Ethical Hacking with Python eBook

Ethical Hacking with Python

Learn How To Build 50+ Ethical Hacking Tools from Scratch using Python

From simple port scanners to advanced reverse shells, you'll be amazed how such tools can be made with Python!

Python is one of the best programming languages for building automation scripts, Infosec tools, and even malware!

This eBook is a practical hands-on for Python programmers who hope to expand their knowledge in Cyber security and Python by building their own tools for information gathering, penetration testing, digital forensic investigation, and more!

Here's what you'll get:

  • Reading everywhere: PDF or EPUB formats Ebook, no DRM.
  • Tons of Programs to Build: Build 50+ tools340 pages.
  • Working Code: You'll get access to a downloadable link of 71 Python (.py) code files counting 5,000+ lines of code!

Buy For $29

Notice: This eBook is intended solely for educational use in cybersecurity. Readers must use the provided tools and techniques ethically and legally, refraining from any unauthorized or malicious activities. Responsibility for complying with legal and ethical standards rests with the user. The aim is to empower ethical hacking practices using Python.

You'll learn to build the following programs:

  1. Chapter 1: Information Gathering:
    1. Extracting Domain Name Information: Using the WHOIS database and DNS enumeration to extract domain name information.
    2. Reverse DNS Lookup: You will learn how to perform reverse DNS lookup, converting IP addresses back into domain names.
    3. Subdomain Enumeration Tool: Using requests to scan for available subdomains in domain names.
    4. Geolocating IP Addresses: Using the IPinfo service, you'll learn to extract physical geolocation from IP addresses.
    5. Port Scanning: You'll have a chance to build a simple and fast port scanner with sockets and the Nmap tools in Python.
    6. Username Search Tool: You'll build a tool to search for usernames on social media platforms.
    7. Bluetooth Device Scanning: You'll also build a Bluetooth device scanner program, providing insights into local wireless environments.
  2. Chapter 2: Building Malware (Download for free here):
    1. Making a Ransomware: You'll learn to build a program that can encrypt any file or folder in your system with a password, and you can only decrypt it with that key.
    2. Making a Keylogger: A program that listens for keys pressed on your keyboard and sends them either to a log file or via email.
    3. Making a Fork Bomb: A program that consumes all the computer's resources until crashing.
    4. Making a Reverse Shell: You will write a program that can remotely control a target machine with shell/cmd commands.
    5. Making an Advanced Reverse Shell: A program that extends the previous reverse shell and adds many features, such as recording the microphone, making screenshots, and sending and receiving files.
    6. Making Malware Persistent: Adding persistent code to any Python code so it runs even after the system restarts.
  3. Chapter 3: Building Password Crackers:
    1. Making a Wordlist Generator: A tool like Crunch (in Python) that generates a wordlist based on character set, pattern, and more parameters passed by the user.
    2. Locking PDFs: Adding passwords to PDF documents with Python.
    3. Locking ZIP Files: Adding passwords to ZIP files using the pyzipper library.
    4. Cracking ZIP Files: ZIP files are a file format used to store compressed files; these files can be zipped and unzipped using a password. You'll build a program that uses brute force to search for the password.
    5. Cracking PDF documents: PDF files are a file format used to store documents; these files can be protected using a password. We will make a script that tries to crack this password.
    6. Brute-forcing SSH Servers: SSH is a secure shell protocol that generally connects to a remote server via a password. We will build a Python tool to read from a wordlist and try to connect using every password with that list.
    7. Brute-forcing FTP Servers: FTP is a file transfer protocol that generally transfers files to and from a remote server via a password. Similarly, we will make a Python tool to read from a wordlist and try to extract the password.
    8. Cracking Cryptographic Hashes: Hashes are used to securely store sensitive information such as passwords. They're designed to be one-way, meaning it's computationally impossible to reverse the process and obtain the original data from the hash. We'll explore Python's built-in hashlib library and build a hash cracker.
    9. Password Generator: We make an advanced password generator that allows you to create strong passwords.
    10. Checking Password Strength: At the end of the chapter, we explore multiple techniques to learn about the strength of passwords with Python.
  4. Chapter 4: Forensic Investigations:
    1. Extracting PDF Metadata: You'll learn to extract metadata information from PDF documents using Python.
    2. Extracting Image Metadata: Building a tool that can extract EXIF image metadata such as the model of the device, exact date and time, and even GPS info on some devices.
    3. Extracting Video Metadata: Extracting track/music metadata and various other technical data from videos and audio.
    4. Extracting DOCX Metadata: Extracting metadata from Microsoft Word (.docx) documents with python-docx library.
    5. Removing Metadata from Files: Ensure privacy by removing metadata from PDFs, images, audio/video and docx files with Python.
    6. Extracting Passwords from Chrome: By making a script that extracts saved passwords on your Chrome browser in Windows, you'll also learn how to protect yourself from this.
    7. Extracting Cookies from Chrome: Write a program that extracts cookies from all visited websites on your Chrome browser in Windows.
    8. Hiding Data in Images: Using Steganography, you will learn to hide data inside images with the Least Significant bit technique using OpenCV in Python.
    9. Verifying File Integrity: Make sure your files aren't tampered with by checking file checksum with the hashlib library in Python.
    10. Changing your MAC address: One major technique hackers use is changing their MAC address after an attack to hide their identity. We'll build one with Python.
    11. Extracting Saved Wi-Fi Passwords: A program that searches for saved Wi-Fi passwords in your machine, either on Windows or Unix-based systems.
    12. Generating Fake User Data: Learn how to use the Faker library to generate fake user profiles and data.
  5. Chapter 5: Packet Manipulation with Scapy
    1. DHCP Listener: We build a Python script that looks for DNS request packets and prints them to the console. Since DHCP is enabled for most networks, you'll be able to capture any device's important information that was recently connected to your network.
    2. Network Scanner: A simple network scanner that uses ARP requests to discover connected devices in the same network.
    3. Wi-Fi Scanner: We'll build an airodump-ng clone that scans for nearby Wi-Fi's using Scapy.
    4. SYN Flooding Attack: One of the most common denial of service (DOS) attacks, we'll make a script that does that.
    5. Creating Fake Access Points: We'll build a script to send 802.11 beacon frames continuously to forge fake access points nearby.
    6. Forcing Devices to Disconnect: Like beacon frames, we make a Python code that can send 802.11 deauthentication frames in the air to kick devices from their connected network.
    7. ARP Spoofing Attack: You'll learn how to forge malicious ARP packets and send them into the network to be man-in-the-middle.
    8. Detecting ARP Spoofing Attacks: A Python script that can detect malicious ARP replies and warn the user when that happens.
    9. DNS Spoofing: After you're man-in-the-middle using ARP spoofing, you can modify the target machine's packets on the fly. This program will target DNS response packets and change the response domain name to a modified domain to forward the target users to malicious websites.
    10. Sniffing HTTP Packets: Another use case of being man-in-the-middle is that you can sniff many packets that include valuable information, such as HTTP data.
    11. Injecting Code into HTTP Packets: Rather than just viewing the packets, why not modify them and include malicious Javascript, HTML, or CSS code on the websites the user visits?
    12. Advanced Network Scanner: Finally, we build an advanced network scanner that is robust in most network settings; we bundle a bunch of scanners such as passive monitoring, ARP scanning, UDP scanning, and ICMP scanning. We even include the DHCP listener in it. Besides that, you'll be able to write more than 500 lines of Python code and learn a lot about Python classes, IP addresses, threading, and more.
  6. Chapter 6: Extracting Email Addresses from the Web
    1. Building a Simple Email Extractor: We start this chapter by making a simple script that looks for email addresses on a single web page.
    2. Building an Advanced Email Spider: In this one, we extend our simple email extractor with the following features:
      • Instead of extracting emails from a single page, we add a crawler that searches every link on that page and parses emails.
      • To prevent the program from crawling indefinitely, we add an integer parameter to stop crawling when the number of crawled links reaches this parameter.
      • We run multiple email extractors simultaneously using threads to take advantage of the Internet speed.
      • When the crawler produces links to be visited for extracting emails, other threads will consume these links and visit them to search for email addresses.

This EBook is for:

  • Python programmers who are interested in building tools in the cyber security field.
  • Python beginners who seek to expand their knowledge in Python and information security.
  • Cyber security enthusiasts who want to utilize the tools built in the EBook and apply their skills.

If you don't have experience with Python, I highly recommend you take an online course, a Python book, or even a quick YouTube playlist before buying the EBook, and you're good to go! You can check this page to see our recommended Python courses.

We'll constantly update the EBook; you'll have free access to future versions if you purchase now!

Still not convinced? To see it by yourself, click here to get a free chapter from the book.

We're confident that you'll find the information in this EBook to be valuable and useful. However, if for any reason you're not satisfied with your purchase, we offer a 15-day money-back guarantee. Simply contact us within 15 days of your purchase, and we'll fully refund your money. No questions asked.

Whether you're a beginner or an advanced Python programmer, this eBook will provide you with the knowledge and skills you need to excel in cybersecurity. Don't miss out on this opportunity to take your Python skills to the next level and become an expert in ethical hacking. Get your copy now and start building your own tools today!

Order My Copy




 

 

 

 

 

 

 

 

 

Table of Content:
About the Author
Introduction
Notices and Disclaimers
Target Audience
Overview of the Book
Tools used in this Book
Chapter 1: Information Gathering
    1. Extracting Domain Name Info
        Validating a Domain Name
        Extracting Domain WHOIS Info
        DNS Enumeration
        Scanning Subdomains
        Putting Everything Together
        Running the Code
    2. Reverse DNS Lookup
        Introduction
        Code Implementation
        Solution 1: Using the socket Module
        Solution 2: Using ViewDNS API
        Conclusion
    3. Geolocating IP Addresses
        Introduction
        Writing the Code
        Running the Code
    4. Port Scanning
        Simple Port Scanner
        Fast Port Scanner
        Port Scanning with Nmap
    5. Username Search Tool
        Introduction
        Code Implementation
        Solution 1: Custom Python Script
        Solution 2: Using Sherlock Tool
        Conclusion
    6. Bluetooth Device Scanner
    Chapter Wrap Up
Chapter 2: Building Malware
    1. Making a Ransomware
        Introduction
        Getting Started
        Deriving the Key from a Password
        File Encryption
        File Decryption
        Encrypting and Decrypting Folders
        Running the Code
    2. Making a Keylogger
        Introduction
        Getting Started
        Making the Callback Function
        Reporting to Text Files
        Reporting via Email
        Finishing the Keylogger
        Running the Code
    3. Making a Fork Bomb
        Using os.fork()
        Using the multiprocessing Module
        Building a Terminal Spawn Bomb
        Protecting Against Fork Bomb Attacks
        Conclusion
    4. Making a Reverse Shell
        Introduction
        Server Code
        Client Code
        Running the Code
    5. Making an Advanced Reverse Shell
        Server Code
        Client Code
        Handling the Custom Commands
        Taking Screenshots
        Recording Audio
        Downloading and Uploading Files
        Extracting System and Hardware Information
        Instantiating the Client Class
        Running the Programs
    6. Making Malware Persistent
        Introduction
        On Windows
        On Linux/macOS
        Using the Persistence Functions
        Running the Program
        On Linux/macOS
        On Windows
        Removing Persistent Malware
        Conclusion
        Chapter Wrap Up
Chapter 3: Building Password Crackers
    1. Making a Wordlist Generator
        Introduction
        Writing the Code
        Running the Code
        Conclusion
    2. Locking PDFs
        Introduction
        Running the Code
        Importance of PDF Locking
        Conclusion
    3. Locking ZIP Files
        Introduction
        Running the Code
        Conclusion
    4. Cracking ZIP Files
        Introduction
        Getting Started
        Running the Code
    5. Cracking PDF Files
        Brute-force PDFs using Pikepdf
        Brute-force PDFs using PyMuPDF
        Cracking PDFs using John the Ripper
    6. Bruteforcing SSH Servers
    7. Bruteforcing FTP Servers
    8. Cryptographic Hashes
        Introduction
        Exploring the hashlib Module
        Benchmarking Hash Functions
        Cracking Hashes
        Conclusion
    9. Making a Password Generator
        Parsing the Command-line Arguments
        Start Generating
        Saving the Passwords
        Running the Code
    10. Checking Password Strength
        Method 1: Score-Based Password Strength Assessment
        Method 2: Using the password_strength Library
        Method 3: Using the zxcvbn Library
        Comparison of Methods
        Conclusion
        Chapter Wrap Up
Chapter 4: Digital Forensics
    1. Extracting Metadata from Files
        PDF
        Image
        Audio/Video
        DOCX
        Running the Code
        Conclusion
    2. Removing Metadata from Files
        Introduction
        PDFs
        Images
        Audio/Video
        DOCX
        Conclusion
    3. Extracting Passwords from Chrome
        Protecting Ourselves
    4. Extracting Cookies from Chrome
    5. Hiding Data in Images
        What is Steganography?
        What is the Least Significant Bit?
        Getting Started
        Encoding the Data into the Image
        Decoding the Data from the Image
        Running the Code
    6. Verifying File Integrity
        Introduction
        Importance of Verifying File Integrity
        Conclusion
    7. Changing your MAC Address
        On Linux
        On Windows
    8. Extracting Saved Wi-Fi Passwords
        On Windows
        On Unix-based Systems
        Wrapping up the Code & Running it
    9. Generating Fake User Data
        Introduction
        Why Use Faker?
        Importance of Generating Fake User Data
        Conclusion
        Chapter Wrap Up
Chapter 5: Packet Manipulation with Scapy
    Introduction
    1. Installing Scapy
        On Windows
        On Linux
        On macOS
    2. DHCP Listener
        Introduction
        Looking for DHCP Packets
        Running the Script
    3. Network Scanner
        Introduction
        Writing the Code
        Running the Script
    4. Wi-Fi Scanner
        Getting Started
        Making the Callback Function
        Changing Channels
        Running the Code
    5. Making a SYN Flooding Attack
        Introduction
        Forging the Packet
        Running the Code
    6. Creating Fake Access Points
        Enabling Monitor Mode
        Simple Recipe
        Forging Multiple Fake Access Points
        Running the Code
    7. Forcing Devices to Disconnect from the Network
        Introduction
        Enabling Monitor Mode
        Writing the Code
        Running the Code
    8. ARP Spoofing Attack
        What is ARP Spoofing
        Getting Started with the Python Script
        Enabling IP Forwarding
        Implementing the ARP Spoofing Attack
        Running the Code
    9. Detecting ARP Spoofing Attacks
    10. DNS Spoofing
        What is DNS
        What is DNS Spoofing
        Writing the Script
    11. Sniffing HTTP Packets
        Introduction
        Packet Sniffing
        Running the Code
    12. Injecting Code into HTTP Responses
        Getting Started
        Modifying the Packet
        Running the Code
    13. Advanced Network Scanner
        Implementing the Scanning Functions
        Writing Utility Functions
        Creating the Scanner Classes
        Writing the Main Code
        Running the Program
        Final Words & Tips for Extending the Program
        Chapter Wrap Up
Chapter 6: Extracting Email Addresses from the Web
    1. Building a Simple Email Extractor
    2. Building an Advanced Email Spider
        Running the Code
        Conclusion

   Last Updated: jul 2024