Python Penetration Testing Tool collectionIf you love vulnerability research, reverse engineering, or penetration testing, I highly recommend that you use Python as your programming language. It contains a number of useful libraries and tools,
This article will list some of the highlights.
Internet
- Scapy, scapy3k: Send, Sniff, analyze and forge network packets. Can be used as an interactive package handler or as a single library.
- Pypcap, Pcapy, Pylibpcap: Python libraries of several different libpcap bundles
- Libdnet: Low-level network routing, including port viewing and forwarding of Ethernet frames
- DPKT: Fast, lightweight packet creation and analysis for basic TCP/IP protocol
- Impacket: Forge and Decode network packets, support advanced protocols such as NMB and SMB
- Pynids:libnids package provides network sniffing, IP packet fragmentation reorganization, TCP stream reassembly, and port scan detection
- Dirtbags py-pcap: Read pcap files without Libpcap library support
- Flowgrep: Finding payloads in a packet with regular expressions
- Knock subdomain Scan: Enumerating Target subdomains by dictionary
- Subbrute: Fast Sub-domain enumeration tool
- Mallory: Extensible TCP/UDP Broker Tool to modify non-standard protocols in real time
- Pytbull: Flexible ids/ips test framework (with over 300 test samples included)
Commissioning and reverse engineering
- Paimei: Reverse engineering framework, including PYDBG, pida,pgraph
- Immunity Debugger: script GUI and command line debugger
- mona.py:Immunity extension in Debugger, used in place of PVEFINDADDR
- Plugins in Idapython:ida Pro, integrated with the Python programming language, allowing scripts to execute in IDA Pro
- Pyemu: Full Script-implemented Intel 32-bit emulator for malware analysis
- Pefile: Read and process PE files
- Pydasm:python Package of Libdasm
- Microsoft Windows Debug engine in Pydbgeng:python package
- Uhooker: Intercepting API calls from DLLs or arbitrary address executable files in memory
- Disassembly Library under the DISTORM:AMD64
- Python-ptrace:python Write a debugger that uses ptrace
- Vdb/vtrace:vtrace is a cross-platform debugging API implemented in Python, and VDB is the debugger that uses it
- Androguard: The reverse analysis tool for Android apps
- Capstone: A lightweight, multi-platform, multi-architecture supported disassembly framework. Support includes arm,arm64,mips and x86/x64 platforms.
- Python interface for Pybfd:gnu binary file description (BFD) Library
Fuzzing
- Sulley: A framework for the development of a fuzzy device and a fuzzy test, composed of a number of extensible components
- Peach fuzzing Platform: Extensible Fuzzy Testing Framework (V2 version is written in Python language)
- Antiparser: The API for fuzzy testing and fault injection
- Taof: (The art of fuzzing, vague art) contains Proxyfuzz, a man-in-the-middle network fuzzy testing tool
- Untidy: For the XML Blur test tool
- Powerfuzzer: Highly automated and fully customizable WEB-fuzzy testing tools
- Smudge: Pure Python-implemented network protocol blur test
- Mistress: Detects protocols in real-time file formats and detects malformed data based on preset modes
- Fuzzbox: Fuzzy testing of media multi-encoder
- Forensic fuzzing
Tools: Test the robustness of forensic tools by generating files for fuzzy testing, file systems, and file systems containing fuzzy test files
- Windows IPC fuzzing
Tools: A tool for fuzzy testing using the Windows interprocess communication mechanism
- Wsbang: Testing SOAP security based on WEB service automation
- Construct: A library for parsing and building data formats (binary or text)
- fuzzer.py
(Feliam): Simple fuzzy test tool written by Felipe Andres Manzano
- Fusil: Python Library for writing fuzzy test programs
Web
- Requests: elegant, simple, human-friendly HTTP library
- HTTPie: User-friendly HTTP client similar to the CURL command line
- Proxmon: Handling agent logs and reporting problems found
- Wsmap: Finding WEB servers and discovery files
- Twill: Browse the Web page from the command line interface. Support Automated Network Testing
- Ghost.py:Python written by WebKit Web client
- Windmill:web test Tools help you easily automate debugging Web applications
- Funkload:web function and load testing
- Spynner:python-written web browsing module supports Javascript/ajax
- Python-spidermonkey: Is the Mozilla JS engine porting on Python, allowing the invocation of Javascript scripts and functions
- Mitmproxy: An HTTP proxy that supports SSL. Network traffic can be checked and edited in real time on the console interface
- Pathod/pathoc: Perverted http/s daemon for testing and torturing HTTP clients
Forensics
- Volatility: extracting data from RAM
- Rekall:google development of the Memory analysis framework
- Libforensics: Digital Forensics Application Library
- Identify file types from binary signatures implemented by Tridlib:python
Aft: Android Forensics toolset malware analysis
Pyew: Command line hex Editor and Disassembly tool, mainly used to analyze malware
- Exefilter: Filter specific file formats in e-mail, Web pages and files. You can detect many common file formats, or you can remove document content.
- PYCLAMAV: Increase the virus detection capabilities of your Python software
- Jsunpack-n: Generic JavaScript interpreter that detects exploits for target browsers and browser plugins by mimicking browser capabilities
- Yara-python: Identification and classification of malware samples
- PHONEYC: Pure Python-Implemented Honeypot
- Captipper: Analyze, research and replay HTTP malicious traffic in PCAP files
Pdf
- PDF file Analysis tool written by Peepdf:python to help detect malicious PDF files
- Didier Stevens ' PDF
Tools: Analyze, identify, and create PDF files (including pdfid,pdf-parser,make-pdf and MPDF)
- OPAF: Open PDF Analysis Framework to transform PDFs into XML trees for analysis and modification.
- Origapy:ruby tool Origami Python interface for reviewing PDF files
- Pypdf2:python PDF Toolkit contains: Information extraction, splitting, merging, authoring, encryption and decryption, etc.
- Pdfminer: Extracting text from a PDF file
- Python-poppler-qt4:python written by Poppler PDF Library, support QT4
Miscellaneous
- Inlineegg: Toolbox with a series of small functions written in Python
- Exomind: A tool for phishing attacks using social networks
- Revhosts: Enumerates the virtual main clauses that are included in the specified IP address
- Simplejson:json encoding and decoding, e.g. using Google's AJAX API
- Pymangle: command-line tools and a library to create use dictionaries for penetration testing
- Hachoir: Viewing and editing binary streams
Other useful libraries and tools
- IPython: Enhanced Interactive Python shell
- Beautiful soup:html Parser
- Matplotlib: Making two-dimensional graphs
- Mayavi: Visualization and plotting of three-dimensional scientific data
- Rtgraph3d: Creating a dynamic diagram in three-dimensional space
- Event-driven network framework written in Twisted:python language
- Suds: A lightweight soap-based Python client
- M2crypto:python language-to-OpenSSL encapsulation
- Networkx: Gallery (Edge, node)
- Pandas: A data analysis package built on Numpy that contains more advanced structures and tools
- Pyparsing: Universal Parsing module
- lxml: A library written in Python that handles XML quickly and flexibly
- Whoosh: Full-Text Search component implemented by pure Python
- Pexpect: Control and automation programs
- Sikuli: Using Jython Script automation based on visual search
- PyQt and Pyside:python bundled Qt application framework and GUI Library
Books
- Violent Python TJ O ' Connor: A detailed introduction to hackers, forensic analysis, penetration testing and security Engineer's book (Note: The Dark cloud Community has a Chinese translation version, thanks to the straw Hat kid-dj and crown, Prince translation)
- Grey Hat python python Justin Seitz: Python Programming for hackers and reverse engineering
- Python Penetration Testing Essentials testing Essentials Mohit: Best Penetration Testing with the power of Python
- Python for Secret Agents:steven F. Lott: Using Python analytics to encrypt and analyze data
Other
- Securitytube Python Scripting Expert (spse) online courses and certifications provided by Vivek Ramachandran
SANS-related courses sec573:python for penetration testers
Python Arsenal for Reverse Engineering: Collect a lot of reverse engineering related tools
This is SANS's paper on the Python Library for Forensic analysis (PDF)
More Python libraries can be found in the PyPI address in the English language address
Python
Python Penetration Testing Tool collection
