Details

Python is an easy-to-learn and cross-platform programming language which has unlimited third-party libraries. Plenty of open source hacking tools are written in Python and can be easily integrated within your script. This book is divided into clear bite-size chunks so you can learn at your own pace and focus on the areas of most interest to ...

• Cover
• Title Page
• Copyright and Credits
• Packt Upsell
• Contributors
• Table of Contents
• Preface
• Chapter 1: Warming up – Your First Antivirus-Free Persistence Shell
  • Preparing the attacker machine
    • Setting up internet access
  • Preparing the target machine
  • TCP reverse shell
    • Coding a TCP reverse shell
      • Server side
      • Client side
    • Data exfiltration – TCP
      • Server side
      • Client side
    • Exporting to EXE
  • HTTP reverse shell
    • Coding the HTTP reverse shell
      • Server side
      • Client side
    • Data exfiltration – HTTP
      • Client side
      • Server side
    • Exporting to EXE
  • Persistence
    • Making putty.exe persistent
    • Making a persistent HTTP reverse shell
  • Tuning the connection attempts
  • Tips for preventing a shell breakdown
  • Countermeasures
  • Summary
• Chapter 2: Advanced Scriptable Shell
  • Dynamic DNS
    • DNS aware shell
  • Interacting with Twitter
    • Parsing a tweet in three lines
    • Countermeasures
  • Replicating Metasploit's screen capturing
  • Replicating Metasploit searching for content
    • Target directory navigation
  • Integrating low-level port scanner
  • Summary
• Chapter 3: Password Hacking
  • Antivirus free keylogger
    • Installing pyHook and pywin
    • Adding code to keylogger
  • Hijacking KeePass password manager
  • Man in the browser
    • Firefox process
  • Firefox API hooking with Immunity Debugger
  • Python in Firefox proof of concept (PoC)
  • Python in Firefox EXE
  • Dumping saved passwords out of Google Chrome
    • Acquiring the password remotely
  • Submitting the recovered password over HTTP session
    • Testing the file against antivirus
  • Password phishing – DNS poisoning
    • Using Python script
  • Facebook password phishing
  • Countermeasures
    • Securing the online account
    • Securing your computer
    • Securing your network
    • Keeping a watch on any suspicious activity
  • Summary
• Chapter 4: Catch Me If You Can!
  • Bypassing host-based firewalls
    • Hijacking IE
  • Bypassing reputation filtering in next generation firewalls
    • Interacting with SourceForge
    • Interacting with Google Forms
  • Bypassing botnet filtering
    • Bypassing IPS with handmade XOR encryption
  • Summary
• Chapter 5: Miscellaneous Fun in Windows
  • Privilege escalation – weak service file
  • Privilege escalation – preparing vulnerable software
  • Privilege escalation – backdooring legitimate windows service
  • Privilege escalation – creating a new admin account and covering the tracks
  • Summary
• Chapter 6: Abuse of Cryptography by Malware
  • Introduction to encryption algorithms
  • Protecting your tunnel with AES – stream mode
    • Cipher Block Chaining (CBC) mode encryption
    • Counter (CTR) mode encryption 
  • Protecting your tunnel with RSA
  • Hybrid encryption key
  • Summary
• Other Books You May Enjoy
• Index