Video description
The process of finding and eradicating an attacker is time-consuming and costs a lot, which hurts your organization. You need to write tools that will help you automate your defensive and offensive security. As a penetration tester, you need to evolve quickly. When off-the-shelf tools and exploits fall short, writing your own tool will help you safeguard your data.
In this course, learn how to leverage Python to perform routine tasks quickly and efficiently. You will automate log analysis and packet analysis with file operations, regular expressions, and analysis modules; interact with websites to collect intelligence; and develop TCP client and server applications for use in penetration testing. You will learn how to build automation tools for information security, and will hopefully find that these examples will help inspire you to design and build your own!
By the end of this course, you will have the skills and confidence you need to automate both offensive and defensive security techniques using Python; and have developed several small security tools and one large comprehensive penetration testing tool, all of which can be used in the real world.
What You Will Learn
- Read and modify exploit scripts so they can be used in a real penetration test
- Analyze a packet capture file to look for network traffic anomalies
- Collect open-source intelligence (OSINT) to speed up the passive-intelligence-gathering phase of a penetration test
- Analyze a log file for suspicious activity
- Write a Python replacement for Netcat that can be used for many purposes including obtaining a shell after a successful exploit
- Collect packets of the wire for use in live network traffic analysis
- Develop your first penetration-testing tool
Audience
If you are a security professional, a networking enthusiast, or just plain curious in understanding how networks and packets work internally, then this course is for you!
Requirements: Beginner to intermediate-level Python proficiency recommended, Oracle VirtualBox, Kali Linux, Metasploitable 2 and PyCharm IDE in your Kali system.
About The Author
Thomas McNeela: Thomas McNeela is an experienced information security professional and continuing-education instructor. Over his nine-year career, he has worked for several companies including Motorola Mobility and U.S. Cellular.
Thomas specializes in network engineering and security, security assessments, threat intelligence, and automation. He earned a Master of Science (M.S.) degree in Information Systems from Northwestern University and holds many industry-recognized certifications including the CISSP and CEH (Master), and is currently working for information security software and services firm located in the Chicago area.
Table of contents
- Chapter 1 : Reading, Modifying, and Testing an Exploit Script
- Chapter 2 : Analyzing a Packet Capture File
- Chapter 3 : Gathering Open-Source Intelligence
- Chapter 4 : Analyzing a Log File
- Chapter 5 : Writing a Python Replacement for Netcat
- Chapter 6 : Collecting Network Packets Off the Wire
- Chapter 7 : Building a Penetration Testing Tool
Product information
- Title: Python for Automating Information Security
- Author(s):
- Release date: May 2020
- Publisher(s): Packt Publishing
- ISBN: 9781838828219
You might also like
video
Mastering Python - Networking and Security
In this Mastering Python - Networking and Security training course, expert author Ric Messier teaches you …
book
Security Automation with Ansible 2
Automate security-related tasks in a structured, modular fashion using the best open source automation tool available …
book
Hands-On Penetration Testing with Python
Implement defensive techniques in your ecosystem successfully with Python Key Features Identify and expose vulnerabilities in …
video
Python Network Programming for Network Engineers (Python 3)
The days of configuring Cisco networks only with the command-line interface (CLI) are ending. Do you …