Python Web Penetration Testing Cookbook, 2015 by Cameron Buchanan, Terry Ip, Andrew Mabbitt, Benjamin May, Dave Mound
Over 60 indispensable Python recipes to ensure you always have the right code on hand for web application testing About This Book Get useful guidance on writing Python scripts and using libraries to put websites and web apps through their paces Find the script you need to deal with any stage of the web testing process Develop your Python knowledge to get ahead of the game for web testing and expand your skillset to other testing areas Who This Book Is For This book is for testers looking for quick access to powerful, modern tools and customizable scripts to kick-start the creation of their own Python web penetration testing toolbox. What You Will Learn Enumerate users on web apps through Python Develop complicated header-based attacks through Python Deliver multiple XSS strings and check their execution success Handle outputs from multiple tools and create attractive reports Create PHP pages that test scripts and tools Identify parameters and URLs vulnerable to Directory Traversal Replicate existing tool functionality in Python Create basic dial-back Python scripts using reverse shells and basic Python PoC malware In Detail This book gives you an arsenal of Python scripts perfect to use or to customize your needs for each stage of the testing process. Each chapter takes you step by step through the methods of designing and modifying scripts to attack web apps. You will learn how to collect both open and hidden information from websites to further your attacks, identify vulnerabilities, perform SQL Injections, exploit cookies, and enumerate poorly configured systems. You will also discover how to crack encryption, create payloads to mimic malware, and create tools to output your findings into presentable formats for reporting to your employers.