Coding for Penetration Testers - 1st Edition - ISBN: 9781597497299, 9781597497305

Coding for Penetration Testers

1st Edition

Building Better Tools

Authors: Jason Andress Ryan Linn
eBook ISBN: 9781597497305
Paperback ISBN: 9781597497299
Imprint: Syngress
Published Date: 23rd September 2011
Page Count: 320
Sales tax will be calculated at check-out Price includes VAT/GST
In Stock
In Stock
In Stock
Sorry, this product is currently out of stock.
Sorry, we aren’t shipping this product to your region at this time.
27.99
39.95
42.68
31.95
Unavailable
Price includes VAT/GST
39.95
24.99
31.95
Unavailable
Price includes VAT/GST
× DRM-Free

Easy - Download and start reading immediately. There’s no activation process to access eBooks; all eBooks are fully searchable, and enabled for copying, pasting, and printing.

Flexible - Read on multiple operating systems and devices. Easily read eBooks on smart phones, computers, or any eBook readers, including Kindle.

Open - Buy once, receive and download all available eBook formats, including PDF, EPUB, and Mobi (for Kindle).

Institutional Access

Support Center

Resources

Secure Checkout

Personal information is secured with SSL technology.

Free Shipping

Free global shipping
No minimum order.

Description

Coding for Penetration Testers discusses the use of various scripting languages in penetration testing. The book presents step-by-step instructions on how to build customized penetration testing tools using Perl, Ruby, Python, and other languages. It also provides a primer on scripting including, but not limited to, Web scripting, scanner scripting, and exploitation scripting. It guides the student through specific examples of custom tool development that can be incorporated into a tester's toolkit as well as real-world scenarios where such tools might be used. This book is divided into 10 chapters that explores topics such as command shell scripting; Python, Perl, and Ruby; Web scripting with PHP; manipulating Windows with PowerShell; scanner scripting; information gathering; exploitation scripting; and post-exploitation scripting. This book will appeal to penetration testers, information security practitioners, and network and system administrators.

Key Features

  • Discusses the use of various scripting languages in penetration testing
  • Presents step-by-step instructions on how to build customized penetration testing tools using Perl, Ruby, Python, and other languages
  • Provides a primer on scripting including, but not limited to, Web scripting, scanner scripting, and exploitation scripting

Readership

Penetration Testers, Information Security Practitioners, Network and System Administrators

Table of Contents

Foreword

About the Authors

About the Technical Editor

Acknowledgments

Chapter 0. Introduction

Book Overview and Key Learning Points

Book Audience

How this Book is Organized

Conclusion

Chapter 1. Introduction to command shell scripting

Information in this Chapter

On Shell Scripting

UNIX, Linux, and OS X Shell Scripting

Bash Basics

Putting It All Together with Bash

Windows Scripting

PowerShell Basics

Putting it all together with PowerShell

Summary

ENDNOTES

Chapter 2. Introduction to Python

Information in this Chapter

What is Python?

Where is Python Useful?

Python Basics

File Manipulation

Network Communications

Summary

ENDNOTES

Chapter 3. Introduction to Perl

Information in this Chapter

Where Perl is Useful

Working with Perl

Perl Basics

Putting It All together

Summary

ENDNOTES

Chapter 4. Introduction to Ruby

Information in this Chapter

Where Ruby is Useful

Ruby Basics

Building Classes with Ruby

File Manipulation

Database Basics

Network Operations

Putting It All Together

Summary

ENDNOTES

Chapter 5. Introduction to Web scripting with PHP

Information in this Chapter

Where Web scripting is Useful

Getting Started with PHP

Handling Forms with PHP

File Handling and Command Execution

Putting It All Together

Summary

Chapter 6. Manipulating Windows with PowerShell

Information in this Chapter

Dealing with Execution Policies in PowerShell

Penetration Testing uses for PowerShell

PowerShell and Metasploit

Summary

ENDNOTES

Chapter 7. Scanner scripting

Information in this Chapt

Details

No. of pages:
320
Language:
English
Copyright:
© Syngress 2012
Published:
Imprint:
Syngress
eBook ISBN:
9781597497305
Paperback ISBN:
9781597497299

About the Author

Jason Andress

Jason Andress (CISSP, ISSAP, CISM, GPEN) is a seasoned security professional with a depth of experience in both the academic and business worlds. Presently he carries out information security oversight duties, performing penetration testing, risk assessment, and compliance functions to ensure that critical assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a doctorate in computer science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.

Affiliations and Expertise

CISSP, ISSAP, CISM, GPEN

Ryan Linn

Ryan Linn (OSCE, GPEN, GWAPT) is a penetration tester, an author, a developer, and an educator. He comes from a systems administation and Web application development background, with many years of IT security experience. Ryan currently works as a full-time penetration tester and is a regular contributor to open source projects including Metasploit, The Browser Exploitation Framework, and the Dradis Framework. He has spoken at numerous security conferences and events, including ISSA, DEF CON, SecTor, and CarolinaCon.

Affiliations and Expertise

OSCE, GPEN, CCNP Security, CISSP

Reviews

"This book is definitely not for rookie coders, but rather a good starting point for people with a medium level of programming experience. It is also not suited well as a reference to quickly look things up in. But if what you’re looking for is a very practical guide with tons of pointers to further (and recommended) reading material and exercises Coding for Penetration Testers delivers what it promises."--Computers and Security

"Penetration testing is a profession that requires the mastery of dozens of tools; every job poses challenges that require these tools to be mixed, matched, and automated. The master penetration tester not only excels at using his or her toolbox, but also expands it with custom scripts and unique programs to solve the challenge of the day. This book provides a solid introduction to custom scripting and tool development, using multiple languages, with a penetration tester's goals in mind. This background can transform penetration testing from a manual, often repetitive task, to an efficient process that is not just faster, but also more accurate and consistent across large engagements."--HD Moore, Metasploit Founder and CSO of Rapid7

"Penetration testing requires that the tester understand the target as much as possible, and know how to perform various attacks while being as efficient as possible. Having the skill set to create and use a variety of scripts increases the penetration tester's efficiency and elevates him or her from the script kiddie to the professional realm. Ryan Linn and Jason Andress have created a guide that explores and introduces the techniques that are necessary to build the scripts used during a test. No matter the platform, this book provides the information required to learn scripting and become a world-class penetration tester. This is definitely a book that will remain close at hand for every test I perform!"--Kevin Johnson, Senior Consultant, Secure Ideas

Ratings and Reviews

Request Quote

Tax Exemption

We cannot process tax exempt orders online. If you wish to place a tax exempt order please contact us.