InfoSec Things with Python
InfoSec Things You Can Do with a little Python
programming experience helpful, but not required
An idea for presentation or two, feedback appreciated
- contribute bugs, code, documentation, and tests to projects
- do simple or complex data analysis, and make charts and graphs
- Jupyter, Pandas : https://infosecjupyterthon.com/introduction.html
- capture, analyse, and manipulate packets
- scapy: https://scapy.readthedocs.io/en/latest/
- reformat and decode data
- unhexlify, codecs etc => Didier Steven’s tools: https://github.com/DidierStevens/DidierStevensSuite
- check entropy and detect computer-generated data strings: https://github.com/sans-blue-team/freq.py
- upload and download files over http(s) and and other means
- http.server, requests
- hit an API and get stuff
- exploit vulnerabilities
python -c "print('{}'.format('A' * 1024))"
- automate & extend security tools:
- Ghidra eg: https://github.com/ghidraninja/ghidra_scripts
- Burp Suite https://portswigger.net/burp/documentation/desktop/tools/extender , ZAP https://github.com/zaproxy/zap-api-python
- Metasploit Framework https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/example.py etc.
- get a (better) terminal session
python3 -c "import pty;pty.spawn('/bin/whoami')"
- (advanced) integrate tools and glue systems together
- (advanced) make entirely new tools
etc
- Cool python3 programming tricks:
- speciality dictionaries like Counter: https://docs.python.org/3/library/collections.html
- small projects or use cases to work on
- books (NoStarch) and courses recommendations (SEC573)
Written on April 20, 2022