Coding for Penetration Testers

1st Edition

Building Better Tools

Print ISBN: 9781597497299
eBook ISBN: 9781597497305
Imprint: Syngress
Published Date: 23rd September 2011
Page Count: 320
39.95 + applicable tax
24.99 + applicable tax
31.95 + applicable tax
Compatible Not compatible
VitalSource PC, Mac, iPhone & iPad Amazon Kindle eReader
ePub & PDF Apple & PC desktop. Mobile devices (Apple & Android) Amazon Kindle eReader
Mobi Amazon Kindle eReader Anything else

Institutional Access


Tools used for penetration testing are often purchased or downloaded from the Internet. Each tool is based on a programming language such as Perl, Python, or Ruby. If a penetration tester wants to extend, augment, or change the functionality of a tool to perform a test differently than the default configuration, the tester must know the basics of coding for the related programming language. Coding for Penetration Testers provides the reader with an understanding of the scripting languages that are commonly used when developing tools for penetration testing. It also guides the reader through specific examples of custom tool development and the situations where such tools might be used. While developing a better understanding of each language, the reader is guided through real-world scenarios and tool development that can be incorporated into a tester's toolkit.

Table of Contents


About the Authors

About the Technical Editor


Chapter 0. Introduction

Book Overview and Key Learning Points

Book Audience

How this Book is Organized


Chapter 1. Introduction to command shell scripting

Information in this Chapter

On Shell Scripting

UNIX, Linux, and OS X Shell Scripting

Bash Basics

Putting It All Together with Bash

Windows Scripting

PowerShell Basics

Putting it all together with PowerShell



Chapter 2. Introduction to Python

Information in this Chapter

What is Python?

Where is Python Useful?

Python Basics

File Manipulation

Network Communications



Chapter 3. Introduction to Perl

Information in this Chapter

Where Perl is Useful

Working with Perl

Perl Basics

Putting It All together



Chapter 4. Introduction to Ruby

Information in this Chapter

Where Ruby is Useful

Ruby Basics

Building Classes with Ruby

File Manipulation

Database Basics

Network Operations

Putting It All Together



Chapter 5. Introduction to Web scripting with PHP

Information in this Chapter

Where Web scripting is Useful

Getting Started with PHP

Handling Forms with PHP

File Handling and Command Execution

Putting It All Together


Chapter 6. Manipulating Windows with PowerShell

Information in this Chapter

Dealing with Execution Policies in PowerShell

Penetration Testing uses for PowerShell

PowerShell and Metasploit



Chapter 7. Scanner scripting

Information in this Chapt


No. of pages:
© Syngress 2012
eBook ISBN:
Paperback ISBN:


"This book is definitely not for rookie coders, but rather a good starting point for people with a medium level of programming experience. It is also not suited well as a reference to quickly look things up in. But if what you’re looking for is a very practical guide with tons of pointers to further (and recommended) reading material and exercises Coding for Penetration Testers delivers what it promises."--Computers and Security

"Penetration testing is a profession that requires the mastery of dozens of tools; every job poses challenges that require these tools to be mixed, matched, and automated. The master penetration tester not only excels at using his or her toolbox, but also expands it with custom scripts and unique programs to solve the challenge of the day. This book provides a solid introduction to custom scripting and tool development, using multiple languages, with a penetration tester's goals in mind. This background can transform penetration testing from a manual, often repetitive task, to an efficient process that is not just faster, but also more accurate and consistent across large engagements."--HD Moore, Metasploit Founder and CSO of Rapid7

"Penetration testing requires that the tester understand the target as much as possible, and know how to perform various attacks while being as efficient as possible. Having the skill set to create and use a variety of scripts increases the penetration tester's efficiency and elevates him or her from the script kiddie to the professional realm. Ryan Linn and Jason Andress have created a guide that explores and introduces the techniques that are necessary to build the scripts used during a test. No matter the platform, this book provides the information required to learn scripting and become a world-class penetration tester. This is definitely a book that will remain close at hand for every test I perform!"--Kevin Johnson, Senior Consultant, Secure Ideas