El objetivo del libro es capacitar a los interesados en la seguridad, aprender a utilizar Python como lenguaje de programación para construir aplicaciones, automatizar y especificar las tareas durante un proceso de auditoría de seguridad (Description in English below).
Se repasan los módulos que ofrece python para extraer información que los servidores exponen de forma pública y los módulos que permiten extraer metadatos de documentos e imágenes, así como extraer información de geolocalización a partir de direcciones IP y nombres de dominio y se cubren conceptos más avanzados, como implementar nuestro propio escáner de puertos con comandos nmap y scapy, entre otros temas.
Description in English: In recent years, Python has become a language widely adopted by the computer security industry due to its simplicity, practicality, and also because of its scripting feature. Its integration with a multitude of third-party libraries suggests Python as a language with multiple possibilities both from the offensive and defensive point of view in terms of security. It has been used for a large number of projects, including Web programming, security tools, scripting, and automation of tasks.
The purpose of the book is to train those interested in security, and on learniing how Python can be used as a programming language, not only to be able to build applications, but also to automate and specify many of the tasks that are performed during a security audit process.Basic programming concepts are reviewed to build your analysis and information extraction tool.
In order to extract information from servers and services that are running information such as domain names and banners, the modules offered by Python for information extraction will be covered. These modules can extract metadata from documents and images, and also extract geolocation information from IP addresses and domain names.
More advanced concepts are also covered, such as implementing your own port scanner with nmap and scapy commands, and how to connect from Python with FTP, SSH, SNMP, Metaspoit and vulnerability scanners such as Nexpose.
#coleccionesabg #it # computación #hacking