Python 滲透測試編程技術:方法與實踐, 2/e

李華峰

  • 出版商: 清華大學
  • 出版日期: 2021-01-01
  • 定價: $414
  • 售價: 8.5$352
  • 語言: 簡體中文
  • ISBN: 7302563888
  • ISBN-13: 9787302563884
  • 相關分類: Penetration-test
  • 下單後立即進貨 (約4週~6週)

  • Python 滲透測試編程技術:方法與實踐, 2/e-preview-1
  • Python 滲透測試編程技術:方法與實踐, 2/e-preview-2
  • Python 滲透測試編程技術:方法與實踐, 2/e-preview-3
Python 滲透測試編程技術:方法與實踐, 2/e-preview-1

買這商品的人也買了...

相關主題

商品描述

本書是資深網絡安全教師多年工作經驗的結晶。書中系統且深入地將 Python應用實例與網絡安全相結合進行講解,不僅講述 Python的實際應用方法,而且從網絡安全原理的角度分析 Python實現網絡安全編程技術,真正做到理論與實踐相結合。 全書共分為 16章。第 1章介紹網絡安全滲透測試的相關理論;第 2章介紹 Kali Linux 2使用基礎;第 3章介紹 Python語言基礎;第 4章介紹使用 Python進行安全滲透測試的常見模塊;第 5章介紹使用 Python實現信息收集;第 6章和第 7章介紹使用 Python對漏洞進行滲透;第 8章介紹使用 Python實現網絡的嗅探與欺騙;第 9章介紹使用 Python實現拒絕服務攻擊;第 10章介紹使用 Python實現身份認證攻擊;第 11章介紹使用 Python編寫遠程控制工具;第 12章和第 13章介紹使用 Python完成無線網絡滲透;第 14章介紹使用 Python完成 Web滲透測試;第 15章介紹使用 Python生成滲透測試報告;第 16章介紹 Python取證相關模塊。 本書適合網絡安全滲透測試人員、運維工程師、網絡管理人員、網絡安全設備設計人員、網絡安全軟件開發人員、安全課程培訓人員、高校網絡安全專業方向的學生閱讀。

目錄大綱

目錄

 

第1章 概述·············································1

1.1 網絡安全滲透測試······················1

1.2 開展網絡安全滲透測試················3

1.2.1 前期與客戶的交流··································4

1.2.2 收集情報······························································5

1.2.3 威脅建模······························································5

1.2.4 漏洞分析······························································6

1.2.5 漏洞利用······························································6

1.2.6 後滲透攻擊·························································································6

1.2.7 報告··································································································7

1.3 網絡安全滲透測試需要掌握的技能·················································7

1.4 小結········································8

 

第2章 Kali Linux 2使用基礎··············9

2.1 簡介········································9

2.2 安裝Kali Linux 2······················10

2.2.1 在VMware虛擬機中安裝Kali Linux 2···············10

2.2.2 在樹莓派中安裝Kali Linux 2···12

2.3 Kali Linux 2的常用操作·············15

2.3.1 文件系統····························17

2.3.2 常用命令····························19

2.3.3 對Kali Linux 2的網絡進行配置·················21

2.3.4 在Kali Linux 2中安裝第三方應用程序·················25

2.3.5 對Kali Linux 2網絡進行SSH遠程控制····················25

2.3.6 Kali Linux 2的更新操作········29

2.4 VMware的高級操作··················29 

2.4.1 在VMware中安裝其他操作系統···············29

2.4.2 VMware中的網絡連接··········30

2.4.3 VMware中的快照與克隆功能···················32

2.5 小結······································33

 

第3章 Python語言基礎部分·············34

3.1 Python語言基礎·······················35

3.2 在Kali Linux 2系統中安裝Python編程環境 ································ 35 

3.3 編寫第一個 Python程序 ············· 43 

3.4 選擇結構 ································ 44 

3.5 循環結構 ································ 45 

3.6 數字和字符串 ·························· 47 

3.7 列表、元組和字典 ···················· 49 

3.7.1 列表 ·································· 49 

3.7.2 元組 ·································· 50 

3.7.3 字典 ·································· 50 

3.8 函數與模塊 ····························· 51 

3.9 文件處理 ································ 53 

3.10 小結 ····································· 54

 

第 4章 安全滲透測試的常見模塊·······55 

4.1 Socket模塊文件 ······················· 55 

4.1.1 簡介 ·································· 56 

4.1.2 基本用法 ···························· 57 

4.2 python-nmap模塊文件 ················ 60 

4.2.1 簡介 ·································· 61

4.2.2 基本用法 ···························· 62 

4.3 Scapy模塊文件 ························ 66 

4.3.1 簡介 ·································· 66 

4.3.2 基本用法 ···························· 67 

4.4 小結 ······································ 76

 

第 5章 信息收集···································77 

5.1 信息收集基礎 ·························· 78 

5.2 主機狀態掃描 ·························· 79 

5.2.1 基於 ARP的活躍主機發現技術 ·································· 80 

5.2.2 基於 ICMP的活躍主機發現技術 ·································· 85 

5.2.3 基於 TCP的活躍主機發現技術 ·································· 90 

5.2.4 基於 UDP的活躍主機發現技術 ·································· 93 

5.3  埠掃描 ································ 94 

5.3.1 基於 TCP全開的埠掃描技術 ·································· 95 

5.3.2 基於 TCP半開的埠掃描技術 ·································· 98 

5.4 服務掃描 ·······························101 

5.5 操作系統掃描 ·························105 

5.6 小結 ·····································108

 

第 6章 對漏洞進行滲透(基礎部分)······························110 

6.1 測試軟件的溢出漏洞 ················ 110 

6.2 計算軟件溢出的偏移地址 ·········· 114 

6.3 查找JMP ESP指令··················· 117 

6.4 編寫滲透程序 ·························120 

6.5 壞字符的確定 ·························123 

6.6 使用Metasploit生成 shellcode ·····126 

6.7 小結·····································130

 

第 7章 對漏洞進行滲透(高級部分) ······························131 

7.1  SEH溢出簡介 ·························132 

7.2  編寫基於 SEH溢出滲透模塊的要點······································134 

7.2.1 計算到 catch位置的偏移量····135 

7.2.2 查找 POP/POP/RET地址·······141 

7.3  編寫滲透模塊 ·························142 

7.4 小結 ·····································145

 

第8章 網絡嗅探與欺騙 ··············· 146

8.1 網絡數據嗅探 ·························147

8.1.1 編寫一個網絡嗅探工具 ·········147

8.1.2 調用 Wireshark 查看數據包 ······························150

8.2 ARP的原理與缺陷 ···················152

8.3 ARP欺騙的原理 ······················153

8.4 中間人欺騙 ····························156

8.5 小結 ·····································164

 

第9章 拒絕服務攻擊 ·················· 165

9.1 數據鏈路層的拒絕服務攻擊 ·······166

9.2 網絡層的拒絕服務攻擊 ·············169

9.3 傳輸層的拒絕服務攻擊 ·············171

9.4 基於應用層的拒絕服務攻擊 ·······173

9.5 小結 ·····································179

 

第10章 身份認證攻擊 ················ 181

10.1 簡單網絡服務認證的攻擊 ·········182

10.2 編寫破解密碼字典 ··················183

10.3 FTP暴力破解模塊 ··················187

10.4 SSH暴力破解模塊 ··················191

10.5 Web暴力破解模塊 ··················194

10.6 使用BurpSuite對網絡認證服務的攻擊 ····································201

10.6.1 基於表單的暴力破解 ··········202

10.6.2 繞過驗證碼(客戶端) ·········212

10.6.3 繞過驗證碼(服務器端) ······214

10.7 小結 ····································215

 

第11章 編寫遠程控制工具 ·········· 216

11.1 遠程控制工具簡介 ··················216

11.2 遠程控製程序的服務器端和客戶端 ·································217

11.2.1 執行系統命令(subprocess模塊) ···············217

11.2.2 遠程控制的服務器端與客戶端(socket模塊實現) ···············221

11.3 將 Python 腳本轉換為exe 文件 ·······························224

11.4 小結 ····································226

 

第12章 無線網絡滲透(基礎部分) ···················· 227

12.1 無線網絡基礎 ························228

12.2 Kali Linux 2 中的無線功能 ········229

12.2.1 無線網絡嗅探的硬件需求和軟件設置 ·························229

12.2.2 無線網絡滲透使用的庫文件 ····························231

12.3 AP掃描器 ····························231

12.4 無線網絡數據嗅探器 ···············233

12.5 無線網絡的客戶端掃描器 ·········234

12.6 掃描隱藏的 SSID ····················235

12.7 繞過目標的 MAC 過濾機制 ······236

12.8 捕獲加密的數據包 ··················238

12.8.1 捕獲 WEP 數據包 ··············238

12.8.2 捕獲 WPA 類型數據包 ········239

12.9 小結 ····································240

 

第13章 無線網絡滲透(高級部分) ···················· 241

13.1 模擬無線客戶端的連接過程 ······241

13.2 模擬 AP 的連接行為················245

13.3 編寫 Deauth 攻擊程序 ··············247

13.4 無線網絡入侵檢測 ··················248

13.5 小結 ····································248

 

第14章 對 Web 應用進行滲透測試 ······················ 249

14.1 滲透測試所需模塊 ··················251

14.1.1 requests 庫的使用 ··············252

14.1.2 其他常用模塊文件 ·············253

14.2 處理 HTTP 頭部 ·····················254

14.3 處理 Cookie ··························254

14.4 捕獲 HTTP 基本認證數據包 ·································256

14.5 編寫 Web 服務器掃描程序 ········257

14.6 暴力掃描出目標服務器上的所有頁面 ······························259

14.7 驗證碼安全 ···························260

14.8 小結 ····································266

 

第15章 生成滲透測試報告 ·········· 267

15.1 滲透測試報告的相關理論 ·········268

15.1.1 目的 ·······························268

15.1.2 內容摘要 ·························268

15.1.3 包含的範圍 ······················268

15.1.4 安全地交付滲透測試報告 ····269

15.1.5 滲透測試報告應包含的內容 ································269

15.2 處理 XML 文件 ······················269

15.3 生成 Excel 格式的滲透報告·······271

15.4 小結 ····································278

 

第16章 Python 取證相關模塊 ······ 279

16.1 MD5值的計算 ·······················279

16.1.1 MD5的相關知識 ···············279

16.1.2 在Python中計算MD5 ········280

16.1.3 為文件計算MD5 ···············280

16.2 對IP地址進行地理定位 ···········281

16.3 時間取證 ······························282

16.4 註冊表取證 ···························283

16.5 圖像取證 ······························284

16.6 小結 ····································285