Overview/Table of contents
-
Refresher on Python Conditionals Ranges Loops. For loops and While loops Variables and True-False Functions Input/Output Exception Handling
-
Common vulnerabilities Python can exploit: Buffer Overflows, Weak Passwords and sensitive information disclosure Introduction to Buffer Overflows. What they are and how they work. How to use Python to exploit a Buffer Overflow vulnerability. Exsposure to assembly code and debugging. Exploit Eternal Blue, CVE-2017-0144 / MS17-010. Using Python & understand the three bugs.
-
Using Python for Network Penetration Testing Automate reconnaissance with Spider Foot: an OSINT tool written in Python How to Create a Python HTTP Banner Grabber and Port Scanner Using the Socket Module for creating HTTP and HTTPS servers, clients, and reverse shells Building a Windows Domain Controller and installing Active Directory Using Python for privilege escalation on a Domain Controller. Cracking NTLM hashed passwords. Python and Bypassing Anti Virus Preparing for a Wifi attack, how to change your MAC Address
-
Attacking Web Applications How to build a web scrapper in Python vs using existing ones. Enumerating websites with Nikto and DirBuster Using SQL Map and Burp Suite to exploit Web forms and requests Use Python to create an e-mail sender Phishing with SET. The Social Engineering Toolkit How to crack passwords with Hashcat.
Topics covered:
*Reconnaissance (banners, hostname, IP lookup)
*Port scanning
*Sockets
*Page scraping & phishing
*Bypassing firewalls
*Exception handling
*Privilege escalation
*Avoiding antivirus
*Web forms and requests
*Cracking hashes
*MAC spoofing
*Attacking web apps
*Automation
............................................... Process:
- Pre-Engagement Actions
- Reconnaissance
- Threat Modeling & Vulnerability Identification
- Exploitation
- Post-Exploitation
- Reporting
- Resolution & Re-Testing