Coding for Penetration Testers

Overview

Below is an outline of Coding for Penetration Testers. If you’re a member, then you can log into the Library and view it in your browser using the email address you signed up with. PS. Only members can successfully log in.

  • Click HERE to log into the library (Members only).
  • Folder: Books and Guides > Security - Penetration Testing

If you are having issues logging in, please check the following help guide, HERE.

 

Outline

1. Introduction to command shell scripting
2. On Shell Scripting
2.1.1. What is a shell?
2.1.2. What is a script?
2.1.3. Shell scripts
2.1.4. Where shell scripting is useful
3. UNIX, Linux, and OS X shell scripting
3.1.1. Shell availability and choices
3.1.2. Working with shells
4. Bash basics
4.1.1. Hello World
4.1.2. Variables
4.1.3. Arguments
4.1.4. Control Statements
5. Putting it all together with bash
5.1.1. Adding /dev/tcp/ support to bash
5.1.2. Building a port scanner with bash
5.1.3. Improving the script
6. Windows scripting
6.1.1. Shell availability and choices
6.1.2. Command.com and CMD.exe
6.1.3. PowerShell
6.1.4. Cygwin
6.1.5. Other shells
7. PowerShell basics
7.1.1. HelloWorld
7.1.2. Variables
7.1.3. Arguments
7.1.4. Control statements
7.1.5. Conditionals
7.1.6. Looping
8. Putting it all together with PowerShell
8.1.1. Building a port scanner with PowerShell
8.1.2. Improving the script
9. Summary
10. Endnotes

11. Introduction to Python
12. What is Python?
12.1.1. Where do we get Python?
13. Where is Python useful?
13.1.1. Multiplatform scripting
13.1.2. Network scripting
13.1.3. Extensive modules
13.1.4. Reusable code that is easy to create
14. Python basics
14.1.1. Getting started
14.1.2. Variables
14.1.3. Modules
14.1.4. Arguments
14.1.5. Lists
14.1.6. Dictionaries
14.1.7. Control statements
14.1.8. Functions
15. File manipulation
15.1.1. Exception handling
16. Network communications
16.1.1. Client communications
16.1.2. Server communications
16.1.3. Scapy
17. Summary
18. Endnotes

19. Introduction to Perl
20. Where Perl is useful
20.1.1. Handling text
20.1.2. Gluing applications together
21. Working with Perl
21.1.1. Editing tools
21.1.2. Extending Perl scripts
21.1.3. GUIs in Perl
22. Perl basics
22.1.1. Hello World
22.1.2. Variables
22.1.3. Shell commands
22.1.4. Arguments
22.1.5. Control statements
22.1.6. Regular expressions
22.1.7. File input and output
23. Putting it all together
23.1.1. Building an SNMP scanner with Perl
23.1.2. Improving the script
24. Summary
25. Endnotes

26. Introduction to Ruby
27. Where Ruby is useful
28. Ruby basics
28.1.1. Variables
28.1.2. Arrays and hashes
28.1.3. Control statements
28.1.4. Functions
29. Building classes with Ruby
29.1.1. Building a class
29.1.2. Extending a class
29.1.3. Accessing class data
30. File manipulation
31. Database basics
31.1.1. Using DBI
31.1.2. Using Active Record
32. Network operations
32.1.1. Client communications
32.1.2. Server communications
33. Putting it all together
34. Summary
35. Endnotes

36. Introduction to Web scripting with PHP
37. Where Web scripting is useful
38. Getting started with PHP
38.1.1. Scope
38.1.2. PHP basics
38.1.3. Functions
39. Handling forms with PHP
40. File handling and command execution
40.1.1. File handling
40.1.2. Command execution
41. Putting it all together
42. Summary

43. Manipulating Windows with PowerShell
44. Dealing with execution policies in PowerShell
44.1.1. Execution policies
44.1.2. Bypassing the policies
44.1.3. Getting in
44.1.4. Penetration testing uses for PowerShell
44.1.5. Controlling processes and services
44.1.6. Interfacing with the event logs
44.1.7. Getting and sending files over the network
44.1.8. Interfacing with the Registry
45. PowerShell and Metasploit
45.1.1. PowerShell-oriented Metasploit modules
45.1.2. PowerDump
45.1.3. Windows gather PowerShell environment setting enumeration
45.1.4. Making use of the modules
46. Summary
47. Endnotes

48. Scanner scripting
49. Working with scanning tools
49.1.1. Netcat
49.1.2. Nmap
49.1.3. Nessus/OpenVAS
50. Netcat
50.1.1. Implementations of Netcat
50.1.2. Simple Netcat usage
50.1.3. Building a Web server with Netcat
50.1.4. Transferring files with Netcat
51. Nmap
51.1.1. Working with service probes in Nmap
51.1.2. The Nmap scripting engine
51.1.3. Building Nmap NSE files
52. Nessus/OpenVAS
52.1.1. NASL in Nessus and OpenVAS
52.1.2. Nessus attack scripting language NASL
53. Summary
54. Endnotes

55. Information gathering
56. Information gathering for penetration testing
56.1.1. Sources of information
56.1.2. Patterns in information
56.1.3. Metadata
56.1.4. What can we do with the information
57. Talking to Google
57.1.1. Google hacking
57.1.2. Advanced operators
57.1.3. Automating Google discovery
58. Web automation with Perl
58.1.1. Pulling information from Web sites
59. Working with metadata
59.1.1. Finding metadata
59.1.2. Document metadata
59.1.3. Metadata in media files
60. Putting it all together
61. Summary
62. Endnotes

63. Exploitation scripting
64. Building exploits with Python
64.1.1. Getting software
64.1.2. Setting up debugging
64.1.3. Causing our first crash
64.1.4. Using pattern_offset
64.1.5. Controlling EIP
64.1.6. Adding shellcode
64.1.7. Getting our shell
65. Creating Metasploit Exploits
65.1.1. Starting a template
65.1.2. Porting the exploit code
65.1.3. Executing the exploit
66. Exploiting PHP scripts
66.1.1. Remote File Inclusion
66.1.2. Command execution vulnerabilities
67. Cross-Site Scripting
67.1.1. What is XSS?
67.1.2. Exploiting XSS
68. Summary

69. Post-exploitation scripting
70. Why post-exploitation is important
71. Windows shell commands
71.1.1. User management
72. Gathering network information
72.1.1. Windows network information gathering
72.1.2. Linux network information gathering
73. Scripting Metasploit Meterpreter
73.1.1. Getting a shell
73.1.2. Building a basic script
73.1.3. Executing the script
74. Database post-exploitation
74.1.1. What is SQL injection
74.1.2. MySQL
74.1.3. SQL injection on Microsoft SQL Server
75. Summary
76. Appendix
77. Index

 

-----

Next steps:

This article was contributed by Jason Jacobs from Guyana. Jason is a member of the Caribbean CSPA. 

 

Was this article helpful?
0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.