With so many amazing books out there in the cyber security and Python programming space, written by brilliant people, what does this book have to offer that’s different? It’s a very valid question, so now let’s try to answer this.
This book makes a humble attempt to capture the practical and hands-on experience I have acquired working with Python and the penetration testing space over the past few years. It is a unique amalgamation of Python, penetration testing/offensive security, defensive security, and machine learning use cases in the pentesting ecosystem. The book starts off gently, covering all the key concepts of Python, enabling the reader to acquire a very decent grasp of Python by the end of the first four chapters, before then clicking into gear and delving into the hard core automation of penetration testing and cyber security use cases. Readers will find out how to develop industry standard vulnerability scanners from scratch, identical to Nessus and Qualys. The book then explores concepts concerning web application vulnerabilities, their exploitation, and automating web exploitation with custom tailored exploits. It also affords very deep insights into reverse engineering, fuzzing, and buffer overflow vulnerabilities in both Windows and Linux environments, utilizing Python as a centerpiece. There is a section dedicated to custom exploit development, with a focus on evading antivirus detection. The book also has a chapter dedicated to developing a web crawler and its utilization in the cyber security space. The book also gives decent insights on defensive security concepts, talking about cyber threat intelligence, and how a custom threat scoring algorithm can be developed. The book concludes with many other beneficial use cases of Python, such as developing a custom keylogger.