[Description]
Tools used for penetration testing are often purchased or downloaded from the Internet. Each tool is based on a programming language such as Perl, Python, or Ruby. If a penetration tester wants to extend, augment, or change the functionality of a tool to perform a test differently than the default configuration, the tester must know the basics of coding for the related programming language. Coding for Penetration Testers provides the reader with an understanding of the scripting languages that are commonly used when developing tools for penetration testing. It also guides the reader through specific examples of custom tool development and the situations where such tools might be used. While developing a better understanding of each language, the reader is guided through real-world scenarios and tool development that can be incorporated into a tester's toolkit.
[Table of Contens]
Coding for Penetration Testers, 1st Edition
Foreword
About the Authors
About the Technical Editor
Acknowledgments
Chapter 0. Introduction
Book Overview and Key Learning Points
Book Audience
How this Book is Organized
Conclusion
Chapter 1. Introduction to command shell scripting
Information in this Chapter
On Shell Scripting
UNIX, Linux, and OS X Shell Scripting
Bash Basics
Putting It All Together with Bash
Windows Scripting
PowerShell Basics
Putting it all together with PowerShell
Summary
ENDNOTES
Chapter 2. Introduction to Python
Information in this Chapter
What is Python?
Where is Python Useful?
Python Basics
File Manipulation
Network Communications
Summary
ENDNOTES
Chapter 3. Introduction to Perl
Information in this Chapter
Where Perl is Useful
Working with Perl
Perl Basics
Putting It All together
Summary
ENDNOTES
Chapter 4. Introduction to Ruby
Information in this Chapter
Where Ruby is Useful
Ruby Basics
Building Classes with Ruby
File Manipulation
Database Basics
Network Operations
Putting It All Together
Summary
ENDNOTES
Chapter 5. Introduction to Web scripting with PHP
Information in this Chapter
Where Web scripting is Useful
Getting Started with PHP
Handling Forms with PHP
File Handling and Command Execution
Putting It All Together
Summary
Chapter 6. Manipulating Windows with PowerShell
Information in this Chapter
Dealing with Execution Policies in PowerShell
Penetration Testing uses for PowerShell
PowerShell and Metasploit
Summary
ENDNOTES
Chapter 7. Scanner scripting
Information in this Chapter
Working with Scanning Tools
Netcat
Nmap
Nessus/OpenVAS
Summary
ENDNOTES
Chapter 8. Information gathering
Information in this Chapter
Information Gathering for Penetration Testing
Talking to Google
Web Automation with Perl
Working with Metadata
Putting It All Together
Summary
ENDNOTES
Chapter 9. Exploitation scripting
Information in this Chapter
Building Exploits with Python
Creating Metasploit Exploits
Exploiting PHP Scripts
Cross-Site Scripting
Summary
Chapter 10. Post-exploitation scripting
Information in this Chapter
Why Post-Exploitation Is Important
Windows Shell Commands
Gathering Network Information
Scripting Metasploit Meterpreter
Database Post-Exploitation
Summary
Appendix: Subnetting and CIDR addresses
Index
新书报道