You are previewing Black Hat Python.
O'Reilly logo
Black Hat Python

Book Description

Black Hat Python explores the darker side of Python's capabilities, helping you test your systems and improve your security posture.

Table of Contents

  1. Black Hat Python: Python Programming for Hackers and Pentesters
  2. Dedication
  3. About the Author
  4. About the Technical Reviewers
  5. Foreword
  6. Preface
  7. Acknowledgments
  8. 1. Setting Up Your Python Environment
    1. Installing Kali Linux
    2. WingIDE
  9. 2. The Network: Basics
    1. Python Networking in a Paragraph
    2. TCP Client
    3. UDP Client
    4. TCP Server
    5. Replacing Netcat
      1. Kicking the Tires
    6. Building a TCP Proxy
      1. Kicking the Tires
    7. SSH with Paramiko
      1. Kicking the Tires
    8. SSH Tunneling
      1. Kicking the Tires
  10. 3. The Network: Raw Sockets and Sniffing
    1. Building a UDP Host Discovery Tool
    2. Packet Sniffing on Windows and Linux
      1. Kicking the Tires
    3. Decoding the IP Layer
      1. Kicking the Tires
    4. Decoding ICMP
      1. Kicking the Tires
  11. 4. Owning the Network with Scapy
    1. Stealing Email Credentials
      1. Kicking the Tires
    2. ARP Cache Poisoning with Scapy
      1. Kicking the Tires
    3. PCAP Processing
      1. Kicking the Tires
  12. 5. Web Hackery
    1. The Socket Library of the Web: urllib2
    2. Mapping Open Source Web App Installations
      1. Kicking the Tires
    3. Brute-Forcing Directories and File Locations
      1. Kicking the Tires
    4. Brute-Forcing HTML Form Authentication
      1. Kicking the Tires
  13. 6. Extending Burp Proxy
    1. Setting Up
    2. Burp Fuzzing
      1. Kicking the Tires
    3. Bing for Burp
      1. Kicking the Tires
    4. Turning Website Content into Password Gold
      1. Kicking the Tires
  14. 7. Github Command and Control
    1. Setting Up a GitHub Account
    2. Creating Modules
    3. Trojan Configuration
    4. Building a Github-Aware Trojan
      1. Hacking Python’s import Functionality
      2. Kicking the Tires
  15. 8. Common Trojaning Tasks on Windows
    1. Keylogging for Fun and Keystrokes
      1. Kicking the Tires
    2. Taking Screenshots
    3. Pythonic Shellcode Execution
      1. Kicking the Tires
    4. Sandbox Detection
  16. 9. Fun with Internet Explorer
    1. Man-in-the-Browser (Kind Of)
      1. Creating the Server
      2. Kicking the Tires
    2. IE COM Automation for Exfiltration
      1. Kicking the Tires
  17. 10. Windows Privilege Escalation
    1. Installing the Prerequisites
    2. Creating a Process Monitor
      1. Process Monitoring with WMI
      2. Kicking the Tires
    3. Windows Token Privileges
    4. Winning the Race
      1. Kicking the Tires
    5. Code Injection
      1. Kicking the Tires
  18. 11. Automating Offensive Forensics
    1. Installation
    2. Profiles
    3. Grabbing Password Hashes
    4. Direct Code Injection
      1. Kicking the Tires
  19. Updates
  20. Index
  21. Copyright