Learning Python Web Penetration Testing E-Book

Learning Python Web Penetration Testing

Copyright © 2018 Packt Publishing

All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews.

Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, nor Packt Publishing or its dealers and distributors, will be held liable for any damages caused or alleged to have been caused directly or indirectly by this book.

Packt Publishing has endeavored to provide trademark information about all of the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information.

Commissioning Editor: Kartikey PandeyAcquisition Editor: Prachi BishtContent Development Editor: Trusha ShriyanTechnical Editor: Sayali ThanekarCopy Editor:Safis Editing, Laxmi SubramanianProject Coordinator: Kinjal BariProofreader: Safis EditingIndexer: Aishwarya GangawaneGraphics: Jisha ChirayilProduction Coordinator: Aparna Bhagat

First published: June 2018

Production reference: 1260618

Published by Packt Publishing Ltd. Livery Place 35 Livery Street Birmingham B3 2PB, UK.

ISBN 978-1-78953-397-2

www.packtpub.com

Mapt is an online digital library that gives you full access to over 5,000 books and videos, as well as industry leading tools to help you plan your personal development and advance your career. For more information, please visit our website.

Why subscribe?

Spend less time learning and more time coding with practical eBooks and Videos from over 4,000 industry professionals

Improve your learning with Skill Plans built especially for you

Get a free eBook or video every month

Mapt is fully searchable

Copy and paste, print, and bookmark content

PacktPub.com

Did you know that Packt offers eBook versions of every book published, with PDF and ePub files available? You can upgrade to the eBook version at www.PacktPub.com and as a print book customer, you are entitled to a discount on the eBook copy. Get in touch with us at [email protected] for more details.

At www.PacktPub.com, you can also read a collection of free technical articles, sign up for a range of free newsletters, and receive exclusive discounts and offers on Packt books and eBooks.

Contributor

About the author

Christian Martorella has been working in the field of information security for the last 18 years and is currently leading the product security team for Skyscanner. Earlier, he was the principal program manager in the Skype product security team at Microsoft. His current focus is security engineering and automation. He has contributed to open source security testing tools such as Wfuzz, theHarvester, and Metagoofil, all included in Kali, the penetration testing Linux distribution.

Packt is searching for authors like you

If you're interested in becoming an author for Packt, please visit authors.packtpub.com and apply today. We have worked with thousands of developers and tech professionals, just like you, to help them share their insight with the global tech community. You can make a general application, apply for a specific hot topic that we are recruiting an author for, or submit your own idea.

Table of Contents

Title Page

Copyright and Credits

Learning Python Web Penetration Testing

Packt Upsell

Why subscribe?

PacktPub.com

Contributor

About the author

Packt is searching for authors like you

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the example code files

Download the color images

Conventions used

Get in touch

Reviews

Introduction to Web Application Penetration Testing

Understanding the web application penetration testing process

Typical web application toolkit

HTTP Proxy

Crawlers and spiders

Vulnerability scanners

Brute forces/predictable resource locators

Specific task tools

Testing environment

Summary

Interacting with Web Applications

HTTP protocol basics

What is HTTP and how it works?

Anatomy of an HTTP request

HTTP headers

GET request

Interacting with a web app using the requests library

Requests library

Our first script

Setting headers

Analyzing HTTP responses

HTTP codes

Summary

Web Crawling with Scrapy – Mapping the Application

Web application mapping

Creating our own crawler/spider with Scrapy

Starting with Scrapy

Making our crawler recursive

Scraping interesting stuff

Summary

Resources Discovery

What is resource discovery?

Building our first BruteForcer 

Analysing the results

Adding more information

Entering the hash of the response content

Taking screenshots of the findings

Summary

Password Testing

How password attacks work

Password cracking

Password policies and account locking

Our first password BruteForcer

Basic authentication

Creating the password cracker

Adding support for digest authentication

What is digest authentication?

Adding digest authentication to our script

Form-based authentication

Form-based authentication overview

Summary

Detecting and Exploiting SQL Injection Vulnerabilities

Introduction to SQL injection

SQLi versus blind SQLi

Detecting SQL injection issues

Methods for detecting SQLi

Automating the detection

Exploiting a SQL injection to extract data

What data can we extract with an SQLi?

Automating basic extractions

Advanced SQLi exploiting

Summary

Intercepting HTTP Requests

HTTP proxy anatomy

What is an HTTP proxy?

Why do we need a proxy?

Types of HTTP proxy

Introduction to mitmproxy

Why mitmproxy?

Manipulating HTTP requests

Inline scripts

Automating SQLi in mitmproxy

SQLi process

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Preface

Welcome to learning Python web penetration testing!

In this book, we'll learn the penetration testing process and see how to write our own tools.

You will leverage the simplicity of Python and available libraries to build your own web application security testing tools. The goal of this book is to show you how you can use Python to automate most of the web application penetration testing activities.

I hope you now have a complete grip of what's to come, and that you're as excited as I am.

So then, let's get started on this wonderful journey.

Who this book is for

If you are a web developer who wants to step into the web application security testing world, this book will provide you with the knowledge you need in no time! Familiarity with Python is essential, but not to an expert level.

What this book covers

Chapter 1, Introduction to Web Application Penetration Testing, teaches you about the web application security process and why it is important to test application security.

Chapter 2, Interacting with Web Applications, explains how to interact with a web application programmatically using Python and the request libraries.

Chapter 3, Web Crawling with Scrapy – Mapping the Application, explains how to write your own crawler using Python and the Scrapy library.

Chapter 4, Resources Discovery, teaches you how to write a basic web application BruteForcer to help us with the resources discovery.

Chapter 5, Password Testing, explains password-quality testing, also known as password cracking.

Chapter 6, Detecting and Exploiting SQL Injection Vulnerabilities, talks about detecting and exploiting SQL injection vulnerabilities.

Chapter 7, Intercepting HTTP Requests, talks about HTTP proxies and also helps you to create your own proxies based on the mitmproxy tool.

To get the most out of this book

The only prerequisite for this course is to have basic programming or scripting experience, which will facilitate quick comprehension of the examples.

In terms of environment, you only need to download the virtual machine that contains the vulnerable target web application and the Python environment with all the libraries necessary. To run the virtual machine, you will need to install virtual box from https://www.virtualbox.org/.

Download the example code files

You can download the example code files for this book from your account at www.packtpub.com. If you purchased this book elsewhere, you can visit www.packtpub.com/support and register to have the files emailed directly to you.

You can download the code files by following these steps:

Log in or register at

www.packtpub.com

.

Select the

SUPPORT

tab.

Click on

Code Downloads & Errata

.

Enter the name of the book in the

Search

box and follow the onscreen instructions.

Once the file is downloaded, please make sure that you unzip or extract the folder using the latest version of:

WinRAR/7-Zip for Windows

Zipeg/iZip/UnRarX for Mac

7-Zip/PeaZip for Linux

The code bundle for the book is also hosted on GitHub at https://github.com/PacktPublishing/Learning-Python-Web-Penetration-Testing. In case there's an update to the code, it will be updated on the existing GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Download the color images

We also provide a PDF file that has color images of the screenshots/diagrams used in this book. You can download it here: https://www.packtpub.com/sites/default/files/downloads/LearningPythonWebPenetrationTesting_ColorImages.pdf.

Get in touch

Feedback from our readers is always welcome.

General feedback: Email [email protected] and mention the book title in the subject of your message. If you have questions about any aspect of this book, please email us at [email protected].

Errata: Although we have taken every care to ensure the accuracy of our content, mistakes do happen. If you have found a mistake in this book, we would be grateful if you would report this to us. Please visit www.packtpub.com/submit-errata, selecting your book, clicking on the Errata Submission Form link, and entering the details.

Piracy: If you come across any illegal copies of our works in any form on the internet, we would be grateful if you would provide us with the location address or website name. Please contact us at [email protected] with a link to the material.

If you are interested in becoming an author: If there is a topic that you have expertise in and you are interested in either writing or contributing to a book, please visit authors.packtpub.com.

Reviews

Please leave a review. Once you have read and used this book, why not leave a review on the site that you purchased it from? Potential readers can then see and use your unbiased opinion to make purchase decisions, we at Packt can understand what you think about our products, and our authors can see your feedback on their book. Thank you!

For more information about Packt, please visit packtpub.com.

Introduction to Web Application Penetration Testing

In this chapter, we will look at the following topics:

Understanding the web application penetration testing process

Typical web application toolkit

Training environment

Let's get started!

Understanding the web application penetration testing process

In this section, we will understand what web application penetration testing is and the process behind it. We will start by learning what web application penetration testing is, the importance of performing these tests, what professional methodologies look like, and we'll briefly explain why it is important to have skills to use Python to write our own tools.

Penetration testing is a type of security testing that evaluates the security of an application from the perspective of an attacker. It is an offensive exercise where you have to think like an attacker and understand the developers as well as the technology involved in order to unveil all the flaws.

The goal is to identify all the flaws and demonstrate how they can be exploited by an attacker, and what the impact will be on our company. Finally, the report will provide solutions to fix the issues that have been detected. It's a manual and dynamic test. Manual means that it heavily depends on the knowledge of the person doing the test, and that is why learning how to write your own penetration testing tools is important, and will give you an edge in your career. Dynamic testing is where we test the running application. It is not a static analysis of the source code. The security test is useful to validate and verify the effect of the application security controls to us and to identify the lax of these security controls.