Dear PenTest Readers,
We would like to proudly present to you the newest issue of PenTest. We hope that you will find many interesting articles inside the magazine and that you will have time to read all of them.
We are really counting on your feedback here!
In this issue we discuss the tools and methods that you can find useful while programming with Python language. It’s a powerful new-age scripting platform, which became one of the most popular languages used for penetration testing. The magazine contains articles about writing your own extensions in Burp Suite, Web Scraping, and Reverse Engineering of communication protocols using netzob. You will also learn how to Intercept Non-HTTP Traffic using NoPE proxy and discover useful Scapy tips and tricks. At the end of the magazine you will find one additional article related to professional methodologies in Wi-Fi penetration testing.
Enjoy your reading,
Table of contents:
Web Scraping with Python
by Sam Vega
Since this article is not about introducing you to Python programming concepts, general syntax, etc., we’ll dive right into the subject of web scraping. What is web scraping? Web scraping is a computer software technique of extracting information from websites. The technique is also known as web harvesting or web data extraction, according to Wikipedia. Python is a good language for web scraping. In this article, we’ll use the Pentest Magazine website.
NoPE Proxy: Python Mangling and Intercepting Non-HTTP Traffic
by Josh Summit
To overcome challenges, the NoPE Proxy or Non-HTTP Protocol Extension was developed. The NoPE Proxy adds non-HTTP proxy support to BurpSuite along with a host of other features, like Python scripting and DNS spoofing for more granular control over your devices and traffic flow. This article will go over several of these features and how to use the proxy when you’re faced with one of these protocols in your next assessment.
Extending Burp Using Python
by Hamed Farid
You can write your own extensions in Burp using the Burp Extensibility API. The API consists of a number of Java interfaces that you will provide implementations of, depending upon what you are trying to accomplish.
However, Burp is written in Java and the understeering of its APIs need some java knowledge but I think some understanding of any programming language will be enough beside searching the web for Java keywords you don’t understand. Burp extensions can be written in Java, Python, or Ruby. We’ll use Python here in this article, check the section Why Python for details.
Reverse Engineering of communication protocols using netzob
By Juan Manuel Reyes
When studying the functioning of proprietary protocols in black box audits, it is possible to take advantage of the power of Python thanks to a library like Netzob. Even though the tasks corresponding to the development of a Pen Test do not typically encompass reverse engineering, this may end up being key when committing complex systems.
The Power of Python
Python is a dynamic, interpreted language. No type declarations of variables, parameters, functions, or methods in source code making the code short and flexible, and you lose the compile-time type checking of the source code.
Coming to the point, how is it being used by hackers for benefits? This language has got a lot more advantages over the other languages. Let us have a few fragments of comparison that will clearly state why this is the preferred one over others.
Python Programming for Hackers
by Muruganandam C. & Sumalatha Chinnaiyan
Scapy is a very powerful interactive packet manipulation library and tool that stands out from all these libraries. Scapy provides us different commands, from basic level to advanced level, for investigating a network. We
can use Scapy in two different modes: interactively within a terminal window, and programmatically from a Python script by importing it as a library.
This article helps to understand some insight of basic modules of Python which indeed helps the hacker achieve their task in efficient way. This will help us to automate many security tasks. We can also use the results from one script or tool to another, thus cascading the tools to automate penetration testing.
Using the Volatility Framework to build Python forensics code
by Mauricio Harley
In this article, I want to show you the Volatility Framework, an open source initiative to do forensics analysis through memory investigation. Forensics analysis is one of the fastest growing areas in Information Security. Along with Penetration Testing, forensics skills are too valuable and this is easy to find, since we often see on TV, news and Internet many incidents related to server invasion, ransomware, data leakage and so on. Hence, being able to correctly collect and analyze evidence are essential qualities to a professional or future forensics analyst candidate.
Play around the network with SCAPY
by Rupali Dash
Python owns a very powerful library “SCAPY” developed by Philippe Biondi. Scapy is a packet manipulation library giving us amazing usability to sniff the network, to read each packet and craft your own packet. Scapy is used not only by pentesters but also by security developers to develop IDS sensors as well as firewall functionalities. In this article we will only concentrate on exploring the functionalities used by penetration testers.
Python: Hacker’s Swiss Army Knife
By Kaisar Reagan
Finding a vulnerability in a software system is one of the fields where Python acts like a Boss. Python based Immunity Debugger has many design features in place to make this journey a little easier on the exploit developer. Python can be used to speed up the process of getting a working exploit, including a way to find specific instructions for getting EIP into shellcode and to determine what bad characters we need to filter out when encoding shellcode, even for delivering payload.
In this article you will see an example of a script that will take an instruction and return all addresses where the instruction lives.
Professional methodologies in Wi-Fi penetration testing
by David Futsi
The purpose of this document is to present professional methodologies within Wi-Fi penetration testing. The information provided will be gathered from relevant research papers that discuss the present methodologies, tools and professional issues a penetration tester would consider within a business environment. Existing penetration testing frameworks will be analyzed to conclude a combined methodology for wireless penetration testing. Common exploitation methods will be discussed as well. Social, ethical, professional and legal issues (SEPL) will be considered and detailed.