Learn Penetration Testing with Python 3.x

This book starts with an understanding of penetration testing and red teaming methodologies and teaches Python 3.x from scratch for those who are not familiar with programming. The book gives the skills of how to create scripts for cracking, and brute force attacks.

The second part of this book focuses on the network and wireless level. The book teaches you the skills of how to create an offensive tool using Python 3.x to identify different services and ports using different Python network modules and conducting network attacks. In the network monitoring section, you will be able to monitor layers 3 and 4. And finally, you will be able to conduct different attacks on wireless.

The last part of this book focuses on web applications and exploitation developments. It focuses on how to create scripts to extract web information such as links, images, documents, etc. It also focuses on how to create scripts to identify and exploit web vulnerabilities and how to bypass WAF. The last chapter of this book focuses on exploitation development starting with how to play with the stack and then moving on to how to use Python in fuzzing and creating exploitation scripts.

KEY FEATURES

* Exciting coverage on red teaming methodologies and penetration testing techniques.
* Explore the exploitation development environment and process of creating exploit scripts.
* Includes powerful Python libraries to analyze the web and helps identifying critical vulnerabilities.
* Conduct wireless attacks and identify potential threats using Python.

WHAT YOU WILL LEARN

* Learn to code Python scripts from scratch to identify web vulnerabilities.
* Conduct network attacks, create offensive tools, and identify vulnerable services and ports.
* Perform deep monitoring of network up to layers 3 and 4.
* Execute web scraping scripts to extract images, documents, and links.

WHO THIS BOOK IS FOR

This book is for Penetration Testers, Security Researchers, Red Teams, Security Auditors and IT Administrators who want to start with an action plan in protecting their IT systems. All you need is some basic understanding of programming concepts and working of IT systems. Hands-on experience with python will be more beneficial but not required.

1. Start with Penetration Testing and Basic Python
2. Cracking with Python
3. Service and Applications Brute Forcing with Python
4. Python Services Identifications - Ports and Banner
5. Python Network Modules and Nmap
6. Network Monitoring with Python
7. Attacking Wireless with Python
8. Analyze Web Applications with Python
9. Attack Web Application with Python
10. Exploitation Development with Python

Yehia Elghaly has 8+ years of cyber offensive security filed currently holding a position as a senior penetration testing consultant and security researcher and Red Team lead in one of the cyber security firms in Dubai. Responsible for conducting penetration testing and red teaming activities in many sectors like (education, Governments, Oil & Gas, Energy, Banks, Transportations, construction... etc..) in many different countries. He executes over 100 engagements in different types of highly secured Environments like network, system, VOIB, Web, SCADA & Mobile applications.

Yehia Also Very Specialized When it comes to Social Engineering and Physical Security, he helped to raise security awareness to many private and government entities and also help many entities to review and enhance their physical security implementations

He was a Keynote speaker at many conferences like QuBit conference 2019 (Social engineering in the dark future), DefCamp conference 2017 (You Fail in SE If You Make Those Mistakes) & DefCamp 2016 (SE–Exploit by improvisation) – QuBit conference 2016 (Release your Pet Worm On Your In Infrastructure) – Middle east security summit 2015 (Social-Engineer-Art of Deceiving). He also published many articles in many Magazines like (Hakin9 Magazine, PenTest Magazine, and Security_Kaizen Magazine.

He is the author of many tools all of them written in Python like XSSYA V1-2 which is a very popular tool that targeting cross-site scripting vulnerability in different Methods and it has been added to many Linux Distro Like (Black-Arch – BugTraq) and also he is the author of BetWorm which he talked about it in QuBit conference 2016. His name was added to many websites Hall of fame like PayPal - magento.com - marktplaats.nl and other websites. He holds many certifications in cybersecurity. Currently he is studying Msc of information security & Digital forensics at university of East London.

Blog links: https://github.com/yehia-mamdouh

LinkedIn Profile: Yehia Elghaly