Shulou(Shulou.com)06/02 Report--

Why hackers use python, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

First, let's take a look at what Python is. Python is a high-level scripting language that combines interpretation, compilation, interactivity and object-oriented. The point is, Python is a very friendly language for beginners, from application development to word processing, web and even games can provide support, many people will also use Python as a hacker attack language.

Why was Python chosen as the hacker language?

1. Support powerful hacker attack module. As mentioned earlier, one of the advantages of Python is that it has a rich variety of libraries. Python provides a variety of libraries to support hacker attacks, such as pydbg, scapy, sqlmap, httplib, etc. At present, these libraries are widely used in a variety of hacker attacks.

two。 Can access a variety of API. Python provides ctypes libraries, with which hackers can access DLL and shared libraries provided by Windows, OS X, Linux, Solaris, FreeBSD, OpenBSD and other systems.

3. A large number of hacker attack tools provide Python API. The most representative hacker attack workers are sqlmap, Nmap, Metasploit and so on, all of which provide Python extension interface. Hackers can use Python to make these tools more powerful.

4. Easy to learn, easy to use. The Python language is easy to learn and use, which is a huge advantage for hacker attacks. Generally speaking, to be a hacker, you must master three or four programming languages. The Python language is easy to learn and use and has a variety of powerful features, which makes it the best choice for hackers to attack languages.

Advantages of Python language

At present, Python is widely used in various fields. Thus, as a programming development language, Python has many advantages, its syntax is easy to learn and supports a variety of libraries, the same code can be run on multiple platforms.

■ is easy to learn and easy to use. When you learn a new programming language, you often encounter all kinds of problems. In order to solve these problems, Python language has made a lot of efforts. For example, there is no need to declare variable types in Python, but to do so dynamically at run time. In addition, there is no need for the user to manage the memory, which is performed automatically by the interpreter. ■ is powerful Python is an open source language, developers around the world have been spontaneously improving Python, continue to develop and create a variety of powerful libraries. What can be done with dozens of lines of code in other languages can be done with only a few simple lines of code in Python. ■ has good scalability. Windows, UNIX, Mac, and Android operating systems can all use Python, as long as the corresponding interpreter is installed in the target operating system. Python has built-in a variety of programming interfaces, with which you can use API developed in other languages in Python to expand the function indefinitely. ■ development speed Python syntax is simple, and has a large number of powerful libraries, compared with other programming languages, using Python can develop applications more quickly. In an industry with fierce competition and strict requirements for development speed, it is necessary to use Python for development. In the initial training of programming language, Python language is often widely used. Because Python is easy to learn and has a variety of functions. There are a large number of communities on the Internet about learning Python, from which you can download a variety of modules with rich features.

Advantages of Python hacker attack

Three aspects of knowledge are required to engage in hacker attacks:

The first is background knowledge, which requires understanding the principles of language structure, operating system, network, computer architecture, etc.; second, you must be proficient in using various hacker attack tools, and finding system vulnerabilities and implementing attacks is a repetitive task. Flexible use of various hacker attack tools can automate this work and show complex system structures in a graphical way that is easy for people to understand. Third, we must master a certain programming language, no matter how powerful the hacker attack tool is, when carrying out a difficult hacker attack, we must write the tool suitable for our own use, and we need to master the programming language at this time.

The Python language, for example, has the following advantages:

Support powerful hacker attack module. As mentioned earlier, one of the advantages of Python is that it has a rich variety of libraries. Python provides a variety of libraries to support hacker attacks, such as pydbg, scapy, sqlmap, httplib, etc. At present, these libraries are widely used in a variety of hacker attacks. Can access a variety of API. Python provides ctypes libraries, with which hackers can access DLL and shared libraries provided by Windows, OS X, Linux, Solaris, FreeBSD, OpenBSD and other systems. A large number of hacker attack tools provide Python API. The most representative hacker attack workers are sqlmap, Nmap, Metasploit and so on, all of which provide Python extension interface. Hackers can use Python to make these tools more powerful. Easy to learn, easy to use. The Python language is easy to learn and use, which is a huge advantage for hacker attacks. Generally speaking, to be a hacker, you must master three or four programming languages. Among them, C language and assembly language are the most representative, which play a core role in analyzing the behavior of systems and programs. In addition, hackers need to master another programming language to write hacker attack tools that meet their needs. The Python language is easy to learn and use and has a variety of powerful features, which makes it the best choice for hackers to attack languages. As a hacker attack language, Python has many advantages. Beginners can choose Python one step ahead of others.

Purpose of Python hacker attack

Python provides a rich variety of modules, which can be directly used in almost all areas of hacker attacks. For areas not provided by the hacker attack module, you can use ctypes to call the native API provided by the operating system. In short, Python can be used to attack almost all areas, such as applications, Web, networks, systems and so on. The following describes the Python hacker attack techniques in each field.

Application hacker attack: you can insert arbitrary DLL or source code into a running application and intercept the user's keyboard input to steal the password. In addition, the hacker attack code can be inserted into the picture file to spread on the network.

Web hacker attacks: you can create web crawlers, collect links contained in Web pages, implement SQL injection, and inject error codes into parts that process user input. Using Python, you can achieve a simple web browser function by manipulating HTTP packages to upload files needed for Web shell attacks. Network hacker attacks: you can implement network footprint, search the open ports of the system, collect and analyze data packets on the network, and carry out network sniffing. Disguise the server address, carry out IP spoofing attack, and illegally steal sensitive information. Can also send a large number of data packets, the implementation of denial of service attacks, so that the server paralyzed, unable to provide services normally.

System hacker attacks: hackers can write backdoor programs to control the user PC and develop functions for searching and modifying the PC registry. You can also take advantage of application errors to carry out attacks through buffer overflows or format strings.

So, is Python difficult to learn?

If you have no foundation, even English and math are not satisfactory, then self-study this road will be very difficult for you. After all, if you don't know anything, you will gradually lose interest in learning because of your strong sense of frustration. If you know some basic knowledge, English and logic are also OK, then it is not difficult! It's not that hard. Compared with other programming languages, this is simply the degree of "baby learning to walk". You just need to do the following steps.

1, a number of books related to Python; 2, understand the basic data types of Python; 3, familiar with various types of operation methods; 4, understand the concept of functions and classes. 5. Practice and then practice. After all, only practice can bear fruit.

How long does it take to learn Python?

As soon as 3-4 months, the slowest year, you can fluently use this programming language to do the project you want to do.

How long does it take to master Python?

Any knowledge is a basic introduction is relatively fast, to achieve proficiency in the program takes time, this is a gradually intense process. If you want to be comfortable with a language, you need not only to understand it, but also to accumulate experience through a lot of time and problems. Not only look at other people's source code, but also share the source code of the funds. Constantly start to write code, keep to practice, constantly modify, constantly sum up experience, and finally practice makes perfect, to achieve mastery. If one day, when you encounter a problem, you can come up with multiple solutions and quickly and accurately choose the most efficient one, it will prove that you are already proficient in the language.

Having said so much, how can Python learn?

There are a lot of video tutorials on the Internet, and then buy two books on the basics of python3.

123essential Python tools for hackers

In this paper, 123 Python penetration testing tools are listed, of course not only for penetration.

If you want to participate in vulnerability research, reverse engineering, and penetration, I suggest you use Python. Python already has a lot of well-developed libraries available, and I'll list them here. Most of the tools in this list are written in Python, and some are Python bindings to existing C libraries, which can be easily used in Python. Some powerful tools (pentest frameworks, bluetooth smashers, web application vulnerability scanners, war-dialers, etc.) are excluded because some of them are a little controversial in German law-even if the Supreme Court once found them. The main purpose of this list is to help white hat hackers, so I'm still a bit of a pussy.

Network

Scapy, Scapy3k: send, sniff and parse and forge network packets, can be used as interactive applications or simply as libraries to use pypcap, Pcapy and pylibpcap: several different libpcap bundled Python libraries libdnet: low-level network routers, can be used for interface lookup and Ethernet frame forwarding dpkt: fast, lightweight packet creation and parsing tools for basic TCP/IP protocol Impacket: detect and decode network packets Support for higher-level protocols such as NMB and SMBpynids:libnids encapsulation to provide sniffing, IP defragmentation, TCP stream reassembly and port scan detection Dirtbags py-pcap: read pcap files without libpcap flowgrep: find PayloadsKnock Subdomain Scan in packets through regular expressions: enumerate subdomains on target domains through dictionaries SubBrute: fast subdomain enumeration tool Mallory: scalable TCP / UDP intermediary proxy Support for immediate modification of non-standard protocol Pytbull: flexible IDS / IPS testing framework (with more than 300 test cases) Spoodle: large quantum domain name + Poodle vulnerability scanner SMBMap: enumerate Samba shared drives in the domain

Debugging and reverse engineering

Paimei: reverse engineering framework, including PyDBG, PIDA, pGRAPHImmunity Debugger: scriptable GUI and extensions in command line debugging tool mona.py:Immunity Debugger to replace plug-ins in pvefindaddrIDAPython:DA pro, integrate Python programming language, allow scripts to execute PyEMU in IDA Pro: Intel 32-bit emulator with full script implementation Pefile for malware analysis: Python interface for reading and processing PE files pydasm:ibdasm x86 disassembly library PyDbgEng:Python encapsulated Microsoft Windows operating system debugging engine uhooker: API intercepts DLL or executable files at any address in memory calls the disassembly library under the diStorm:AMD64 platform, licenses Frida through BSD: a dynamic tool framework Script can be injected into the running process into the application ptrace debugger (Linux,BSD and Darwin system call tracking process) vdb / vtrace:vtrace is a Python implementation of cross-platform process debugging API,vdb is an application of the API debugger Androguard: Android application reverse analysis tool Capstone: a lightweight multi-platform multi-architecture support disassembly framework. Support includes ARM,ARM64,MIPS and x86/x64 platform Keystone: a lightweight multi-platform and multi-architecture supported assembly framework PyBFD:GNU binary file description (BFD) library Python interface CHIPSEC: analysis hardware, system firmware (BIOS / UEFI) and platform components such as PC platform security framework.

Fuzzy test

Afl-python: American fuzzy lopSulley for pure Python code: a framework for fuzzier development and fuzzy testing Peach Fuzzing Platform consisting of multiple extensible components: extended fuzzy testing framework (v2 version is written in Python) antiparser: fuzzy testing and fault injection APITAOF: (The Art of Fuzzing, art of fuzziness) contains ProxyFuzz, a man-in-the-middle network fuzzy testing tool untidy: for XML fuzzy testing tool Powerfuzzer: highly automated and fully customizable Web fuzzy testing tool SMUDGEMistress: based on preset patterns Protocol Fuzzbox in detecting real-time file formats and malformed data: fuzzy testing Forensic Fuzzing Tools for media multi-encoders: by generating files for fuzzy testing, file systems, and file systems containing fuzzy test files To test the robustness of forensics tools Windows IPC Fuzzing Tools: a tool for fuzzy testing using Windows interprocess communication mechanism WSBang: automated testing of SOAP security based on Web services Construct: a library for parsing and building data formats (binary or text) fuzzer.py (feliam): simple fuzzy testing tool Fusil written by Felipe Andres Manzano: Python library for writing fuzzy test programs

Web

Requests: elegant, simple, user-friendly HTTP library lxml: easy to use XML, HTML processing library, similar to RequestsHTTPie: humanized similar to the cURL command line HTTP client ProxMon: handle agent logs and reports found problems WSMap: find Web server and find files Twill: browse the web from the command line interface. Support for automated network testing Ghost.py:Python write WebKit Web client Windmill:Web test tools to help you easily achieve automatic debugging Web application FunkLoad:Web function and load test spynner:Python written Web browsing module supports Javascript/AJAXpython-spidermonkey: is the Mozilla JS engine in the Python port, allows calls to Javascript scripts and functions mitmproxy: support SSL HTTP agent. Network traffic pathod / pathoc can be checked and edited in real time in the console interface: morbid daemon / client, used to torture HTTP client and server spidy: simple command line web crawler with page download and word scraping function

Forensics

Volatility: extracting data from RAM LibForensics: memory analysis framework developed by Rekall:Google: digital Forensics Application Library TrIDLib:Python to identify file types from binary signatures aft: Android Forensics toolset malware analysis

Malware analysis

Pyew: command line hexadecimal editor and disassembly tool, mainly used to analyze malware Exefilter: filter specific file formats in E-mail, web pages, and files. Can detect many common file formats, can also remove the document content pyClamAV: increase the virus detection capabilities of your Python software jsunpack-n: general JavaScript interpreter, by imitating browser functions to detect vulnerabilities for target browsers and browser plug-ins to exploit yara-python: identify and classify malware samples phoneyc: honeypot implemented by pure Python CapTipper: analyze, study, and replay HTTP malicious traffic in PCAP files

PDF

Peepdf:Python prepared PDF file analysis tool, can help detect malicious PDF files Didier Stevens' PDF tools: analyze, identify and create PDF files (including PDFiD,pdf-parser,make-pdf and mPDF) Opaf: open PDF analysis framework, you can convert PDF into XML trees to analyze and modify the Origapy:Ruby tool Origami's Python interface, used to review PDF files pyPDF2:Python PDF toolkit contains: information extraction, split, merge, production, encryption and decryption, etc. PDFMiner: extract text from PDF files Poppler PDF library written by python-poppler-qt4:Python, support Qt4

Miscellaneous

InlineEgg: Exomind, a toolkit with a range of small functions written in Python: a tool designed to provide targeted attacks through social networks. (the original text is: the framework (framework for building decorated graphs and developing open-source intelligence modules and ideas, centered on social network services, search engines and instant messaging) for creating decorative graphics and open source intelligent modules centered around social networking services, search engines and instant messages feels that direct translation of the original text is not good enough, so I went to the official website and found that the official website described it simply and rudely: RevHosts: enumerate the virtual hostssimplejson:JSON encoders and decoders contained in the specified IP address. For example, using Google' S AJAX APIPyMangle: command line tool and a library for creating dictionaries for penetration testing Hachoir: view and edit binary streams py-mangle: repeats wmiexec.py: execute Powershell commands quickly and easily through WMI Pentestly:Python and Powershell Internal Penetration testing Framework hacklib: hacker enthusiasts' toolkit: word cracking, password guessing, reverse shell and other simple tools or tools IPython: enhanced interactive Python shell with many features For object introspection, system shell access and its own special command system Beautiful Soup: optimized version of HTML parser for crawling matplotlib: making 2D graphics Mayavi: visualization and drawing of 3D scientific data RTGraph4D: creating dynamic diagrams in 3D Twisted: event-driven network engine Suds: lightweight SOAP client for web services M2Crypto: the most complete OpenSSL packaging NetworkX: image libraries (edges, nodes) Pandas: provide high performance Library pyparsing for easy-to-use data structures and data analysis tools: the most functional and suitable library for dealing with XML and HTML in the general parsing module lxml:Python: fast, featured full-text indexing and search library Pexpect with Python: control and automation of other programs, similar to Don Libes`Expect` system Sikuli: visualization technology for searching and automating GUI using screen screenshots The Qt application framework and GUI libraries bundled with PyQt and PySide:ython can be run in Jython

Books

Violent Python author: TJ O'Connor. A cookbookGrey Hat Python author for hackers, forensic analysts, penetration testers, and security engineers: Justin Seitz. Python programming book for hackers and reverse engineering Black Hat Python author: Justin Seitz. Python programming book for hacking and penetration testing by Python Penetration Testing Essentials: Mohit. Use the characteristics of Python to achieve the best penetration effect Python for Secret Agents author: Steven F. Lott. Use Python to analyze, encrypt and discover intelligent data Python Web Penetration Testing Cookbook author: Cameron Buchanan, etc. More than 60 Python use cases for Web application testing by Learning Penetration Testing with Python author: Christopher Duffy. Use Python scripts to perform effective and efficient penetration tests Python Forensics author: Chet Hosmer. Workbench for inventing and sharing digital forensics technology The Beginner's Guide to IDAPython author: Alexander Hanel lectures, slides and articles Python & Reverse Engineering Software author: Alexander HanelPython Arsenal for Reverse Engineering author: Dmitriy Evdokimov 2016 RUCTF

More

SecurityTube Python Scripting Expert (SPSE) is an Vivek Ramachandran certified online classroom SANS offers courses SEC573: Python for Penetration Testers.Python Arsenal for Reverse Engineering is a collection of reverse engineering tools an article from SANS on Python libraries available for forensic analysis (PDF) to find more Python libraries, check out PyPI's Python package index

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.