SELF-PACED, LAUNCH NOVEMBER 29TH – During this course you will learn more advanced python technics that are useful for pentesters and hackers. We’ll use Python to interact with Windows, complete forensic-like tasks and reverse engineer Python malware samples.
During this course you will learn more advanced Python techniques that are useful for pentesters and hackers. You’ll use Python to interact with Windows, complete forensic-like tasks and reverse engineer Python malware samples.
18 CPE CREDITS
You will learn:
You will learn how to go beyond the basics of Python and learn how to be comfortable enough build their own Python scripts to complete advanced tasks. We’ll cover how to use Python to interact with the Windows operating system to glean information from the system. We’ll also look at some Python scripts to understand how they were constructed in order to achieve its malicious intent.
You will need:
A physical machine, or a VM, running any flavor of Linux or OS X with Python 2.7.x installed and a Windows VM machine running 32 or 64-bit of Windows 7. We will not be using Python 3 in this course.
Before you join you should know:
It will be assumed that you already know the basics of Python and basic programming concepts, such as variables, looping, etc. Even though Module 1 will go into Python programming concepts but I’ll be diving straight into advanced concepts skipping the basic Python 101-type of information.
Module 1: Advanced Python Programming
Module 1 description: Discuss advanced programming concepts in Python.
Module 1 covered topics: Ctypes, regex, libraries, classes & objects, exception
handling, packages, socket programming, etc.
Module 1 exercises: Create a Python script that will act as a multi-threaded port scanner.
Module 2: Windows and Python
Module 2 description: Use Python to run/interact on/with Windows.
Module 2 covered topics: Perform privilege escalation, bypassing Windows firewall,
interacting with various browsers, monitoring API calls, using py2exe, etc.
Module 2 exercises: Create a Python script that will interact with WMI and output all the
processes that are running with high privileges.
Module 3: Forensics with Python
Module 3 description: Use Python to complete forensic-like tasks on Windows.
Module 3 covered topics: Interact with NTFS, recovering deleted files, gleaning from the
registry, extracting metadata from documents, PE analysis, etc.
Module 3 exercises: Create a Python script that will search through deleted files and brute
force password protected zip file.
Module 4: Python Malware
Module 4 description: Reverse engineer Python malware samples to understand how
malware in Python is constructed.
Module 4 covered topics: Ram scrapers, keyloggers, RATs, backdoors w/C2-like
Module 4 exercises: Create a hybrid malware sample from the lessons learned in this
Your instructor: Dion Rodriguez
Dion has been working with technology for the past ~15 years. He dabbles in all facets of IT, absorbing as much information as possible. Always learning something and trying to figure something out. Currently a freelance security consultant within the tri-state area performing security assessments and risk assessments for SMBs