
yeseniaperezcruz
314
35k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
38
3.6k
Into the Great Unknown - MozCon
thekraken
2
280
Visualization
eitanlees
128
12k
For a Future-Friendly Web
brad_frost
166
7.7k
The World Runs on Bad Software
bkeepers
PRO
59
5.7k
Gamification - CAS2011
davidbonilla
75
4.1k
Building Adaptive Systems
keathley
27
1.3k
Creatively Recalculating Your Daily Design Routine
revolveconf
207
11k
Reflections from 52 weeks, 52 projects
jeffersonlam
338
18k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k
Transcript
JOSE MANUEL ORTEGA @JMORTEGAC Ethical hacking with Python tools
https://speakerdeck.com/jmortega
INDEX Introduction Python pentesting Modules(Sockets,Requests,BeautifulSoup,Shodan) Analysis metadata
Port scanning & Checking vulnerabilities Advanced tools Pentesting-tool
Python Pentesting Multi platform Prototypes and proofs of
concept(POC) Many tools and libraries focused on security OSINT and Pentesting tools Very good documentation
Python Pentesting
http://sparta.secforce.com/
The Harvester
The Harvester
W3AF
Tools Scapy Capturing and analysing network packets
FiMap Detecting RFI/LFI vulnerabilites XSScrapy Detecting XSS vulnerabilites
Sockets Port scan import socket #TCP sock = socket(socket.AF_INET,socket.SOCK_STREAM) result
= sock.connect_ex(('127.0.0.1',80)) if result == 0: print "Port is open" else: print "Port is filtered"
Sockets Port scan
Socket resolving IP/domain
Banner server
Banner server
Requests
Checking headers
Checking headers
Requests import requests http_proxy = "http://10.10.10.10:3000" https_proxy = "https://10.10.10.10:3000" proxyDict
= { "http" : http_proxy, "https" : https_proxy } r = requests.get(url,proxies=proxyDict)
Requests Authentication
BeautifulSoup
Internal/external links
Internal/external links
Extract images and documents
Scrapy
Web Scraping
Shodan
https://developer.shodan.io
Shodan import shodan SHODAN_API_KEY = "insert your API key here"
api = shodan.Shodan(SHODAN_API_KEY)
Shodan
https://www.shodan.io/host/136.243.32.71
Shodan
Shodan
BuiltWith pip install builtwith builtwith.parse(‘https://ep2016.europython.eu’)
Analysis metadata
Analysis metadata
Analysis metadata
Port Scanning
Python-nmap Automating port scanning Synchronous and asynchronous modes
import nmap # Synchronous nm = nmap.PortScanner() # nm.scan(‘ip/range’,’port_list’) results = nm.scan('127.0.0.1', '22,25,80,443')
NmapScanner
NmapScanner for port in port_list: NmapScanner().nmapScan(ip, port)
NmapScanner Async #Asynchronous nm_async = nmap.PortScannerAsync() def callback_result(host, scan_result): print
'------------------' print host, scan_result nm_async.scan(hosts='192.168.1.0/30', arguments='-sP', callback=callback_result) while nm_async .still_scanning(): print("Waiting >>>") nm_async.wait(2)
NmapScanner Async
Scripts Nmap
Scripts Nmap Programming routines allow to find potential vulnerabilities
in a given target First check if the port is open Detect vulnerabilities in the service port openned nm.scan(arguments="-n -A -p3306 -- script=/usr/share/nmap/scripts/mysql- info.nse")
Mysql Scripts Nmap
Check FTP Login Anonymous
Check FTP Login Anonymous
Check Webs sites pip install pywebfuzz https://github.com/disassembler/pywebfuzz
PyWebFuzz from pywebfuzz import fuzzdb import requests logins = fuzzdb.Discovery.PredictableRes.Logins
domain = "http://192.168.56.101" for login in logins: print “Checking... "+ domain + login response = requests.get(domain + login) if response.status_code == 200: print "Login Resource: " +login
PyWebFuzz
Heartbleed Vulnerability in OpenSSL V1.0.1 Multi-threaded tool for
scanning hosts for CVE- 2014-0160. https://github.com/musalbas/heartbleed-masstest https://filippo.io/Heartbleed
Heartbleed
Heartbleed
Advanced tools
Metasploit python-msfrpc
Metasploit API call Calls in msgpack format
Nexpose Tool developed by Rapid7 for scanning and vulnerability
discovery. It allows programmatic access to other programs via HTTP/s requests. BeautifulSoup to obtain data from vulnerabilities server
Nexpose
Pentesting tool
https://github.com/jmortega/python-pentesting
https://github.com/jmortega/europython_ethical_hacking
References & libs http://docs.shodanhq.com http://docs.python-requests.org/en/master/ http://scrapy.org
http://xael.org/pages/python-nmap-en.html http://www.pythonsecurity.org/libs https://github.com/dloss/python-pentest-tools http://kali-linux.co/2016/07/12/python-tools-for- penetration-testers%E2%80%8B/ https://github.com/PacktPublishing/Effective-Python- Penetration-Testing
Books
Books
THANK YOU!