Oreilly - Basic and Low-level Python Network Attacks
by Sam Bowne | Released August 2017 | ISBN: 9781788399432
Explore the world of Basic and Low-Level Network Attacks with Python About This VideoCreate basic and low-level network attacks with Python quickly and easilyUse the Scapy library to make networking tools, including clients and servers Write your own Custom Tools to break into vulnerable websitesThe ultimate guide that teaches you how to use Python to protect your systems against sophisticated cyber attacks and Make defenses that distract and confuse attackers, or that detect suspicious network activityIn DetailA penetration tester who only knows how to use tools written by others is limited to old techniques. Knowledge of a programming language will make you much more powerful. Python is the favorite choice for penetration testers because it combines simplicity and ease of use with advanced features.This course will commence by showing you how to get the Target and Attacker virtual machines running and properly networked together. You will learn how to connect to a server, and how to automate login requests. This will let you break into services by guessing PINs, and exploit blind vulnerabilities by observing time delays. You will also get your hands dirty and learn how to write custom scanning tools, so that you can send unusual patterns of packets to find and exploit hidden services. Next, you will learn how Web pages are delivered, and how to write your own tools to break into vulnerable websites. Some "blind" services don't return any useful information to guide attackers, but can still be exploited by measuring the time they take to respond. You will also be walked through an in depth understanding of the exact series of network packets required to connect to servers, you can perform many attacks that block traffic or misdirect it through the attacker's system. Using the Scapy library, you can then quickly make network tools, including clients and servers. This is the best way to learn exactly how networking works. Now that you understand normal networking, you can perform attacks that trick networks into sending data to the wrong destination, or refusing service to clients. Towards the end of the course, you will also learn to use these tools to make defenses that distract and confuse attackers, or that detect suspicious network activity. Show and hide more
- Chapter 1 : Port Scanning
- The Course Overview 00:03:13
- Installation and Setup 00:07:23
- Port Scanning 00:10:27
- Challenge: Find a Hidden Service 00:02:49
- Challenge: Port Knocking 00:05:14
- Chapter 2 : HTTP Methods
- Using the HEAD Method 00:07:01
- Logging in with POST 00:08:45
- Challenge: Brute-Force a Short PIN 00:07:52
- Challenge: Brute-Force PIN of Unknown Length 00:04:49
- Chapter 3 : TCP and UDP
- Introduction to Scapy 00:07:47
- Sending UDP Packets 00:04:49
- Performing a TCP Handshake 00:07:02
- Fetching a Web Page 00:07:08
- Challenge 1: Send TCP Data 00:01:28
- Challenge 2: Firewalk 00:04:10
- Chapter 4 : Network Attacks
- ARP Poisoning 00:06:04
- IPv6 Router Advertisements 00:02:49
- SYN Flood 00:03:20
- Slowloris Attack 00:04:29
- Challenge 1: SMBloris 00:04:57
- Challenge 2: Land Attack 00:03:33
- Chapter 5 : Network Defenses
- The Yesman Honeypot 00:04:47
- Detecting Promiscuous NICs 00:05:14
- ARP Poisoning Detection 00:06:44
- DNS Monitoring 00:04:56
- Challenge 1: RA Detection 00:01:54
- Challenge 2: Land Attack Detection 00:03:42
Show and hide more