Ethical Hacking with Python eBook

Ethical Hacking with Python

Learn How To Build 39 Ethical Hacking Tools from Scratch using Python

From simple port scanners to advanced reverse shells, you'll be amazed how such tools can be made with Python!

Python is one of the best programming languages for building automation scripts, Infosec tools, and even malware!

This eBook is a practical hands-on for Python programmers who hope to expand their knowledge in Cyber security and Python by building their own tools for information gathering, penetration testing, digital forensic investigation, and more!

Here's what you'll get:

  • Reading everywhere: PDF or EPUB formats Ebook, no DRM.
  • Tons of Programs to Build: Build 39 tools279 pages.
  • Working Code: You'll get access to a downloadable link of 49 Python (.py) code files counting 4,100+ lines of code!

Buy For $24

Notice: This eBook is intended solely for educational use in cybersecurity. Readers must use the provided tools and techniques ethically and legally, refraining from any unauthorized or malicious activities. Responsibility for complying with legal and ethical standards rests with the user. The aim is to empower ethical hacking practices using Python.

You'll learn to build the following programs:

  1. Chapter 1: Information Gathering:
    1. Extracting Domain Name Information: Using the WHOIS database and DNS enumeration to extract domain name information.
    2. Subdomain Enumeration Tool: Using requests to scan for available subdomains in domain names.
    3. Geolocating IP Addresses: Using the IPinfo service, you'll learn to extract physical geolocation from IP addresses.
    4. Port Scanning: You'll have a chance to build a simple and fast port scanner with sockets and the Nmap tools in Python.
  2. Chapter 2: Building Malware (Download for free here):
    1. Making a Ransomware: You'll learn to build a program that can encrypt any file or folder in your system with a password, and you can only decrypt it with that key.
    2. Making a Keylogger: A program that listens for keys pressed on your keyboard and sends them either to a log file or via email.
    3. Making a Reverse Shell: You will write a program that can remotely control a target machine with shell/cmd commands.
    4. Making an Advanced Reverse Shell: A program that extends the previous reverse shell and adds many features, such as recording the microphone, making screenshots, and sending and receiving files.
  3. Chapter 3: Building Password Crackers:
    1. Cracking ZIP Files: ZIP files are a file format used to store compressed files; these files can be zipped and unzipped using a password. You'll build a program that uses brute force to search for the password.
    2. Cracking PDF documents: PDF files are a file format used to store documents; these files can be protected using a password. We will make a script that tries to crack this password.
    3. Brute-forcing SSH Servers: SSH is a secure shell protocol that generally connects to a remote server via a password. We will build a Python tool to read from a wordlist and try to connect using every password with that list.
    4. Brute-forcing FTP Servers: FTP is a file transfer protocol that generally transfers files to and from a remote server via a password. Similarly, we will make a Python tool to read from a wordlist and try to extract the password.
    5. Cracking Cryptographic Hashes: Hashes are used to securely store sensitive information such as passwords. They're designed to be one-way, meaning it's computationally impossible to reverse the process and obtain the original data from the hash. We'll explore Python's built-in hashlib library and build a hash cracker.
    6. Password Generator: At the end of the chapter, we make an advanced password generator that allows you to create strong passwords.
  4. Chapter 4: Forensic Investigations:
    1. Extracting PDF Metadata: You'll learn to extract metadata information from PDF documents using Python.
    2. Extracting Image Metadata: Building a tool that can extract EXIF image metadata such as the model of the device, exact date and time, and even GPS info on some devices.
    3. Extracting Video Metadata: Extracting track/music metadata and various other technical data from videos and audio.
    4. Extracting Passwords from Chrome: By making a script that extracts saved passwords on your Chrome browser in Windows, you'll also learn how to protect yourself from this.
    5. Extracting Cookies from Chrome: Write a program that extracts cookies from all visited websites on your Chrome browser in Windows.
    6. Hiding Data in Images: Using Steganography, you will learn to hide data inside images with the Least Significant bit technique using OpenCV in Python.
    7. Changing your MAC address: One major technique hackers use is changing their MAC address after an attack to hide their identity. We'll build one with Python.
    8. Extracting Saved Wi-Fi Passwords: A program that searches for saved Wi-Fi passwords in your machine, either on Windows or Unix-based systems.
  5. Chapter 5: Packet Manipulation with Scapy
    1. DHCP Listener: We build a Python script that looks for DNS request packets and prints them to the console. Since DHCP is enabled for most networks, you'll be able to capture any device's important information that was recently connected to your network.
    2. Network Scanner: A simple network scanner that uses ARP requests to discover connected devices in the same network.
    3. Wi-Fi Scanner: We'll build an airodump-ng clone that scans for nearby Wi-Fi's using Scapy.
    4. SYN Flooding Attack: One of the most common denial of service (DOS) attacks, we'll make a script that does that.
    5. Creating Fake Access Points: We'll build a script to send 802.11 beacon frames continuously to forge fake access points nearby.
    6. Forcing Devices to Disconnect: Like beacon frames, we make a Python code that can send 802.11 deauthentication frames in the air to kick devices from their connected network.
    7. ARP Spoofing Attack: You'll learn how to forge malicious ARP packets and send them into the network to be man-in-the-middle.
    8. Detecting ARP Spoofing Attacks: A Python script that can detect malicious ARP replies and warn the user when that happens.
    9. DNS Spoofing: After you're man-in-the-middle using ARP spoofing, you can modify the target machine's packets on the fly. This program will target DNS response packets and change the response domain name to a modified domain to forward the target users to malicious websites.
    10. Sniffing HTTP Packets: Another use case of being man-in-the-middle is that you can sniff many packets that include valuable information, such as HTTP data.
    11. Injecting Code into HTTP Packets: Rather than just viewing the packets, why not modify them and include malicious Javascript, HTML, or CSS code on the websites the user visits?
    12. Advanced Network Scanner: Finally, we build an advanced network scanner that is robust in most network settings; we bundle a bunch of scanners such as passive monitoring, ARP scanning, UDP scanning, and ICMP scanning. We even include the DHCP listener in it. Besides that, you'll be able to write more than 500 lines of Python code and learn a lot about Python classes, IP addresses, threading, and more.
  6. Chapter 6: Extracting Email Addresses from the Web
    1. Building a Simple Email Extractor: We start this chapter by making a simple script that looks for email addresses on a single web page.
    2. Building an Advanced Email Spider: In this one, we extend our simple email extractor with the following features:
      • Instead of extracting emails from a single page, we add a crawler that searches every link on that page and parses emails.
      • To prevent the program from crawling indefinitely, we add an integer parameter to stop crawling when the number of crawled links reaches this parameter.
      • We run multiple email extractors simultaneously using threads to take advantage of the Internet speed.
      • When the crawler produces links to be visited for extracting emails, other threads will consume these links and visit them to search for email addresses.

This EBook is for:

  • Python programmers who are interested in building tools in the cyber security field.
  • Python beginners who seek to expand their knowledge in Python and information security.
  • Cyber security enthusiasts who want to utilize the tools built in the EBook and apply their skills.

If you don't have experience with Python, I highly recommend you take an online course, a Python book, or even a quick YouTube playlist before buying the EBook, and you're good to go! You can check this page to see our recommended Python courses.

We'll constantly update the EBook; you'll have free access to future versions if you purchase now!

Still not convinced? To see it by yourself, click here to get a free chapter from the book.

We're confident that you'll find the information in this EBook to be valuable and useful. However, if for any reason you're not satisfied with your purchase, we offer a 15-day money-back guarantee. Simply contact us within 15 days of your purchase, and we'll fully refund your money. No questions asked.

Whether you're a beginner or an advanced Python programmer, this eBook will provide you with the knowledge and skills you need to excel in cybersecurity. Don't miss out on this opportunity to take your Python skills to the next level and become an expert in ethical hacking. Get your copy now and start building your own tools today!

Order My Copy










Table of Content:
Chapter 1: Information Gathering
    Extracting Domain Name Info
        Extracting Domain WHOIS Info
        DNS Enumeration
        Scanning for Subdomains
    Geolocating IP Addresses
    Port Scanning
        Simple Port Scanner
        Fast Port Scanner
        Port Scanning with Nmap
Chapter 2: Building Malware
    Making a Ransomware
        Deriving the Key from a Password
        File Encryption
        File Decryption
        Encrypting and Decrypting Folders
    Making a Keylogger
        Reporting to Text Files
        Reporting via Email
        Finishing the Keylogger
    Making a Reverse Shell
         Server Code
         Client Code
    Making an Advanced Reverse Shell
        Server Code
        Client Code
            Handling the Custom Commands
            Taking Screenshots
            Recording Audio
            Downloading and Uploading Files
            Extracting System and Hardware Information
Chapter 3: Building Password Crackers
    Cracking ZIP Files
    Cracking PDF Files
        Brute-force PDFs using Pikepdf
        Brute-force PDFs using PyMuPDF
        Cracking PDFs using John the Ripper
    Bruteforcing SSH Servers
    Bruteforcing FTP Servers
    Cryptographic Hashes
        Exploring the hashlib Module
        Benchmarking Hash Functions
        Cracking Hashes
    Making a Password Generator
Chapter 4: Forensic Investigations
    Extracting Metadata from Files
        Extracting PDF Metadata
        Extracting Image Metadata
        Extracting Video Metadata
    Extracting Passwords from Chrome
        Protecting Ourselves
    Extracting Cookies from Chrome
    Hiding Data in Images
        What is Steganography?
        What is the Least Significant Bit?
        Encoding the Data into the Image
        Decoding the Data from the Image
    Changing your MAC Address
    Extracting Saved Wi-Fi Passwords
Chapter 5: Packet Manipulation with Scapy
    Installing Scapy
    DHCP Listener
        Looking for DHCP Packets
    Network Scanner
    Wi-Fi Scanner
        Making the Callback Function
        Changing Channels
        Running the Code
    Making a SYN Flooding Attack
        Forging the Packet
        Running the Code
    Creating Fake Access Points
        Enabling Monitor Mode
        Simple Recipe
        Forging Multiple Fake Access Points
        Running the Code
    Forcing Devices to Disconnect from the Network
        Enabling Monitor Mode
        Writing the Code
        Running the Code
    ARP Spoofing Attack
        What is ARP Spoofing
        Getting Started with the Python Script
        Enable IP Forwarding
        Implementing the Attack
        Running the Code
    Detecting ARP Spoofing Attacks
    DNS Spoofing
        What is DNS
        What is DNS Spoofing
        Writing the Script
        Running the Code
    Sniffing HTTP Packets
        Getting Started
        Packet Sniffing
        Running the Code
    Injecting Code into HTTP Responses
        Getting Started
        Modifying the Packet
        Running the Code
    Advanced Network Scanner
        Implementing the Scanning Functions
        Writing Utility Functions
        Creating the Scanner Classes
        Writing the Main Code
        Running the Program
        Final Words & Tips for Extending the Program
Chapter 6: Extracting Email Addresses from the Web
    Building a Simple Email Extractor
    Building an Advanced Email Spider

   Last Updated: apr 2024