Ethical hacking with Python tools - TIB AV-Portal

Ethical hacking with Python tools

00:00

55

Ortega, Jose Manuel

Formal Metadata

Title

Ethical hacking with Python tools

Title of Series

EuroPython 2016

Part Number

93

Number of Parts

169

Author

Ortega, Jose Manuel

License

CC Attribution - NonCommercial - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this

Identifiers

10.5446/21165 (DOI)

Publisher

Release Date

Language

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

Jose Manuel Ortega - Ethical hacking with Python tools Python, as well as offering an ecosystem of tools for testing security and application pentesting.Python offers a tool ecosystem for developing our own tools security for testing applications and the servers security,identifying information about servers and potential vulnerabilities. The ultimate objective is show a pentesting tool integrating some of the modules commented and try a demo showing info about our domain target and find vulnerabilities in it, ----- Nowdays, Python is the language more used for developing tools within the field of security. Many of the tools can be found today as port scanner, vulnerability analysis, brute force attacks and hacking of passwords are written in python. The goal of the talk would show the tools available within the Python API and third-party modules for developing our own pentesting and security tools and finally show a pentesting tool integrating some of the modules. The main topics of the talk could include: **1.Enter Python language as platform for developing security tools** Introduction about the main libraries we can use for introducing in development of security tools such as socket and requests. **2.Libraries for obtain servers information such as Shodan, pygeocoder,pythonwhois** Shodan is a search engine that lets you find specific computers (routers, servers, etc.) and get information about ports and services that are opened. **3.Analysis and metadata extraction in Python for images and documents** Show tools for scraping web data and obtain metadata information in documents and images **4.Port scanning with tools like python-nmap** With python-nmap module we can check ports open for a target ip or domain. **5.Check vulnerabilities in FTP and SSH servers** With libraries like ftplib and paramiko we can check if the server is vulnerable to ftp and ssh anonymous connections.

Speech

Text

Image

00:00

Green's functionDew pointSoftware testingMathematical analysisMultiplicationComputing platformPrototypeProof theoryInformation securityInterior (topology)Communications protocolOnline helpEmailSpecial unitary groupSummierbarkeitInformationMedical imagingSoftware testingInformation securityGoodness of fitForcing (mathematics)Presentation of a groupModule (mathematics)InternetworkingCartesian coordinate systemRapid PrototypingMetadataServer (computing)InjektivitätWeb applicationSocial engineering (security)Latent heatVulnerability (computing)Process (computing)Level (video gaming)Theory of relativityPoint (geometry)Proof theoryDatabaseHacker (term)FamilyStructural loadTraffic reportingSummierbarkeitDomain nameDomain namePlanningArithmetic meanWeb pageVideo gameInclusion mapCorrespondence (mathematics)Model theoryComputer animation

03:04

Computer wormMetropolitan area networkUniform resource locatorComputer networkOpen setLetterpress printingStreaming mediaWeb applicationModule (mathematics)Port scannerDomain-specific languageServer (computing)Uniform resource locatorSoftwareProof theorySocket-SchnittstelleWeb 2.0Vulnerability (computing)SequenceInformation securityEmailInformationLatent heatModel theoryOpen setTraffic reportingFeasibility studyRule of inferenceSoftware testingForm (programming)Water vaporVideo gameDistortion (mathematics)Operator (mathematics)

05:13

Letterpress printingInfinityNetwork socketError messageEmailServer (computing)Online helpMessage passingTime domainPermanentServer (computing)InformationNumberLoop (music)Revision controlSocket-SchnittstelleDomain nameDifferent (Kate Ryan album)Subject indexingIP addressParameter (computer programming)Web 2.0Closed setScripting languageComputer programmingCASE <Informatik>Form (programming)Fitness functionRight angleData miningModel theoryGroup actionSet (mathematics)Physical systemComputer animation

06:56

Letterpress printingLemma (mathematics)Dependent and independent variablesEmailProxy serverConnected spaceModule (mathematics)Web 2.0EmailInformation securityDependent and independent variablesSoftware developerInformationProxy serverSubject indexingSoftware testingSymbol tableCategory of beingSet (mathematics)Video gameQuicksortRoutingSource codeJSON

08:32

Dependent and independent variablesLink (knot theory)Line (geometry)Order (biology)Link (knot theory)Domain nameParsingLatent heatWeb pageComputer programmingServer (computing)Information securityWeb 2.0InformationSet (mathematics)CASE <Informatik>Cellular automatonForestWater vaporComputer animation

10:37

Exception handlingLetterpress printingDependent and independent variablesComputer-generated imageryExt functorWorld Wide Web ConsortiumArmSign (mathematics)MathematicsSoftware developerDigital filterBuildingSearch engine (computing)Ring (mathematics)Key (cryptography)3 (number)Execution unitLocal GroupMaizeMedical imagingParsingSparse matrixParsingElement (mathematics)ExpressionPhysical systemInformationUniform resource locatorServer (computing)System callWeb 2.0Software developerProbability density functionEvent-driven programmingProgramming paradigmInternetworkingAsynchronous Transfer ModeOperator (mathematics)Web crawlerKey (cryptography)Set (mathematics)Formal languageVery-high-bit-rate digital subscriber lineTraffic reportingSpacetimeAreaCASE <Informatik>Process (computing)Boss CorporationMereologyDomain nameOpen setTheoryForestArmInequality (mathematics)WebsiteLecture/ConferenceMeeting/Interview

13:44

MereologySummierbarkeitComputer fileExt functorLetterpress printingComputer-generated imageryAsynchronous Transfer ModeAmsterdam Ordnance DatumSynchronizationInformationServer (computing)Boss CorporationDemosceneSpacetimeMathematical optimizationSystem callModel theoryMereologyForestWebsiteLevel (video gaming)Parameter (computer programming)Form (programming)Software frameworkObservational studyWeb 2.0Object (grammar)Matching (graph theory)MassPosition operatorVector spaceWordPort scannerComputer fileMetadataMedical imagingAddress spaceImage resolutionElectronic mailing listComputer animation

17:44

Social classAmsterdam Ordnance DatumLetterpress printingState of matterMountain passOperating systemSocial classLevel (video gaming)Port scannerInformationWhiteboardTraffic reportingMultiplication signFile formatMixed realityPhysical systemSource code

18:32

SynchronizationSummierbarkeitServer (computing)Level (video gaming)Type theoryPort scannerSampling (statistics)Latent heatStreaming mediaFile Transfer ProtocolParameter (computer programming)Revision controlVulnerability (computing)Scripting languageModel theoryFunctional (mathematics)System callProcess (computing)Default (computer science)Feasibility studyPartial derivativeArithmetic meanAreaWater vaporForcing (mathematics)Mathematical analysisCASE <Informatik>

21:01

MathematicsPhysical lawInformationAddress spaceTrigonometric functionsUniform resource nameCASE <Informatik>Level (video gaming)CoroutineServer (computing)Scripting languageAmsterdam Ordnance DatumSet (mathematics)CoroutineMetropolitan area networkAreaCASE <Informatik>Observational studyView (database)40 (number)Default (computer science)Level (video gaming)Scripting languageVulnerability (computing)MassLatent heatServer (computing)Computer animation

22:03

Curve fittingSpecial unitary groupException handlingFile Transfer ProtocolLetterpress printingInstallation artDisassemblerFile formatFilm editingGroup actionSet (mathematics)Multiplication signMereologyWebsiteUniform resource locatorClique-widthModel theoryRule of inferencePhase transitionLoginInternet service providerScripting languageDatabasePredictabilityInformationServer (computing)PasswordElectronic mailing listModule (mathematics)AuthenticationVirtual machine

24:17

Time domainDependent and independent variablesLoginCodeVulnerability (computing)Server (computing)Web 2.0Uniform resource locatorSoftware testingType theoryDomain nameLatent heatModule (mathematics)Computer wormOpen setPredictabilityNetwork socketDefault (computer science)Vulnerability (computing)Observational studyMultiplication signWeb pageSpacetimeCategory of beingSpeciesModel theoryWebsiteEvent horizonWordBeta functionOrder (biology)Similarity (geometry)Form (programming)Workstation <Musikinstrument>

27:24

Vulnerability (computing)Port scannerServer (computing)Structural loadFreewarePasswordExploit (computer security)Amsterdam Ordnance DatumSystem callFile formatWritingLetterpress printingComputer programLoginClient (computing)Software testingServer (computing)InformationVulnerability (computing)Information securityLatent heatVirtual machineFunctional (mathematics)WebsiteTraffic reportingModule (mathematics)System callFile formatLoginEvent horizonForm (programming)DemosceneCASE <Informatik>Table (information)MassProteinWater vaporPulse (signal processing)Heegaard splittingDifferent (Kate Ryan album)Model theoryComputer animation

30:34

Sign (mathematics)QuicksortInformationGroup actionNetwork socketTime domainOpen setRepeating decimalServer (computing)CAN busMIDIDefault (computer science)File Transfer ProtocolPeg solitaireMereologyAbsolute valueEmailArmWebsitePerturbation theoryParameter (computer programming)Disk read-and-write head10 (number)System on a chipPort scannerJava appletNetwork operating systemCore dumpUniform resource nameDomain-specific languageIcosahedronPhysical lawLarge eddy simulationMaxima and minimaWide area networkSummierbarkeitInflection pointLie groupAverageInclusion mapArc (geometry)Twin primeConvex hullNetwork topologyPointer (computer programming)ForceCloud computingMetropolitan area networkSpecial unitary groupBit error rateDressing (medical)Computer-generated imageryFluid staticsSynchronizationTensorVoltmeterInferenceInfinityProbability density functionAddressing modeRule of inferenceInterior (topology)Drum memoryComputer wormAmsterdam Ordnance DatumSoftware testingExecution unitEmulationChi-squared distributionModule (mathematics)Process (computing)Vulnerability (computing)LoginRevision controlElectronic mailing listIP addressConnected spacePatch (Unix)Server (computing)Information securityDirectory serviceInformationOrder (biology)File Transfer ProtocolWeb pageEmailClient (computing)WebsiteDistribution (mathematics)Software testingOpen setDomain-specific languageMetadataUniform resource locatorComputer configurationScripting languageLibrary (computing)Multiplication signBuffer overflowDomain nameVirtual machineProjective planeRepository (publishing)Functional (mathematics)Medical imagingCASE <Informatik>Quantum stateWhiteboardNatural numberRule of inferenceCategory of beingStapeldateiOffice suitePhase transitionSocial classInequality (mathematics)File formatDimensional analysisSelectivity (electronic)Set (mathematics)Event horizonTheoryPresentation of a groupStability theoryForm (programming)Basis <Mathematik>DivisorLatent heatAugmented realityTraffic reportingBefehlsprozessorSource codeJSON

Transcript: English(auto-generated)