Python scripting, installing third-party libraries, threading, process execution, exception
handling, and penetration testing.
Chapter 2, Analyzing Network Traffic with Scapy, introduces a packet-manipulation tool,
Scapy, which allows users to sniff, create, send, and slice packets for analysis. The chapter
provides insight into investigating network traffic using Scapy, parsing DNS traffic, packet
sniffing, packet injection, and passive OS fingerprinting. This empowers you to create and
send custom packets over the network and analyze the raw output received for various
Chapter 3, Application Fingerprinting with Python, discusses the basics of fingerprinting
web applications using Python. You will master the techniques of web scraping, e-mail
gathering, OS fingerprinting, application fingerprinting, and information gathering using
Chapter 4, Attack Scripting with Python, addresses this issue of attacks with Python scripts
needing to be addressed for efficient penetration testing by detailing the techniques of
attacks and OWASP top vulnerabilities. You will learn to write scripts to exploit the same.
Chapter 5, Fuzzing and Brute-Forcing, tells you how fuzzing and brute-forcing still remain
the top attacks tackled by testers. This chapter summarizes fuzzing and brute-forcing
passwords, directories, and file locations; brute-force cracking ZIP files; HTML form
authentication; and the Sulley fuzzing framework. This enables the user to extend the
fuzzing tools for pentesting requirements with Python.
Chapter 6, Debugging and Reverse Engineering, describes the debugging and reverse-
engineering techniques that should be mastered by a pentester. The debugging techniques
are presented using Capstone and PyDBG.
Chapter 7, Crypto, Hash, and Conversion Functions, summarizes the Python Cryptography
ToolKit, which helps you write scripts to find different types of password hashes.
Chapter 8, Keylogging and Screen Grabbing, discusses the basics of keylogging and screen-
grabbing techniques. The techniques are presented with PyHook, which helps log keyboard
events and take screenshots using Python.
Chapter 9, Attack Automation, gives a detailed description of attack automation by
covering SSH brute forcing, SFTP automations with paramiko, Nmap automation, W3af
automation, Metasploit integration, and antivirus and IDS evasion.
Chapter 10, Looking Forward, gives an insight into some of the tools written in Python that
can be incorporated in pentesting. You can use these tools to improve your skill set in