Penetration Testing with Python

[Mandm723]

I am attempting to learn how to use Python for penetration testing? Where can I learn this?

 

Edit: Thanks for all the answers guys! I was pretty vague with my question so let me try to narrow it down. I want to learn how to use python to create pen-testing programs, as vorticalbox said, I don't want to be a "script kiddie" I want to be able to use my python skills to try to make some pen-testing skills. I am not trying to start a company or anything, just want to have some fun and have a hobby.

 

Thanks!

Edited April 25, 2017 by Mandm723

[SSL]

Pretty vague question, so I'll give a vague answer. The Internet. Just don't get mixed up and do penetration testing with pythons.

[Electronics Wizardy]

3 minutes ago, SSL said:

Pretty vague question, so I'll give a vague answer. The Internet. Just don't get mixed up and do penetration testing with pythons.

and if you want to do pen testing with pythons, id higly suggest sharpening your knife first, and only working on dead ones.

/s

 

OP. What are you trying to do? Do you have a goal, or just want to learn?

[YedZed]

Penetration testing... Heheh 

[rizenfrmtheashes]

I know some ex-Palantir App-Sec folks that may know more about pen testing.  not sure explicitly with python, but I'll ask. 

[vorticalbox]

4 hours ago, Mandm723 said:

I am attempting to learn how to use Python for penetration testing? Where can I learn this?

 

Thanks!

sqlmap for sqlinjection but I highly suggest you take some training course rather than being a script kiddie. 

[Saurfang]

8 hours ago, vorticalbox said:

sqlmap for sqlinjection but I highly suggest you take some training course rather than being a script kiddie. 

That term is so silly. Yes, it's dumb to try to use preexisting tools to hack into something with no knowledge of what's going on, but hell, I've got four years of programming experience and you know what I do when I'm pentesting for SQL injection? I use Havij. Why? Because its so much faster than writing out SQL commands by hand. 

 

 

[2FA]

52 minutes ago, Saurfang said:

That term is so silly. Yes, it's dumb to try to use preexisting tools to hack into something with no knowledge of what's going on, but hell, I've got four years of programming experience and you know what I do when I'm pentesting for SQL injection? I use Havij. Why? Because its so much faster than writing out SQL commands by hand. 

 

 

 

I think he meant more along the lines of properly learning pentesting instead of just going about it willy-nilly.

[vorticalbox]

2 hours ago, Saurfang said:

That term is so silly. Yes, it's dumb to try to use preexisting tools to hack into something with no knowledge of what's going on, but hell, I've got four years of programming experience and you know what I do when I'm pentesting for SQL injection? I use Havij. Why? Because its so much faster than writing out SQL commands by hand. 

 

 

 

1 hour ago, DeadEyePsycho said:

I think he meant more along the lines of properly learning pentesting instead of just going about it willy-nilly.

This is exactly what I meant. Nothing wrong with uses frameworks for pentesting however you're not learning anything when using them. 

[straight_stewie]

22 hours ago, Mandm723 said:

I am attempting to learn how to use Python for penetration testing? Where can I learn this?

 

Edit: Thanks for all the answers guys! I was pretty vague with my question so let me try to narrow it down. I want to learn how to use python to create pen-testing programs, as vorticalbox said, I don't want to be a "script kiddie" I want to be able to use my python skills to try to make some pen-testing skills. I am not trying to start a company or anything, just want to have some fun and have a hobby.

 

Thanks!

What's your skill/knowledge level about general computer science stuff, and additionally about web stuff?

[Mandm723]

17 minutes ago, straight_stewie said:

What's your skill/knowledge level about general computer science stuff, and additionally about web stuff?

I am "good" with computers, I am pretty good with computer science stuff. But I am not very good with web stuff, haven't really had a chance to learn a whole lot about this. 

[straight_stewie]

16 minutes ago, Mandm723 said:

I am "good" with computers, I am pretty good with computer science stuff. But I am not very good with web stuff, haven't really had a chance to learn a whole lot about this. 

Well, not all penetration testing revolves around web technology and operating systems, but by far the majority of penetration testing revolves around web apps and operating systems. I'm not trying to be "that guy", but getting anything useful out of learning penetration testing you'll probably need to be familiar with web technologies and the associated languages. You can always start with places like OverTheWire.Org