渗透测试人员的PYTHON工具箱

本文首发于公众号:乌云安全,提供关于渗透测试、社会工程学、黑产的技术及资讯,关注该公众号回复关键词“教程”,获取渗透测试入门到精通实战教程。

如果你从事的行业是漏洞研究,逆向工程或者渗透测试,那么Python语言你将值得拥有。它是一个具有丰富的扩展库和项目的编程语言。本文仅仅列出了其中的一小部分。下面列举的工具大部分是用Python写的,剩下的一部分是C语言库的Python实现,且他们很容易被Python所使用。其中有些有攻击性比较强的工具(如:渗透测试框架,蓝牙,web漏洞扫描器,等等)被遗漏了,因为这些工具的使用在我国仍然存在一些法律风险。

网络:

Scapy, Scapy3k: send, sniff and dissect
and forge network packets. Usable interactively or as a library

pypcap, Pcapy and pylibpcap: several different
Python bindings for libpcap

libdnet: low-level networking
routines, including interface lookup and Ethernet frame transmission

dpkt: fast, simple packet
creation/parsing, with definitions for the basic TCP/IP protocols

Impacket:
craft and decode network packets. Includes support for higher-level
protocols such as NMB and SMB

pynids: libnids wrapper offering
sniffing, IP defragmentation, TCP stream reassembly and port scan
detection

Dirtbags py-pcap: read pcap
files without libpcap

flowgrep: grep through
packet payloads using regular expressions

Knock Subdomain Scan, enumerate
subdomains on a target domain through a wordlist

SubBrute, fast subdomain
enumeration tool

Mallory, extensible
TCP/UDP man-in-the-middle proxy, supports modifying non-standard
protocols on the fly

Pytbull: flexible IDS/IPS testing
framework (shipped with more than 300 tests)

调试与逆向工程:
Paimei: reverse engineering
framework, includes PyDBG, PIDA,
pGRAPH

Immunity Debugger:
scriptable GUI and command line debugger

mona.py:
PyCommand for Immunity Debugger that replaces and improves on
pvefindaddr

IDAPython: IDA Pro plugin that
integrates the Python programming language, allowing scripts to run
in IDA Pro

PyEMU: fully scriptable IA-32
emulator, useful for malware analysis

pefile: read and work with
Portable Executable (aka PE) files

pydasm:
Python interface to the libdasm x86 disassembling library

PyDbgEng: Python wrapper for the
Microsoft Windows Debugging Engine

uhooker:
intercept calls to API calls inside DLLs, and also arbitrary
addresses within the executable file in memory

diStorm: disassembler library
for AMD64, licensed under the BSD license

python-ptrace:
debugger using ptrace (Linux, BSD and Darwin system call to trace
processes) written in Python

vdb / vtrace: vtrace is a
cross-platform process debugging API implemented in python, and vdb
is a debugger which uses it

Androguard: reverse
engineering and analysis of Android applications

Capstone: lightweight
multi-platform, multi-architecture disassembly framework with Python
bindings

PyBFD: Python interface
to the GNU Binary File Descriptor (BFD) library

Fuzzing:
Sulley: fuzzer development and
fuzz testing framework consisting of multiple extensible components

Peach Fuzzing Platform:
extensible fuzzing framework for generation and mutation based
fuzzing (v2 was written in Python)

antiparser: fuzz testing and
fault injection API

TAOF, (The Art of Fuzzing)
including ProxyFuzz, a man-in-the-middle non-deterministic network
fuzzer

untidy: general purpose XML fuzzer

Powerfuzzer: highly automated and
fully customizable web fuzzer (HTTP protocol based application
fuzzer)

SMUDGE

Mistress:
probe file formats on the fly and protocols with malformed data,
based on pre-defined patterns

Fuzzbox:
multi-codec media fuzzer

Forensic Fuzzing
Tools:
generate fuzzed files, fuzzed file systems, and file systems
containing fuzzed files in order to test the robustness of forensics
tools and examination systems

Windows IPC Fuzzing
Tools:
tools used to fuzz applications that use Windows Interprocess
Communication mechanisms

WSBang:
perform automated security testing of SOAP based web services

Construct: library for parsing
and building of data structures (binary or textual). Define your
data structures in a declarative manner

fuzzer.py
(feliam):
simple fuzzer by Felipe Andres Manzano

Fusil: Python library
used to write fuzzing programs

Web:
Requests: elegant and simple HTTP
library, built for human beings

HTTPie: human-friendly cURL-like command line
HTTP client

ProxMon:
processes proxy logs and reports discovered issues

WSMap:
find web service endpoints and discovery files

Twill: browse the Web from a command-line
interface. Supports automated Web testing

Ghost.py: webkit web client written
in Python

Windmill: web testing tool designed
to let you painlessly automate and debug your web application

FunkLoad: functional and load web
tester

spynner: Programmatic web
browsing module for Python with Javascript/AJAX support

python-spidermonkey:
bridge to the Mozilla SpiderMonkey JavaScript engine; allows for the
evaluation and calling of Javascript scripts and functions

mitmproxy: SSL-capable, intercepting HTTP
proxy. Console interface allows traffic flows to be inspected and
edited on the fly

pathod / pathoc: pathological daemon/client
for tormenting HTTP clients and servers

取证分析:
Volatility:
extract digital artifacts from volatile memory (RAM) samples

Rekall:
memory analysis framework developed by Google

LibForensics: library for
developing digital forensics applications

TrIDLib, identify file types
from their binary signatures. Now includes Python binding

aft: Android forensic toolkit

恶意代码分析:
pyew: command line hexadecimal
editor and disassembler, mainly to analyze malware

Exefilter: filter file formats
in e-mails, web pages or files. Detects many common file formats and
can remove active content

pyClamAV: add
virus detection capabilities to your Python software

jsunpack-n, generic
JavaScript unpacker: emulates browser functionality to detect
exploits that target browser and browser plug-in vulnerabilities

yara-python:
identify and classify malware samples

phoneyc: pure Python
honeyclient implementation

CapTipper: analyse, explore and
revive HTTP malicious traffic from PCAP file

PDF文件分析:
peepdf:
Python tool to analyse and explore PDF files to find out if they can be harmful

Didier Stevens’ PDF
tools: analyse,
identify and create PDF files (includes PDFiD, pdf-parser and make-pdf and mPDF)

Opaf: Open PDF Analysis Framework.
Converts PDF to an XML tree that can be analyzed and modified.

Origapy: Python wrapper
for the Origami Ruby module which sanitizes PDF files

pyPDF2: pure Python PDF toolkit: extract
info, spilt, merge, crop, encrypt, decrypt…

PDFMiner:
extract text from PDF files

python-poppler-qt4:
Python binding for the Poppler PDF library, including Qt4 support

杂项:
InlineEgg:
toolbox of classes for writing small assembly programs in Python

Exomind:
framework for building decorated graphs and developing open-source
intelligence modules and ideas, centered on social network services,
search engines and instant messaging

RevHosts: enumerate
virtual hosts for a given IP address

simplejson: JSON
encoder/decoder, e.g. to use Google’s AJAX
API

PyMangle: command line tool
and a python library used to create word lists for use with other
penetration testing tools

Hachoir: view and
edit a binary stream field by field

py-mangle: command line tool
and a python library used to create word lists for use with other
penetration testing tools

其他有用的扩展库与工具:
IPython: enhanced interactive Python
shell with many features for object introspection, system shell
access, and its own special command system

Beautiful Soup:
HTML parser optimized for screen-scraping

matplotlib: make 2D plots of
arrays

Mayavi: 3D scientific
data visualization and plotting

RTGraph3D: create
dynamic graphs in 3D

Twisted: event-driven networking engine

Suds: lightweight SOAP client for
consuming Web Services

M2Crypto:
most complete OpenSSL wrapper

NetworkX: graph library (edges, nodes)

Pandas: library providing
high-performance, easy-to-use data structures and data analysis
tools

pyparsing: general parsing
module

lxml: most feature-rich and easy-to-use library
for working with XML and HTML in the Python language

Whoosh: fast, featureful
full-text indexing and searching library implemented in pure Python

Pexpect: control and automate
other programs, similar to Don Libes Expect system

Sikuli, visual technology
to search and automate GUIs using screenshots. Scriptable in Jython

PyQt and PySide: Python bindings for the Qt
application framework and GUI library

相关书籍:
Violent Python by TJ O’Connor. A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers

Grey Hat Python by Justin Seitz:
Python Programming for Hackers and Reverse Engineers.

Black Hat Python by Justin Seitz:
Python Programming for Hackers and Pentesters

Python Penetration Testing Essentials by Mohit:
Employ the power of Python to get the best out of pentesting

Python for Secret Agents by Steven F. Lott. Analyze, encrypt, and uncover intelligence data using Python

其他:
SecurityTube Python Scripting Expert (SPSE) is an online course and certification offered by Vivek Ramachandran.

SANS offers the course SEC573: Python for Penetration Testers.

The Python Arsenal for Reverse Engineering is a large collection of tools related to reverse engineering.

There is a SANS paper about Python libraries helpful for forensic analysis (PDF).

For more Python libaries, please have a look at PyPI, the Python Package Index.

参考链接:https://github.com/dloss/python-pentest-tools

  • 0
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

网络安全进阶

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值