Packt+ | Advance your knowledge in tech

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Newsletter Hub

Free Learning

Python Penetration Testing Cookbook

You're reading from Python Penetration Testing Cookbook Practical recipes on implementing information gathering, network security, intrusion detection, and post-exploitation

Product type Paperback

Published in Nov 2017

Publisher Packt

ISBN-13 9781784399771

Length 226 pages

Edition 1st Edition

Languages

Python

Tools

BeautifulSoup

Concepts

Network Security

Author (1):

Rejah Rehim

View More author details

Table of Contents (21) Chapters

Title Page

Credits

About the Author

About the Reviewers

www.PacktPub.com

Customer Feedback

Preface

1. Why Python in Penetration Testing? FREE CHAPTER

2. Setting Up a Python Environment

3. Web Scraping with Python

4. Data Parsing with Python

5. Web Scraping with Scrapy and BeautifulSoup

6. Network Scanning with Python

7. Network Sniffing with Python

8. Scapy Basics

9. Wi-Fi Sniffing

10. Layer 2 Attacks

11. TCP/IP Attacks

12. Introduction to Exploit Development

13. Windows Exploit Development

14. Linux Exploit Development

Format string exploitation

A format string is an ASCIIZ string that contains text and format parameters. The format string vulnerability occurs when the submitted data of an input string is evaluated as a command by the application. With the help of this method, the attacker could execute code, read the stack, and may cause a segmentation fault. Format string vulnerability exist in most of the printf family functions, such as printf, sprintf, and fprintf. These are the common parameters that can be used in format string vulnerabilities:

"%x": It reads data from the stack
"%s": It reads character strings from the process memory
"%n": It writes an integer to locations in the process memory
"%p": It's external representation of a pointer to void

Getting ready

We need a 32-bit x86 Linux real or virtual environment for creating the vulnerable application and getting the basic idea about the process involved in it. It is also a prerequisite to have a basic idea about some concepts in Linux environments...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at ₹800/month. Cancel anytime

Authors (1)

Rejah Rehim

Rejah Rehim

Rejah Rehim, a visionary in cybersecurity, serves as Beagle Security's CEO and cofounder. With a 15-year track record, he's a driving force renowned for Python Penetration Testing Cookbook and Effective Python Penetration Testing. Leading OWASP Kerala Chapter, he unites pros for secure digital landscapes. Rejah's role as Commander at Kerala Police Cyberdome underscores his commitment.

See other products by Rejah Rehim

Other recommended products

Related to this chapter

Penetration Testing with Shellcode

Penetration Testing with Shellcode

Security has always been a major concern for your application, your system, or your environment. This book's main goal is to build your skills for low-level security exploits, finding vulnerabilities and covering loopholes with shellcode, assembly, and Metasploit.

Feb 2018 11h 32m

Python Penetration Testing Essentials

Python Penetration Testing Essentials

This book gives you the skills you need to use Python for penetration testing, with the help of detailed code examples. This book has been updated for Python 3.6.3 and Kali Linux 2018.1.

May 2018 7h 40m

Python Web Scraping

Python Web Scraping

This book is the ultimate guide to using latest features of Python 3.x to scrape data from websites. Learn right from extracting data from static web pages to creating class-based scrapers with Scrapy libraries. This book will also help you build crawlers and determine how to scrape data from JavaScript dependent website using PyQt and Selenium. You will also explore testing websites with scrapers, remote scraping, best practices, working with images and many more.

May 2017 7h 20m

Mastering Python for Networking and Security

Mastering Python for Networking and Security

Nowadays, configuring a network and automating security protocols are quite difficult to implement. However, using Python makes it easy to automate this whole process. This book explains the process of using Python for building networks, detecting network errors, and performing different security protocols using Python Scripting.

Sep 2018 14h 12m

Python Network Programming Cookbook

Python Network Programming Cookbook

Python is an excellent language to use to write code and have fun by prototyping applications quickly. The presence of lots of third-party libraries, also known as batteries, makes it easier and faster to prototype an application or to implement a new algorithm. If you are interested in creating the building blocks for many practical web and networking applications that rely on networking protocols, then this book is a must-have. This book employs Python for network programming to solve a variety of problems.

Aug 2017 15h 0m

Applied Network Security

Applied Network Security

Computer networks are increasing at an exponential rate and the most challenging factor organisations are currently facing is network security. Breaching a network is not considered an ingenious effort anymore, so it is very important to gain expertise in securing your network.

Apr 2017 11h 40m

Python Ethical Hacking from Scratch

Python Ethical Hacking from Scratch

Get hands-on with practical ethical hacking from scratch using Python. With the help of step-by-step instructions and practical exercises, you'll develop tools that provide detailed insights into the ethical hacking thought process. This book also covers aspects of network and system hacking along with defense techniques.

Learning Python Networking

Learning Python Networking

Python is a popular programming language used for performing network automation in an easy-to-implement way. This book is an update to Learning Python Networking, and delves into the concepts of Python network programming and its importance in today's world.

Mar 2019 16h 20m

Kali Linux - An Ethical Hacker's Cookbook

Kali Linux - An Ethical Hacker's Cookbook

With the current rate of hacking, it is very important to pentest your environment in order to ensure advanced-level security. This book is packed with practical recipes that will quickly get you started with Kali Linux (version 2018.4/2019) as per your requirements and help you move on to core functionalities.

Mar 2019 15h 44m

Kali Linux - An Ethical Hacker's Cookbook

Kali Linux - An Ethical Hacker's Cookbook

With the current rate of hacking, it is very important to pentest your environment in order to ensure advanced-level security. This book will be packed with practical recipes that will quickly get you started with Kali Linux (version 2016.2) as per your requirements and move on to core functionalities.

Oct 2017 12h 32m

Hands-On Penetration Testing on Windows

Hands-On Penetration Testing on Windows

Penetration testing is highly competitive, and it's easy to get stuck in the same routine client after client. This book will provide hands-on experience with penetration testing while guiding you through behind-the-scenes action along the way.

Jul 2018 15h 4m

Personalised recommendations for you

Based on your interests and search pattern

Cloud Security Handbook

Cloud Security Handbook

This book provides complete coverage of every cloud security aspect—from initial design to ongoing maintenance. Packed with best practices, it helps you smoothly transition to the public cloud, while keeping your environments secure and compliant.

Apr 2025 16h 4m

CompTIA CySA+ (CS0-003) Certification Guide

CompTIA CySA+ (CS0-003) Certification Guide

Prepare for the CompTIA CySA+ (CS0-003) exam with this guide covering security operations, incident response, and vulnerability management. Reinforce learning with interactive labs, exam-style questions, two practice exams, and targeted flashcards.

Apr 2025 24h 44m

Cyber Security Kill Chain - Tactics and Strategies

Cyber Security Kill Chain - Tactics and Strategies

Learn how the cyber kill chain, a structured model that outlines the stages of a cyberattack, guides you through understanding threat actor behaviors and bolstering their ability to defend against evolving cyber threats.

May 2025 10h 28m