Mehr Hacking mit Python

When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. But just how does the magic happen?In Black Hat Python, the latest from Justin Seitz (author of the best-selling Gray Hat Python), you'll explore the darker side of Python's capabilities—writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more.You'll learn how to:–Create a trojan command-and-control using GitHub–Detect sandboxing and automate com­mon malware tasks, like keylogging and screenshotting–Escalate Windows privileges with creative process control–Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine–Extend the popular Burp Suite web-hacking tool–Abuse Windows COM automation to perform a man-in-the-browser attack–Exfiltrate data from a network most sneakilyInsider techniques and creative challenges throughout show you how to extend the hacks and how to write your own exploits.When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how in Black Hat Python.Uses Python 2 Foreword Preface Acknowledgments Setting Up Your Python Environment Installing Kali Linux WingIDE The Network: Basics Python Networking in a Paragraph TCP Client UDP Client TCP Server Replacing Netcat Kicking the Tires Building a TCP Proxy Kicking the Tires SSH with Paramiko Kicking the Tires SSH Tunneling Kicking the Tires The Network: Raw Sockets and Sniffing Building a UDP Host Discovery Tool Packet Sniffing on Windows and Linux Kicking the Tires Decoding the IP Layer Kicking the Tires Decoding ICMP Kicking the Tires Owning the Network with Scapy Stealing Email Credentials Kicking the Tires ARP Cache Poisoning with Scapy Kicking the Tires PCAP Processing Kicking the Tires Web Hackery The Socket Library of the Web: urllib2 Mapping Open Source Web App Installations Kicking the Tires Brute-Forcing Directories and File Locations Kicking the Tires Brute-Forcing HTML Form Authentication Kicking the Tires Extending Burp Proxy Setting Up Burp Fuzzing Kicking the Tires Bing for Burp Kicking the Tires Turning Website Content into Password Gold Kicking the Tires GitHub Command and Control Setting Up a GitHub Account Creating Modules Trojan Configuration Building a GitHub-Aware Trojan Hacking Python's Import Functionality Kicking the Tires Common Trojanning Tasks on Windows Keylogging for Fun and Keystrokes Kicking the Tires Taking Screenshots Pythonic Shellcode Execution Kicking the Tires Sandbox Detection Fun with Internet Explorer Man-in-the-Browser (Kind Of) Creating the Server Kicking the Tires IE COM Automation for Exfiltration Kicking the Tires Windows Privilege Escalation Installing the Prerequisites Creating a Process Monitor Process Monitoring with WMI Kicking the Tires Windows Token Privileges Winning the Race Kicking the Tires Code Injection Kicking the Tires Automating Offensive Forensics Installation Profiles Grabbing Password Hashes Direct Code Injection Kicking the Tires Index When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. But just how does the magic happen? In Black Hat Python , the latest from Justin Seitz (author of the best-selling Gray Hat Python ), you'll explore the darker side of Python's capabilities writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. You'll learn how to: Create a trojan command-and-control using GitHub Detect sandboxing and automate common malware tasks, like keylogging and screenshotting Escalate Windows privileges with creative process control Use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine Extend the popular Burp Suite web-hacking tool Abuse Windows COM automation to perform a man-in-the-browser attack Exfiltrate data from a network most sneakily Insider techniques and creative challenges throughout show you how to extend the hacks and how to write your own exploits.When it comes to offensive security, your ability to create powerful tools on the fly is indispensable. Learn how in Black Hat Python . " When it comes to creating powerful and effective hacking tools, Python is the language of choice for most security analysts. Seitz explores the darker side of Python's capabilities--writing network sniffers, manipulating packets, infecting virtual machines, creating stealthy trojans, and more. Readers will learn how to: create a trojan command-and-control using GitHub; detect sandboxing and automate common malware tasks, like keylogging and screenshotting; escalate Windows privileges with creative process control; use offensive memory forensics tricks to retrieve password hashes and inject shellcode into a virtual machine; extend the popular Burp Suite Web-hacking tool; abuse Windows COM automation to perform a man-in-the-browser attack; and exfiltrate data from a network most sneakily. Insider techniques and creative challenges throughout show readers how to extend the hacks and how to write their own exploits. -- Edited summary from book Python is the high-level language of choice for hackers and software security analysts because it makes it easy to write powerful and effective security tools. A follow-up to the perennial best-seller Gray Hat Python (2011), the all-new Black Hat Python explores the darker side of Python's capabilities - writing network sniffers, manipulating packets, web hacking, infecting virtual machines, creating stealthy trojans, extending the popular web hacking tool Burp Suite, and more. By showing how carefully crafted code can be used to disrupt and disable a system, Black Hat Python will help you test your systems and improve your security posture. Insider techniques and creative challenges show you how to extend the hacks, and are sure to make Black Hat Python irresistible to anyone interested in offensive security--From back cover