Violent Python

Violent Python

A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

1st Edition - November 8, 2012
  • Author: TJ O'Connor
  • eBook ISBN: 9781597499644
  • Paperback ISBN: 9781597499576

Purchase options

Purchase options
DRM-free (PDF, Mobi, EPub)
Available
Sales tax will be calculated at check-out

Institutional Subscription

Free Global Shipping
No minimum order

Description

Violent Python shows you how to move from a theoretical understanding of offensive computing concepts to a practical implementation. Instead of relying on another attacker’s tools, this book will teach you to forge your own weapons using the Python programming language. This book demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts. It also shows how to write code to intercept and analyze network traffic using Python, craft and spoof wireless frames to attack wireless and Bluetooth devices, and how to data-mine popular social media websites and evade modern anti-virus.

Key Features

  • Demonstrates how to write Python scripts to automate large-scale network attacks, extract metadata, and investigate forensic artifacts
  • Write code to intercept and analyze network traffic using Python. Craft and spoof wireless frames to attack wireless and Bluetooth devices
  • Data-mine popular social media websites and evade modern anti-virus

Readership

Penetration Tester, Forensic Analysts, IT Security Professionals (Security Auditors, Security Engineers, Compliance Specialists, etc.)

Table of Contents

  • Trade marks

    Acknowledgements

    Dedication

    Lead Author – TJ O’Connor

    Contributing Author Bio – Rob Frost

    Technical Editor Bio – Mark Baggett

    Introduction

    TARGET AUDIENCE

    ORGANIZATION OF THE BOOK

    COMPANION WEB SITE

    Chapter 1. Introduction

    Introduction: A Penetration Test with Python

    Setting Up Your Development Environment

    The Python Language

    Your First Python Programs

    Chapter Wrap-Up

    References

    Chapter 2. Penetration Testing with Python

    Introduction: The Morris Worm—Would it Work Today?

    Building a Port Scanner

    Building an SSH BotNet with Python

    Mass Compromise by Bridging FTP and Web

    Conficker, Why Trying Hard is Always Good Enough

    Writing Your Own Zero-Day Proof of Concept Code

    Chapter Wrap Up

    References

    Chapter 3. Forensic Investigations with Python

    Introduction: How Forensics Solved the BTK Murders

    Where Have You Been?—Analysis of Wireless Access Points in the Registry

    Using Python to Recover Deleted Items in the Recycle Bin

    Metadata

    Investigating Application Artifacts with Python

    Investigating iTunes Mobile Backups with Python

    Chapter Wrap-Up

    References

    Chapter 4. Network Traffic Analysis with Python

    Introduction: Operation Aurora and How the Obvious was Missed

    Where is that IP Traffic Headed?—A Python Answer

    Is Anonymous Really Anonymous? Analyzing LOIC Traffic

    How H D Moore Solved the Pentagon’s Dilemma

    Storm’s Fast-Flux and Conficker’s Domain-Flux

    Kevin Mitnick and TCP Sequence Prediction

    Foiling Intrusion Detection Systems with Scapy

    Chapter Wrap Up

    References

    Chapter 5. Wireless Mayhem with Python

    Introduction: Wireless (IN)Security and the Iceman

    Setting up Your Wireless Attack Environment

    The Wall of Sheep—Passively Listening to Wireless Secrets

    Where Has Your Laptop Been? Python Answers

    Intercepting and Spying on UAVs with Python

    Detecting FireSheep

    Stalking with Bluetooth and Python

    Chapter Wrap Up

    References

    Chapter 6. Web Recon with Python

    Introduction: Social Engineering Today

    Using the Mechanize Library to Browse the Internet

    Scraping Web Pages with AnonBrowser

    Research, Investigate, Discovery

    Anonymous Email

    Mass Social Engineering

    Chapter Wrap-Up

    References

    Chapter 7. Antivirus Evasion with Python

    Introduction: Flame On!

    Evading Antivirus Programs

    Verifying Evasion

    Wrap Up

    References

    Index

Product details

  • No. of pages: 288
  • Language: English
  • Copyright: © Syngress 2012
  • Published: November 8, 2012
  • Imprint: Syngress
  • eBook ISBN: 9781597499644
  • Paperback ISBN: 9781597499576

About the Author

TJ O'Connor

TJ O’Connor is a Department of Defense expert on information security and a US Army paratrooper. While assigned as an assistant professor at the US Military Academy, TJ taught undergraduate courses on forensics, exploitation and information assurance. He twice co-coached the winning team at the National Security Agency’s annual Cyber Defense Exercise and won the National Defense University’s first annual Cyber Challenge. He has served on multiple red teams, including twice on the Northeast Regional Team for the National Collegiate Cyber Defense Competition.

TJ holds a Master of Science degree in Computer Science from North Carolina State, a Master of Science degree in Information Security Engineering from the SANS Technical Institute, and a Bachelor of Science degree in Computer Science from the US Military Academy. He has published technical research at USENIX workshops, ACM conferences, security conferences, the SANS Reading Room, the Internet Storm Center, the Army Magazine, and the Armed Forces Journal. He holds expert cyber security credentials, including the prestigious GIAC Security Expert (GSE) and Offensive Security Certified Expert (OSCE). TJ is a member of the elite SANS Red and Blue Team Cyber Guardians.

TJ O'Connor is an active duty Army Major and former faculty member at the United States Military Academy, where he taught courses on forensics, exploitation, and information assurance. He has published research at USENIX workshops, ACM Conferences, and spoken at various security conferences, including ShmooCon. He has participated in numerous cyber defense exercises, including winning the National Defense University Cyber Challenge, coaching the winning team at the National Security Agency's Cyber Defense Exercise and working as a red team member of the Northeast Regional Collegiate Cyber Defense Competition. He has earned the SANS Certifications GIAC Gold certifications in GCFA, GCIH, GSEC, GCIA, and holds other GIAC certifications.

Latest reviews

(Total rating for all reviews)

  • JohncharlesWard Sat Mar 24 2018

    awesome.

    awesome.