| Trademarks | p. v |
| Acknowledgements | p. vii |
| Dedication | p. ix |
| Lead Author | p. xvii |
| Contributing Author Bio | p. xix |
| Technical Editor Bio | p. xxi |
| Introduction | p. xxiii |
| Introduction | p. 1 |
| Introduction: A Penetration Test with Python | p. 1 |
| Setting Up Your Development Environment | p. 2 |
| Installing Third Party Libraries | p. 3 |
| Interpreted Python Versus Interactive Python | p. 5 |
| The Python Language | p. 6 |
| Variables | p. 7 |
| Strings | p. 7 |
| Lists | p. 8 |
| Dictionaries | p. 9 |
| Networking | p. 9 |
| Selection | p. 10 |
| Exception Handling | p. 10 |
| Functions | p. 12 |
| Iteration | p. 14 |
| File I/O | p. 16 |
| Sys Module | p. 17 |
| OS Module | p. 18 |
| Your First Python Programs | p. 20 |
| Setting the Stage for Your First Python Program: The Cuckoo's Egg | p. 20 |
| Your First Program, a UNIX Password Cracker | p. 21 |
| Setting the Stage for Your Second Program: Using Evil for Good | p. 24 |
| Your Second Program, a Zip-File Password Cracker | p. 24 |
| Chapter Wrap-Up | p. 29 |
| References | p. 29 |
| Penetration Testing with Python | p. 31 |
| Introduction: The Morris Worm-Would it Work Today? | p. 31 |
| Building a Port Scanner | p. 32 |
| TCP Full Connect Scan | p. 33 |
| Application Banner Grabbing | p. 35 |
| Threading the Scan | p. 37 |
| Integrating the Nmap Port Scanner | p. 39 |
| Building an SSH BotNet with Python | p. 41 |
| Interacting with SSH Through Pexpect | p. 42 |
| Brute Forcing SSH Passwords with Pxssh | p. 45 |
| Exploiting SSH Through Weak Private Keys | p. 48 |
| Constructing the SSH Botnet | p. 53 |
| Mass Compromise by Bridging FTP and Web | p. 56 |
| Building an Anonymous FTP Scanner with Python | p. 57 |
| Using Ftplib to Brute Force FTP User Credentials | p. 57 |
| Searching for Web Pages on the FTP Server | p. 59 |
| Adding a Malicious Inject to Web Pages | p. 60 |
| Bringing the Entire Attack Together | p. 62 |
| Conficker, Why Trying Hard is Always Good Enough | p. 66 |
| Attacking the Windows SMB Service with Metasploit | p. 67 |
| Writing Python to Interact with Metasploit | p. 69 |
| Remote Process Execution Brute Force | p. 71 |
| Putting it Back Together to Build Our Own Conficker | p. 71 |
| Writing Your Own Zero-Day Proof of Concept Code | p. 74 |
| Stack-Based Buffer Overflow Attacks | p. 75 |
| Adding the Key Elements of the Attack | p. 75 |
| Sending the Exploit | p. 76 |
| Assembling the Entire Exploit Script | p. 77 |
| Chapter Wrap Up | p. 79 |
| References | p. 80 |
| Forensic Investigations with Python | p. 81 |
| Introduction: How Forensics Solved the BTK Murders | p. 81 |
| Where Have You Been?-Analysis of Wireless Access Points in the Registry | p. 82 |
| Using WinReg to Read the Windows Registry | p. 83 |
| Using Mechanize to Submit the MAC Address to Wigle | p. 85 |
| Using Python to Recover Deleted Items in the Recycle Bin | p. 89 |
| Using the OS Module to Find Deleted Items | p. 90 |
| Python to Correlate SID to User | p. 90 |
| Metadata | p. 93 |
| Using PyPDF to Parse PDF Metadata | p. 93 |
| Understanding Exif Metadata | p. 95 |
| Downloading Images with BeautifulSoup | p. 96 |
| Reading Exif Metadata from Images with the Python Imaging Library | p. 97 |
| Investigating Application Artifacts with Python | p. 100 |
| Understanding the Skype Sqlite3 Database | p. 100 |
| Using Python and Sqlite3 to Automate Skype Database Queries | p. 102 |
| Parsing Firefox Sqlite3 Databases with Python | p. 108 |
| Investigating iTunes Mobile Backups with Python | p. 116 |
| Chapter Wrap-Up | p. 122 |
| References | p. 122 |
| Network Traffic Analysis with Python | p. 125 |
| Introduction: Operation Aurora and How the Obvious was Missed | p. 125 |
| Where is that IP Traffic Headed?-A Python Answer | p. 126 |
| Using PyGeoIP to Correlate IP to Physical Locations | p. 127 |
| Using Dpkt to Parse Packets | p. 128 |
| Using Python to Build a Google Map | p. 132 |
| Is Anonymous Really Anonymous? Analyzing LOIC Traffic | p. 135 |
| Using Dpkt to Find the LOIC Download | p. 135 |
| Parsing IRC Commands to the Hive | p. 137 |
| Identifying the DDoS Attack in Progress | p. 138 |
| How H.D. Moore Solved the Pentagon's Dilemma | p. 143 |
| Understanding the TTL Field | p. 144 |
| Parsing TTL Fields with Scapy | p. 146 |
| Storm's Fast-Flux and Conficker's Domain-Flux | p. 149 |
| Does Your DNS Know Something You Don't? | p. 150 |
| Using Scapy to Parse DNS Traffic | p. 151 |
| Detecting Fast Flux Traffic with Scapy | p. 152 |
| Detecting Domain Flux Traffic with Scapy | p. 153 |
| Kevin Mitnick and TCP Sequence Prediction | p. 154 |
| Your Very Own TCP Sequence Prediction | p. 155 |
| Crafting a SYN Flood with Scapy | p. 156 |
| Calculating TCP Sequence Numbers | p. 157 |
| Spoofing the TCP Connection | p. 159 |
| Foiling Intrusion Detection Systems with Scapy | p. 162 |
| Chapter Wrap Up | p. 168 |
| References | p. 168 |
| Wireless Mayhem with Python | p. 171 |
| Introduction: Wireless (IN) Security and the Iceman | p. 171 |
| Setting up Your Wireless Attack Environment | p. 172 |
| Testing Wireless Capture with Scapy | p. 172 |
| Installing Python Bluetooth Packages | p. 173 |
| The Wall of Sheep-Passively Listening to Wireless Secrets | p. 174 |
| Using Python Regular Expressions to Sniff Credit Cards | p. 175 |
| Sniffing Hotel Guests | p. 178 |
| Building a Wireless Google Key Logger | p. 181 |
| Sniffing FTP Credentials | p. 184 |
| Where Has Your Laptop Been? Python Answers | p. 186 |
| Listening for 802.11 Probe Requests | p. 186 |
| Finding Hidden Network 802.11 Beacons | p. 187 |
| De-cloaking Hidden 802.11 Networks | p. 188 |
| Intercepting and Spying on UAVs with Python | p. 189 |
| Intercepting the Traffic, Dissecting the Protocol | p. 189 |
| Crafting 802.11 Frames with Scapy | p. 192 |
| Finalizing the Attack, Emergency Landing the UAV | p. 195 |
| Detecting FireSheep | p. 196 |
| Understanding Wordpress Session Cookies | p. 198 |
| Herd the Sheep-Catching Wordpress Cookie Reuse | p. 199 |
| Stalking with Bluetooth and Python | p. 201 |
| Intercepting Wireless Traffic to Find Bluetooth Addresses | p. 203 |
| Scanning Bluetooth RFCOMM Channels | p. 205 |
| Using the Bluetooth Service Discovery Protocol | p. 206 |
| Taking Over a Printer with Python ObexFTP | p. 207 |
| Blue Bugging a Phone with Python | p. 208 |
| Chapter Wrap Up | p. 209 |
| References | p. 210 |
| Web Recon with Python | p. 211 |
| Introduction: Social Engineering Today | p. 211 |
| Recon Prior to Attack | p. 212 |
| Using the Mechanize Library to Browse the Internet | p. 212 |
| Anonymity - Adding Proxies, User-Agents, Cookies | p. 214 |
| Finalizing Our AnonBrowser into a Python Class | p. 217 |
| Scraping Web Pages with AnonBrowser | p. 219 |
| Parsing HREF Links with Beautiful Soup | p. 219 |
| Mirroring Images with Beautiful Soup | p. 222 |
| Research, Investigate, Discovery | p. 223 |
| Interacting with the Google API in Python | p. 223 |
| Parsing Tweets with Python | p. 227 |
| Pulling Location Data Out of Tweets | p. 229 |
| Parsing Interests from Twitter Using Regular Expressions | p. 231 |
| Anonymous Email | p. 236 |
| Mass Social Engineering | p. 237 |
| Using Smtplib to Email Targets | p. 237 |
| Spear Phishing with Smtplib | p. 239 |
| Chapter Wrap-Up | p. 242 |
| References | p. 242 |
| Antivirus Evasion with Python | p. 245 |
| Introduction: Flame On! | p. 245 |
| Evading Antivirus Programs | p. 246 |
| Verifying Evasion | p. 250 |
| Wrap Up | p. 255 |
| References | p. 256 |
| Index | p. 257 |
| Table of Contents provided by Ingram. All Rights Reserved. |
