This is the code repository for Basic and Low-level Python Network Attacks [Video], published by Packt. It contains all the supporting project files necessary to work through the video course from start to finish.
A penetration tester who only knows how to use tools written by others is limited to old techniques. Knowledge of a programming language will make you much more powerful. Python is the favorite choice for penetration testers because it combines simplicity and ease of use with advanced features.This course will commence by showing you how to get the Target and Attacker virtual machines running and properly networked together. You will learn how to connect to a server, and how to automate login requests.
This will let you break into services by guessing PINs, and exploit blind vulnerabilities by observing time delays. You will also get your hands dirty and learn how to write custom scanning tools, so that you can send unusual patterns of packets to find and exploit hidden services. Next, you will learn how Web pages are delivered, and how to write your own tools to break into vulnerable websites. Some "blind" services don't return any useful information to guide attackers, but can still be exploited by measuring the time they take to respond.
You will also be walked through an in depth understanding of the exact series of network packets required to connect to servers, you can perform many attacks that block traffic or misdirect it through the attacker's system. Using the Scapy library, you can then quickly make network tools, including clients and servers. This is the best way to learn exactly how networking works. Now that you understand normal networking, you can perform attacks that trick networks into sending data to the wrong destination, or refusing service to clients. Towards the end of the course, you will also learn to use these tools to make defenses that distract and confuse attackers, or that detect suspicious network activity.
- Code network servers and clients and automate repetitive tasks, including brute-force login attacks
- Break into services by guessing PINs, and exploit blind vulnerabilities by observing time delays
- Write custom scanning tools, so you can send unusual patterns of packets to find and exploit hidden services
- Learn how Web pages are delivered, and how to write your own tools to break into vulnerable websites
- Trick networks into sending data to the wrong destination, or refusing service to clients
This course is intended for security professionals who want to learn the basics of using automated vulnerability scanners and attack tools with Python and create low-level Python network attacks.
This course has the following requirements:
Laptop with Internet connection
Python 3.6/basic programming skills