# Python Initiation at BSidesSpfd 2019

An **Opinionated** Introduction to the Python Programming Language

By Spatcholla

In truth, this is a curated collection of documentation, tutorials, etc... created to guide you through learning Python. To get the most out of the of this journey follow the examples, break them, enhance them, explore.

I use the word **initiation** in two-fold. First, I want to welcome you the Python community; I have not met I finer group in my travels. Second, this the launch of a journey which around every bend is (frustration) an opportunity for learning and growth.

My version of the ansnyc_tcp_scan.py program included is based on a fork of [0xpizza/async_tcp_scan.py](https://gist.github.com/0xpizza/dd5e005a0efeb1edfc939d3a409e22d9) by [emillynge/async_tcp_scan.py](https://gist.github.com/emillynge/1eee20e8429caece09774af7e5614d69)

![Rabbit of Caerbannog](https://i.pinimg.com/736x/09/85/39/098539fbe4c31b7733c5126772636b18.jpg)

## Style
>
>   "A universal convention supplies all of maintainability, clarity, consistency, and a foundation for good programming  habits too. What it doesn't do is insist that you follow it against your will. That's Python!"
>
>    —Tim Peters on comp.lang.python, 2001-06-16
>

### The Zen of Python, [PEP 20](https://www.python.org/dev/peps/pep-0020/)

```
Beautiful is better than ugly.
Explicit is better than implicit.
Simple is better than complex.
Complex is better than complicated.
Flat is better than nested.
Sparse is better than dense.
Readability counts.
Special cases aren't special enough to break the rules.
Although practicality beats purity.
Errors should never pass silently.
Unless explicitly silenced.
In the face of ambiguity, refuse the temptation to guess.
There should be one-- and preferably only one --obvious way to do it.
Although that way may not be obvious at first unless you're Dutch.
Now is better than never.
Although never is often better than *right* now.
If the implementation is hard to explain, it's a bad idea.
If the implementation is easy to explain, it may be a good idea.
Namespaces are one honking great idea -- let's do more of those!
```

> Easter Egg: Try `import this` in [REPL](#REPL)

### A Foolish Consistency is the Hobgoblin of Little Minds, [PEP 8](https://www.python.org/dev/peps/pep-0008/)

PEP 8 gives coding conventions for the Python code comprising the standard library in the main Python distribution. While I would like to touch on all aspects of PEP 8 here, it would be better to read through the entirety on your own. The following section already covers an overwhelming amount of information for an introduction. Please note that most of the following  are guidlines not rules but your friends will like you better.

#### [Indentation](https://www.python.org/dev/peps/pep-0008/#indentation)
  - Use 4 spaces per indentation level. 
  - Spaces are the preferred indentation method - *don't mix spaces and tabs*
  - When using a hanging indent:
    - There should be no arguments on the first line.
    - Further indentation should be used to clearly distinguish itself as a continuation line.

#### [Maximum Line Length](https://www.python.org/dev/peps/pep-0008/#maximum-line-length)
  - Limit all lines to a maximum of 79 characters.

#### [Blank Lines](https://www.python.org/dev/peps/pep-0008/#blank-lines)
  - Surround top-level function and class definitions with two blank lines.
  - Method definitions inside a class are surrounded by a single blank line.
  - Use blank lines in functions, sparingly, to indicate logical sections.

#### [Imports](https://www.python.org/dev/peps/pep-0008/#imports)
  - Imports should usually be on separate lines.
  - Imports are always put at the top of the file, just after any module comments and docstrings, and before module globals and constants.
  - Imports should be grouped in the following order:
    1. Standard library imports.
    2. Related third party imports.
    3. Local application/library specific imports.
  - You should put a blank line between each group of imports.
  - Absolute imports are recommended
  - Wildcard imports `from <module> import *` should be avoided - *just don't*

#### [String Quotes](https://www.python.org/dev/peps/pep-0008/#string-quotes)
  - In Python, single-quoted strings and double-quoted strings are the same - use in pairs
  - Pick a rule and stick to it.
  - When a string contains single or double quote characters, however, use the other one to avoid backslashes in the string. It improves readability.

#### [Whitespace in Expressions and Statements](https://www.python.org/dev/peps/pep-0008/#whitespace-in-expressions-and-statements)
- Avoid extraneous whitespace in the following situations:
  - Immediately inside parentheses, brackets or braces:
    - Good: `asyncio.run(scanner(network=ip_addr, ports=port))`
    - Bad:  `asyncio.run ( scanner ( network = ip_addr, ports = port ) )`
  - Between a trailing comma and a following close parenthesis:
    - Good: `foo = (0,)`
    - Bad:  `bar = (0, )`
  - Immediately before a comma, semicolon, or colon:
    - Good: `if cmd == 's':`
    - Bad:  `if cmd == 's' :`
  - Immediately before the open parenthesis that starts the argument list of a function call:
    - Good: `print_header()`
    - Bad:  `print_header ()`
  - More than one space around an assignment (or other) operator to align it with another.

#### [When to Use Trailing Commas](https://www.python.org/dev/peps/pep-0008/#when-to-use-trailing-commas)
- When making a tuple of one element
- When a list of values, arguments or imported items is expected to be extended over time it is useful for version control systems

In [None]:
my_dict = {
    '1': 'foo',
    '2': 'bar',
    '3': 'baz',
}

#### [Naming Conventions](https://www.python.org/dev/peps/pep-0008/#naming-conventions)

- `_single_leading_underscore`: weak "internal use" indicator. E.g. `from M import *` does not import objects whose names start with an underscore.

- `single_trailing_underscore_`: used by convention to avoid conflicts with Python keyword, e.g. `Tkinter.Toplevel(master, class_='ClassName')`

- `__double_leading_underscore`: when naming a class attribute, invokes name mangling (inside `class FooBar`, `__boo` becomes `_FooBar__boo`; see below).

- `__double_leading_and_trailing_underscore__`: "magic" objects or attributes that live in user-controlled namespaces. E.g. `__init__`, `__import__` or `__file__`. Never invent such names; only use them as documented.

Magic methods are awesome; learn more about them.

#### [Programming Recommendations](https://www.python.org/dev/peps/pep-0008/#programming-recommendations)
Read this secction. Then go away. In a couple months come back and read it again.

### Documentation

#### Docstring Conventions, [PEP 257](https://www.python.org/dev/peps/pep-0257/)

A docstring is a string literal that occurs as the first statement in a module, function, class, or method definition. Such a docstring becomes the `__doc__` special attribute of that object.

Follow this guide and you'll be golden:

**[Example Google Style Python Docstrings](https://sphinxcontrib-napoleon.readthedocs.io/en/latest/example_google.html)**

Also, use [Function Annotations](https://www.python.org/dev/peps/pep-0008/#function-annotations). They increase code understandability. I have enough trouble understanding my code with them let alone without.

*From a Linux machine try `pydoc str`*

### [Black](https://github.com/python/black)
That was lot to take in and we barely touched the surface. Now that you have an understanding of the structure, let me introduce you to Black.

Black is the uncompromising Python code formatter. By using it, you agree to cede control over minutiae of hand-formatting. In return, Black gives you speed, determinism, and freedom from pycodestyle nagging about formatting. You will save time and mental energy for more important matters.

Blackened code looks the same regardless of the project you're reading. Formatting becomes transparent after a while and you can focus on the content instead.

Black makes code review faster by producing the smallest diffs possible.

## [REPL](https://realpython.com/interacting-with-python/#using-the-python-interpreter-interactively)

A **read–eval–print loop (REPL)** is a simple, interactive computer programming environment that takes single user input (i.e., single expressions), evaluates (executes) them, and returns the result to the user; a program written in a REPL environment is executed piecewise

- **R**eads the command you enter
- **E**valuates and executes the command
- **P**rints the output (if any) to the console
- **L**oops back and repeats the process

Use it, know it, love it.

## Data Types

The team at [Real Python](https://realpython.com) produce some of the most well written articles on Python. Which is why when talking about data types in python I am going to point to an article by John Sturtz.

### [Basic Data Types in Python](https://realpython.com/python-data-types/#reader-comments)

### Integers

### Strings

### Floats

### Bools

## Variables

Back to John at [Real Python](https://realpython.com) for:

#### [Variables in Python](https://realpython.com/python-variables/)

#### Everything is an Object

Class | Description | Immutable?
----- | ----------- | ----------
bool | Boolean value | X
int | Integer | X
float | Floating-point number | X
list | Mutable sequence of objects | 
tuple | Immutable sequence of objects | X
str | Character string | X
set | Unordered set of distinct objects | 
frozenset | Immutable form of set class | X
dict | Associative mapping (aka dictionary) | 

### What does that mean?

Python is a highly object-oriented language. In fact, virtually every item of data in a Python program is an object of a specific type or class. What we might think of as a variable, instead think of it as a **name**.

`<name> = <object>`

We are actually binding a **name** to an **object**.

In [None]:
a_string = "security"

In [None]:
b_string = "security"

To determine the type of an object, you can use the built-in method `type()`

In [None]:
type?

In [None]:
type(a_string)

In [None]:
type(b_string)

`id()` returns the actual memory location where the object is stored.

In [None]:
id?

In [None]:
id(a_string)

In [None]:
id(b_string)

In [None]:
a_string is b_string

Since `id(a_string) == id(b_string)`, we know that `a_string` and `b_string` both point to a single object, that resides in a single memory location.

Let's try a similar script using a list instead of a string:

In [None]:
a_list = [1, 2, 3]

In [None]:
b_list = [1, 2, 3]

In [None]:
id(a_list)

In [None]:
id(b_list)

In [None]:
a_list is b_list

Here we see that the objects `a_list` and `b_list` point to occupy different places in memory. Why did Python behave differently in this example? The difference is that a string is immutable, but a list is mutable.

If you wanted the the two names to point to the same object write the following:

In [None]:
b_list = a_list

In [None]:
id(a_list)

In [None]:
id(b_list)

In [None]:
b_list is a_list

In [None]:
a_list is b_list

An immutable variable cannot be changed after it is created (with one caveat). If you wish to change an immutable variable, such as a string, you must create a new instance and bind the variable to the new instance. A mutable variable can be changed in place. Refer to the graph at the beginning of this article for a list of the Python data types, and whether they are mutable.

**Caveat:** A tuple, which is immutable, can contain mutable elements such as a list ex: (1, 2, [3, 4, 5]) . The reference to the list within the tuple can remain unchanged, even if the contents of the list are modified. End of caveat.

#### Why Is This Important?!?

Without a basic understanding of how Python works under the hood, will discover that your scripts don't behave as you expect.

In [None]:
b_list.append(4)

Did you want to change `a_list`?

In [None]:
a_list

But wait what happens when we do something like this:

In [None]:
a_int = 9

In [None]:
id(a_int)

In [None]:
a_int = a_int + 12
a_int

In [None]:
id(a_int)

You said integers are immutable and cannot be changed!?!

Correct. We are not changing the integer just simply pointed our name to a new object, a new location in memory.

With a good mental model of Python objects you will be better able to debug your programs.

#### Namespaces and the Implications of Passing Mutable vs. Immutable Variables

This will be covered in the [Functions](#functions) section. 

##### A deeper look - Further Reading and References

[Python: Everything is an Object, and Some Objects are Mutable](https://medium.com/@larmalade/python-everything-is-an-object-and-some-objects-are-mutable-4f55eb2b468b)

[Python tuples: immutable but potentially changing](http://radar.oreilly.com/2014/10/python-tuples-immutable-but-potentially-changing.html)

## [Operators and Expressions in Python](https://realpython.com/python-operators-expressions/)


Yep, back to [Real Python](https://realpython.com).

## Functions

In [None]:
def foo(a):
    a = "baz"

In [None]:
b = "bar"

In [None]:
foo(b)

In [None]:
b

In [None]:
def this_is_my_function(foo):
    print(f"{foo.upper()}!")

In [None]:
this_is_my_function("bar")

## Resources

[python.org](https://www.python.org/)

Real Python: [Introduction to Python](https://realpython.com/learning-paths/python3-introduction/)

[PyBites](https://pybit.es/)

[TalkPython](https://talkpython.fm/)