# Python Initiation at BSidesSpfd 2019

An **Opinionated** Introduction to the Python Programming Language

By Spatcholla

While we will be blazing through the materials contained here in one short setting it is really meant as a guide to take with you. To break. To explore. I use the word **initiation** in two fold. First, I want to welcome you the Python community; I have not met I finer group in my travels. Second, this the launch of a journey which around every bend is (frustration) an oppurtunity for learning and growth.

My vesrion of the ansnyc_tcp_scan.py program used in this tutorial is based off of a fork of [0xpizza/async_tcp_scan.py](https://gist.github.com/0xpizza/dd5e005a0efeb1edfc939d3a409e22d9) by [emillynge/async_tcp_scan.py](https://gist.github.com/emillynge/1eee20e8429caece09774af7e5614d69)

## Style

### The Zen of Python, [PEP 20](https://www.python.org/dev/peps/pep-0020/)

```
Beautiful is better than ugly.
Explicit is better than implicit.
Simple is better than complex.
Complex is better than complicated.
Flat is better than nested.
Sparse is better than dense.
Readability counts.
Special cases aren't special enough to break the rules.
Although practicality beats purity.
Errors should never pass silently.
Unless explicitly silenced.
In the face of ambiguity, refuse the temptation to guess.
There should be one-- and preferably only one --obvious way to do it.
Although that way may not be obvious at first unless you're Dutch.
Now is better than never.
Although never is often better than *right* now.
If the implementation is hard to explain, it's a bad idea.
If the implementation is easy to explain, it may be a good idea.
Namespaces are one honking great idea -- let's do more of those!
```

> Easter Egg: Try `import this` in [REPL](#REPL)

### A Foolish Consistency is the Hobgoblin of Little Minds, [PEP 8](https://www.python.org/dev/peps/pep-0008/)

PEP 8 gives coding conventions for the Python code comprising the standard library in the main Python distribution. While I would like to touch on all aspects of PEP 8 here, it would be better to read through the entirety on your own. The following section already covers an overwhelming amount of information for an introduction.

#### [Indentation](https://www.python.org/dev/peps/pep-0008/#indentation)
  - Use 4 spaces per indentation level. 
  - Spaces are the preferred indentation method - *don't use tabs*
  - When using a hanging indent:
    - There should be no arguments on the first line.
    - Further indentation should be used to clearly distinguish itself as a continuation line.

In [3]:
ip_addr = input(
    "Enter the IP address or network CIDR you would like to scan: \n"
    "Example of accepted inputs: 192.168.50.54 or 172.16.20.128/25\n"
    ":: "
)

Enter the IP address or network CIDR you would like to scan: 
Example of accepted inputs: 192.168.50.54 or 172.16.20.128/25
:: 192.168.1.9


In [4]:
ip_addr

'192.168.1.9'

#### [Maximum Line Length](https://www.python.org/dev/peps/pep-0008/#maximum-line-length)
  - Limit all lines to a maximum of 79 characters.

#### [Blank Lines](https://www.python.org/dev/peps/pep-0008/#blank-lines)
  - Surround top-level function and class definitions with two blank lines.
  - Method definitions inside a class are surrounded by a single blank line.
  - Use blank lines in functions, sparingly, to indicate logical sections.

#### [Imports](https://www.python.org/dev/peps/pep-0008/#imports)
  - Imports should usually be on separate lines.
  - Imports are always put at the top of the file, just after any module comments and docstrings, and before module globals and constants.
  - Imports should be grouped in the following order:
    1. Standard library imports.
    2. Related third party imports.
    3. Local application/library specific imports.
  - You should put a blank line between each group of imports.
  - Absolute imports are recommended
  - Wildcard imports `from <module> import *` should be avoided - *just don't*

#### [String Quotes](https://www.python.org/dev/peps/pep-0008/#string-quotes)
  - In Python, single-quoted strings and double-quoted strings are the same - use in pairs
  - Pick a rule and stick to it.
  - When a string contains single or double quote characters, however, use the other one to avoid backslashes in the string. It improves readability.

#### [Whitespace in Expressions and Statements](https://www.python.org/dev/peps/pep-0008/#whitespace-in-expressions-and-statements)
- Avoid extraneous whitespace in the following situations:
  - Immediately inside parentheses, brackets or braces:
    - Good: `asyncio.run(scanner(network=ip_addr, ports=port))`
    - Bad:  `asyncio.run ( scanner ( network = ip_addr, ports = port ) )`
  - Between a trailing comma and a following close parenthesis:
    - Good: `foo = (0,)`
    - Bad:  `bar = (0, )`
  - Immediately before a comma, semicolon, or colon:
    - Good: `if cmd == 's':`
    - Bad:  `if cmd == 's' :`
  - Immediately before the open parenthesis that starts the argument list of a function call:
    - Good: `print_header()`
    - Bad:  `print_header ()`
  - More than one space around an assignment (or other) operator to align it with another.

#### When to Use Trailing Commas
- When making a tuple of one element
- When a list of values, arguments or imported items is expected to be extended over time it is useful for version control systems

In [5]:
my_dict = {
    '1': 'foo',
    '2': 'bar',
    '3': 'baz',
}

#### Naming Conventions

- `_single_leading_underscore`: weak "internal use" indicator. E.g. `from M import *` does not import objects whose names start with an underscore.

- `single_trailing_underscore_`: used by convention to avoid conflicts with Python keyword, e.g. `Tkinter.Toplevel(master, class_='ClassName')`

- `__double_leading_underscore`: when naming a class attribute, invokes name mangling (inside `class FooBar`, `__boo` becomes `_FooBar__boo`; see below).

- `__double_leading_and_trailing_underscore__`: "magic" objects or attributes that live in user-controlled namespaces. E.g. `__init__`, `__import__` or `__file__`. Never invent such names; only use them as documented.


## REPL

## Everything is an Object

Class | Description | Immutable?
----- | ----------- | ----------
bool | Boolean value | X
int | Integer | X
float | Floating-point number | X
list | Mutable sequence of objects | 
tuple | Immutable sequence of objects | X
str | Character string | X
set | Unordered set of distinct objects | 
frozenset | Immutable form of set class | X
dict | Associative mapping (aka dictionary) | 

### What the heck is an object?

### What does that mean?

What we might think of as a variable, instead think of it as a **name**.

`<name> = <object>`

We are actually binding a **name** to an **object**. One implication of this is that multiple names can be bound to a single object.

In [1]:
a = "security"

In [3]:
b = "security"

To determine the type of an object, you can use the built-in method `type()`

In [14]:
type?

In [17]:
type(a)

str

In [18]:
type(b)

str

`id()` returns the actual memory location where the object is stored.

In [13]:
id?

In [15]:
id(a)

139958179509552

In [16]:
id(b)

139958179509552

In [19]:
a is b

True

Since `id(a) == id(b)`, we know that `a` and `b` both point to a single object, that resides in a single memory location.

##### A deeper look - Further Reading and References

[Python: Everything is an Object, and Some Objects are Mutable](https://medium.com/@larmalade/python-everything-is-an-object-and-some-objects-are-mutable-4f55eb2b468b)

[Python tuples: immutable but potentially changing](http://radar.oreilly.com/2014/10/python-tuples-immutable-but-potentially-changing.html)

## Data Types

### Strings

### Integers

### Floats

### Bools

## Operators


## Variables


## Expressions


## Functions

In [1]:
def this_is_my_function(foo):
    print(f"{foo.upper()}!")

In [3]:
this_is_my_function("bar")

BAR!
