Libraries used in python for ethical hacking and cyber security.
As security developers, we need to know the libraries to use when creating hacking tools.
There are a number of libraries that can be used for ethical hacking and cyber security in Python. Some examples include:
Scapy: A powerful packet manipulation library that allows you to craft custom packets, send them over the wire, capture and analyze them, and more. It can be used for tasks such as network scanning, service fingerprinting, and exploitation.
Paramiko: A library for implementing SSH and SFTP in Python. It can be used to remotely execute commands, transfer files, and manage remote servers.
Cryptography: A library for encrypting and decrypting data, as well as other cryptographic tasks such as generating hashes and signing messages.
Pwntools: A library specifically designed for writing and testing exploits. It includes features such as automatic exploit generation and a debugger.
Nmap: A popular network scanning tool that can be used to discover hosts and services on a network, as well as to perform security assessments. The Nmap library allows you to use Nmap from within Python.
SocksiPy: A library for implementing SOCKS proxies in Python. It can be used to establish anonymous connections, bypass firewalls, and more.
Requests: A library for making HTTP requests in Python. It can be used for tasks such as testing web servers, submitting forms, and automating login processes.
These are just a few examples of the many libraries that can be used for ethical hacking and cyber security in Python.
Here are simple example scripts for each of the libraries mentioned above:
Scapy
Import the Scapy library
from scapy.all import *
Create a custom packet
packet = IP(dst="www.example.com") / ICMP()
Send the packet and receive the response
response = sr1(packet)
Print the response
print(response)
Paramiko:
Import the Paramiko library
import paramiko
Set up the SSH client
client = paramiko.SSHClient() client.load_system_host_keys() client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
Connect to the server
client.connect("www.example.com", username="user", password="password")
Execute a command
stdin, stdout, stderr = client.exec_command("ls")
Print the output of the command
print(stdout.read())
Disconnect from the server
client.close()
Cryptography:
Import the Cryptography library
import cryptography
Generate a random key
key = cryptography.fernet.Fernet.generate_key()
Create a Fernet object using the key
fernet = cryptography.fernet.Fernet(key)
Encrypt some data
data = b"secret message" encrypted_data = fernet.encrypt(data)
Decrypt the data
decrypted_data = fernet.decrypt(encrypted_data)
Print the original and decrypted data
print(data) print(decrypted_data)
Pwntools:
Import the Pwntools library
import pwn
Connect to a remote server
pwn.connect("www.example.com", port=12345)
Send a message to the server
pwn.sendline("Hello, server!")
Receive a response from the server
response = pwn.recv()
Print the response
print(response)
Disconnect from the server
pwn.close()
Nmap:
Import the Nmap library
import nmap
Create an Nmap scanner object
scanner = nmap.PortScanner()
Scan a host for open ports
scanner.scan("www.example.com", "1-1024")
Print the results of the scan
print(scanner.scaninfo()) print(scanner.csv())
SocksiPy:
Import the SocksiPy library
import socks import socket
Set up a SOCKS proxy
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, "localhost", 1080) socket.socket = socks.socksocket
Connect to a remote server through the proxy
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(("www.example.com", 80))
Requests:
Import the Requests library
import requests
Make a GET request to a web server
response = requests.get("https://www.example.com/")
Print the status code and the content of the response
print(response.status_code) print(response.content)
Make a POST request to a web server
response = requests.post("https://www.example.com/login", data={"username": "user", "password": "password"})
Print the status code and the content of the response
print(response.status_code) print(response.content)
Stay tuned for more. And build put on your tools using the headups on these libraries. ๐