Python tools for pentesting

Tools and techniques to achieve:

• Coding your own reverse shell (TCP+HTTP).
• Exfiltrating data from victim's machine.
• Using anonymous shell by abusing Twitter, Google Form and Sourceforge.
• Hacking passwords with different techniques: code a Keylogger, perform Clipboard Hijacking.
• Bypassing some firewall by including cryptography encryption in your script shells (AES,RSA,XOR)
• Writing scripts to perform privilege escalation on windows by abusing a weak service. And more.

Contents

From course: Python For Offensive PenTest: A Complete Practical Course.

General index of the course

• Gaining persistence shells (TCP + HTTP):
  • Coding a TCP connection and a reverse shell.
  • Coding a low level data exfiltration - TCP connection.
  • Coding an http reverse shell.
  • Coding a data exfiltration script for a http shell.
  • Tunning the connection attempts.
  • Including cd command into TCP reverse shell.
• Advanced scriptable shells:
  • Using a Dynamic DNS instead of your bared attacker public ip.
  • Making your binary persistent.
  • Making a screenshot.
  • Coding a reverse shell that searches files.
• Techniques for bypassing filters:
  • Coding a reverse shell that scans ports.
  • Hickjack the Internet Explorer process to bypass an host-based firewall.
  • Bypassing Next Generation Firewalls.
  • Bypassing IPS with handmade XOR Encryption.
• Malware and crytography:
  • TCP reverse shell with AES encryption.
  • TCP reverse shell with RSA encryption.
  • TCP reverse shell with hybrid encryption AES + RSA.
• Password Hickjacking:
  • Simple keylogger in python.
  • Hijacking Keepass Password Manager.
  • Dumping saved passwords from Google Chrome.
  • Man in the browser attack.
  • DNS Poisoning.
• Privilege escalation:
  • Weak service file permission.

Tools

pyinstaller

PyInstaller bundles a Python application and all its dependencies into a single package. The user can run the packaged app without installing a Python interpreter or any modules.

See pyinstaller.

py2exe

This setup file will convert the python script scsiaccess.py into an exe file:

from distutils.core import setup
import py2exe, sys, os

sys.arg.append("py2exe")
setup(
      options = {'py2exe': {'bundle_files': 1}},
      windows = [ {'script': "scsiaccess.py"}],
      zipfule = None
)

Inmunity Debuger

See Inmunity Debugger.

Last update: 2024-03-29
Created: April 10, 2023 16:52:50