DEV550 – Python for Pentesters
Rated 3.5/5 based on 11 customer reviews

DEV550 – Python for Pentesters

Add Your Review
Available: In Stock
$1,199.00

Image

Course Overview

DEV550 – Python for Pentesters is an intermediate level course designed for pentesters who want to use Python to build specialized tools. This challenging course will expose students to target scanning, enumeration, exploit development, web application attacks, and persistence mechanisms through Python scripting.
Upon completion, students will have built an arsenal of over 20 penetration testing tools.

Objectives

Provide students with the knowledge necessary to analyze technical situations, solving them through the development of Python tools 

Target Audience

hThis course is designed for students who have basic programming/scripting experience in C or Python, knowledge of networking concepts, and knowledge of penetration testing methods and hacking tools


Estimated Course Length: 24 hours

Day 1 Introduction to building pentesting tools in Python. Students will review Python fundamentals and will develop target scanning and enumeration tools using modules from the Python Standard Library as well as third party modules.

Topics List
  • Python Fundamentals
  • Socket Module
  • I/O Functionality
  • User Input
  • Application Banner Grabbing
  • Functions
  • HTTP Methods
  • Nmap Module

Students will begin the day by creating custom scanners using the Nmap module. They will develop algorithms to parse complex data sets and build additional functionality into their custom tools. The labs challenge students to use a variety of control structures like sequence, selection, and repetition

Topics List
  • Building Custom Scanners
  • Parsing Nmap Data
  • “If” statements
  • Exception Handling
  • Enhancing Tool Functionality
  • OS Module
  • Introduction to Exploit Development

Students will begin the day by taking a deep look at x86 memory architecture, operating system controls and debugging. Students will then learn how to construct exploits against stackbased buffer overflows, as well as how to embed shellcode into their Python scripts.

Topics List
  • x86 Memory Architecture
  • Exploit Mitigation Controls
  • Fuzzing
  • Debugging
  • Shellcode
  • Constructing Exploits

The Pointers lectures and labs expose students to indirect addressing. Reading from and writing to files using file pointers and comparing call-by-value and call-by-reference methods are discussed. Finally the student will learn how to pass information to and get information back from functions.

Topics List
  • Pointers
  • Indirect addressing
  • File I/O using pointers
  • Call methods for functions
  • Modularize program with functions
  • Working with pointers and functions
  • Case Study: Solar-heated House; Problem: Design a program to estimate size of collecting area needed to support a solar-heated house

The Array Pointers lectures and labs teach students how to use arrays and how C implements arrays as pointers. Students learn how to access values in arrays, and how to process data in arrays using loops. Searching arrays is introduced and multi-dimensional arrays are described as a solution for storing tables of data.

Topics List
  • Arrays
  • Relationship between arrays and pointers
  • Process array data with loops
  • Function and array interaction
  • Searching and sorting arrays
  • Case Study: Summary of Business Revenue; Problem: Regional medical center needs software to track its revenue by unit and quarter

Course Overview

DEV550 – Python for Pentesters is an intermediate level course designed for pentesters who want to use Python to build specialized tools. This challenging course will expose students to target scanning, enumeration, exploit development, web application attacks, and persistence mechanisms through Python scripting.
Upon completion, students will have built an arsenal of over 20 penetration testing tools.

Objectives

Provide students with the knowledge necessary to analyze technical situations, solving them through the development of Python tools 

Target Audience

hThis course is designed for students who have basic programming/scripting experience in C or Python, knowledge of networking concepts, and knowledge of penetration testing methods and hacking tools


Estimated Course Length: 24 hours

Day 1 Introduction to building pentesting tools in Python. Students will review Python fundamentals and will develop target scanning and enumeration tools using modules from the Python Standard Library as well as third party modules.

Topics List
  • Python Fundamentals
  • Socket Module
  • I/O Functionality
  • User Input
  • Application Banner Grabbing
  • Functions
  • HTTP Methods
  • Nmap Module

Students will begin the day by creating custom scanners using the Nmap module. They will develop algorithms to parse complex data sets and build additional functionality into their custom tools. The labs challenge students to use a variety of control structures like sequence, selection, and repetition

Topics List
  • Building Custom Scanners
  • Parsing Nmap Data
  • “If” statements
  • Exception Handling
  • Enhancing Tool Functionality
  • OS Module
  • Introduction to Exploit Development

Students will begin the day by taking a deep look at x86 memory architecture, operating system controls and debugging. Students will then learn how to construct exploits against stackbased buffer overflows, as well as how to embed shellcode into their Python scripts.

Topics List
  • x86 Memory Architecture
  • Exploit Mitigation Controls
  • Fuzzing
  • Debugging
  • Shellcode
  • Constructing Exploits

The Pointers lectures and labs expose students to indirect addressing. Reading from and writing to files using file pointers and comparing call-by-value and call-by-reference methods are discussed. Finally the student will learn how to pass information to and get information back from functions.

Topics List
  • Pointers
  • Indirect addressing
  • File I/O using pointers
  • Call methods for functions
  • Modularize program with functions
  • Working with pointers and functions
  • Case Study: Solar-heated House; Problem: Design a program to estimate size of collecting area needed to support a solar-heated house

The Array Pointers lectures and labs teach students how to use arrays and how C implements arrays as pointers. Students learn how to access values in arrays, and how to process data in arrays using loops. Searching arrays is introduced and multi-dimensional arrays are described as a solution for storing tables of data.

Topics List
  • Arrays
  • Relationship between arrays and pointers
  • Process array data with loops
  • Function and array interaction
  • Searching and sorting arrays
  • Case Study: Summary of Business Revenue; Problem: Regional medical center needs software to track its revenue by unit and quarter