Packt+ | Advance your knowledge in tech

0

All Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Python Web Penetration Testing Cookbook

You're reading from Python Web Penetration Testing Cookbook Over 60 indispensable Python recipes to ensure you always have the right code on hand for web application testing

Product type Paperback

Published in Jun 2015

Publisher

ISBN-13 9781784392932

Length 224 pages

Edition 1st Edition

Languages

Python

Concepts

Web Penetration Testing

Authors (4):

Cameron Buchanan

Terry Ip

Andrew Mabbitt

Benjamin May

View More author details

Table of Contents (16) Chapters

Python Web Penetration Testing Cookbook

Credits

About the Authors

About the Reviewers

www.PacktPub.com

Preface

1. Gathering Open Source Intelligence FREE CHAPTER

2. Enumeration

3. Vulnerability Identification

4. SQL Injection

5. Web Header Manipulation

6. Image Analysis and Manipulation

7. Encryption and Encoding

8. Payloads and Shells

9. Reporting

Index

Finding comments in source code

A common security issue is caused by good programming practices. During the development phase of web applications, developers will comment their code. This is very useful during this phase, as it helps with understanding the code and will serve as useful reminders for various reasons. However, when the web application is ready to be deployed in a production environment, it is best practice to remove all these comments as they may prove useful to an attacker.

This recipe will use a combination of Requests and BeautifulSoup in order to search a URL for comments, as well as searching for links on the page and searching those subsequent URLs for comments as well. The technique of following links from a page and analysing those URLs is known as spidering.

How to do it…

The following script will scrape a URL for comments and links in the source code. It will then also perform limited spidering and search linked URLs for comments:

import requests
import re

from bs4...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $15.99/month. Cancel anytime

Authors (4)

Cameron Buchanan

Cameron Buchanan

Cameron Buchanan is a penetration tester by trade and a writer in his spare time. He has performed penetration tests around the world for a variety of clients across many industries. Previously, Cameron was a member of the RAF. In his spare time, he enjoys doing stupid things, such as trying to make things fly, getting electrocuted, and dunking himself in freezing cold water. He is married and lives in London.

See other products by Cameron Buchanan

Terry Ip

Terry Ip

Terry Ip is a security consultant. After nearly a decade of learning how to support IT infrastructure, he decided that it would be much more fun learning how to break it instead. He is married and lives in Buckinghamshire, where he tends to his chickens.

See other products by Terry Ip

Andrew Mabbitt

Andrew Mabbitt

Andrew Mabbitt is a penetration tester living in London, UK. He spends his time beating down networks, mentoring, and helping newbies break into the industry. In his free time, he loves to travel, break things, and master the art of sarcasm.

See other products by Andrew Mabbitt

Benjamin May

Benjamin May

Benjamin May is a security test engineer from Cambridge. He studied computing for business at Aston University. With a background in software testing, he recently combined this with his passion for security to create a new role in his current company. He has a broad interest in security across all aspects of the technology field, from reverse engineering embedded devices to hacking with Python and participating in CTFs. He is a husband and a father.

See other products by Benjamin May

Personalised recommendations for you

Based on your interests and search pattern

Cloud Security Handbook

Cloud Security Handbook

This book provides complete coverage of every cloud security aspect—from initial design to ongoing maintenance. Packed with best practices, it helps you smoothly transition to the public cloud, while keeping your environments secure and compliant.

Apr 2025 16h 4m

CompTIA CySA+ (CS0-003) Certification Guide

CompTIA CySA+ (CS0-003) Certification Guide

Prepare for CompTIA CySA+ (CS0-003) exam with this study guide—covering security ops, incident response, and vulnerability management in depth to level up your cybersecurity career. Includes exam-style questions, 2 practice tests, and flashcards.

Apr 2025 24h 44m

Cyber Security Kill Chain - Tactics and Strategies

Cyber Security Kill Chain - Tactics and Strategies

Learn how the cyber kill chain, a structured model that outlines the stages of a cyberattack, guides you through understanding threat actor behaviors and bolstering their ability to defend against evolving cyber threats.

May 2025 10h 16m