Python-Penetration-Testing

Penetration Testing using Python

Course Description

Python Penetration Testing from Codec Networks, is designed to give candidates the skills they need for tweaking, customizing, or outright developing your own tools to put you on the path of becoming a great penetration tester.

This course is appealing to a wide variety of backgrounds ranging from people without a drop of coding experience all the way up to skilled Python developers looking to increase their expertise and map their capabilities to penetration testing and also covers the concepts of system security, attacking web applications, network security, exploitation techniques, binary and malware analysis and task automation.

The course further teaches how to employ the Python language for security research, attack automation, and penetration testing with a practical approach. This course also covers the concepts of system security, attacking web applications, network security, exploitation techniques, binary and malware analysis and task automation.

Who Should Attend

The course is targeted at Security Professionals who want to learn how to develop Python applications, Penetration testers who want to move from being a consumer of security tools to the creator security tools, Technologists that need custom tools to test their infrastructure and desire to create those tools themselves.

Pre-requisites

Candidates should have prior programming experience and be familiar with basic concepts of Python Coding and Scripting. To go for this course, candidate must attended for Python Coding & Scripting course.

Learning Objectives

After completing this course, students will have a fundamental understanding of how to:

  • Comprehend the File Handling, Functions, and Functional Programming
  • Configure Python in Linux and Windows
  • Access the network and Internet
  • Create Directory Access and Managing Files
  • How to set Controls and Permissions
  • Comprehend the Clients architecture and Servers
  • Understand the XSS and SQL attacks on web applications
  • Fundamentals of Process Debugging

Course Duration

40 Hours.

Course Content

Python Scripting Essentials

  • Introduction to Interpreted Languages and Python
  • Data Types and variables
  • Operators and Expressions
  • Program Structure and Control
  • Functions and Functional Programming
  • Classes, Objects and other OOPS concepts
  • Modules, Packages and Distribution
  • Python in Linux and Unix
  • Python in Windows
  • Python in Mobiles: iPhone and Androids
  • Python in Embedded Devices: Routers
  • Program Portability

System Programming and Security

  • I/O in Python
  • File and Directory Access
  • Multithreading and Concurrency
  • Inter Process Communication (IPC)
  • Permissions and Controls

Creating Sniffers and Packet Injectors

  • Raw Socket basics
  • Socket Libraries and Functionality
  • Programming Servers and Clients
  • Programming Wired and Wireless Sniffers
  • Programming arbitrary packet injectors
  • PCAP file parsing and analysis

Web Application Security

  • Web Servers and Client scripting
  • Web Application Fuzzers
  • Scraping Web Applications – HTML and XML file analysis
  • Web Browser Emulation
  • Attacking Web Services
  • Application Proxies and Data Mangling
  • Automation of attacks such as SQL Injection, XSS etc.

Exploitation Writing and Analysis Automation

  • Exploit Development techniques
  • Immunity Debuggers and Libs
  • Writing plugins in Python
  • Binary data analysis
  • Exploit analysis Automation

Malware Analysis and Reverse Engineering

  • Process Debugging basics
  • Pydbg and its applications
  • Analyzing live applications
  • Setting breakpoints, reading memory etc.
  • In-memory modifications and patching

Attack Task Automation

  • Task Automation with Python
  • Libraries and Applications