Duration:
3 days
Category:
Knowledge of the programming and scripting languages Python and Bash is practically indispensable when you want to take penetration testing seriously and go a step further than standard tooling or easily automate tasks. Also, if you want to become OSCP, basic knowledge of Python or Bash is desired (at a minimum). In this training, we specifically focus both languages on how you can use them during a penetration test. You do not need any prior programming experience for this, although that is of course welcome.
In our offensive training program, this training is particularly interesting after the Certified Ethical Hacker (CEH) or Certified Penetration Testing Professional (CPENT) training and a good preparation for the scripting components of the Offensive Security Certified Professional (OSCP) training.
The setup of this training is practice-oriented. After a theoretical introduction for each component, we will quickly move on to practical labs where you will learn to apply Python and Bash scripts during various phases of a penetration test.
• Shell scripting, Python scripting,
• A note on other languages like C, Java and C#
Writing simple shell scripts
• Variables
• Redirecting output
• The Shebang
• Making scripts executable
Advanced topics
• Logic Statements
• Loops
• Getting user input
• Command line arguments
• Functions
• History
• A note about versions
• Installing Python
• Using the Python interpreter
• Indenting
• Objects and References
• Booleans
• Numbers
• Strings
• Bytes
• Collections
- Lists
- Tuples
- Sets
- Dictionaries
• If statement
• Loops
• Functions
• Classes and Objects
• Modules and Packages
• Managing packages with PIP
• Virtual environments
• Files I/O
• Directory handling
• Regular Expressions
• Processes and Signals
1. Creating processes
2. Threading and Queueing
3. Signals
• Finding content
• Parsing Logfiles
• Creating backdoors
• Covering tracks
Network Programming Introduction
• Programming Sockets
• Creating a server
• Creating a client
• Build a webserver
Navigating the web sites
• Getting webpages
- Urllib2
• Analyzing web responses (html, json,xml)
- HTMLParser, Beautifulsoup
• Creating a webcrawler
• Creating a screen scraper
• Handling Forms (with urllib2 and Mechanize)
- Parsing Forms
- Submitting Forms
• Handing cookies and sessions
Packet sniffing and Injection
• Using Raw Sockets
• Using Scapy
Scripting NMAP
• Using Python-nmap
Scripting SSH
• Using Pexpect
• Using Paramiko
• Banner grabbing
• SSH dictionary attacks
• Scripting OWASP attacks
Knowledge of the programming and scripting languages Python and Bash is practically indispensable when you want to take penetration testing seriously and go a step further than standard tooling or easily automate tasks. Also, if you want to become OSCP, basic knowledge of Python or Bash is desired (at a minimum). In this training, we specifically focus both languages on how you can use them during a penetration test. You do not need any prior programming experience for this, although that is of course welcome.
In our offensive training program, this training is particularly interesting after the Certified Ethical Hacker (CEH) or Certified Penetration Testing Professional (CPENT) training and a good preparation for the scripting components of the Offensive Security Certified Professional (OSCP) training.
The setup of this training is practice-oriented. After a theoretical introduction for each component, we will quickly move on to practical labs where you will learn to apply Python and Bash scripts during various phases of a penetration test.
• Shell scripting, Python scripting,
• A note on other languages like C, Java and C#
Writing simple shell scripts
• Variables
• Redirecting output
• The Shebang
• Making scripts executable
Advanced topics
• Logic Statements
• Loops
• Getting user input
• Command line arguments
• Functions
• History
• A note about versions
• Installing Python
• Using the Python interpreter
• Indenting
• Objects and References
• Booleans
• Numbers
• Strings
• Bytes
• Collections
- Lists
- Tuples
- Sets
- Dictionaries
• If statement
• Loops
• Functions
• Classes and Objects
• Modules and Packages
• Managing packages with PIP
• Virtual environments
• Files I/O
• Directory handling
• Regular Expressions
• Processes and Signals
1. Creating processes
2. Threading and Queueing
3. Signals
• Finding content
• Parsing Logfiles
• Creating backdoors
• Covering tracks
Network Programming Introduction
• Programming Sockets
• Creating a server
• Creating a client
• Build a webserver
Navigating the web sites
• Getting webpages
- Urllib2
• Analyzing web responses (html, json,xml)
- HTMLParser, Beautifulsoup
• Creating a webcrawler
• Creating a screen scraper
• Handling Forms (with urllib2 and Mechanize)
- Parsing Forms
- Submitting Forms
• Handing cookies and sessions
Packet sniffing and Injection
• Using Raw Sockets
• Using Scapy
Scripting NMAP
• Using Python-nmap
Scripting SSH
• Using Pexpect
• Using Paramiko
• Banner grabbing
• SSH dictionary attacks
• Scripting OWASP attacks
This training is scheduled as follows in the coming period. Missing a date? Feel free to contact us.
Location: TSTC Veenendaal - Klassikaal
This training can also be taken as part of the below learning path(s). If you want to follow multiple titles from a learning path, please contact our advisors for a suitable bundle offer.
Train smarter, not harder. TSTC's unique approach guarantees the effective acquisition of skills and the greatest chance of success.
Learn more about TSTC
