Black-Hat-Python

Connect With Me

💰 You can help me by Donating

Note

This repository contains tools and scripts sourced from various GitHub repositories and other open-source platforms. All original works are credited to their respective authors. If you are the owner of any content and wish to have it removed, please contact the repository author directly. This project is intended for educational and ethical purposes only. Unauthorized use, distribution, or modification of these tools without proper consent is prohibited. By using this repository, you agree to comply with all applicable laws and ethical guidelines. The author is not responsible for any misuse or damage caused by the tools provided herein.

Source

• blackhat-python3
• Mastering Python Scripting for System Administrators
• python-pentest-tools

Table of Content

Python Networking

• TCP Client
• UDP Client
• TCP Server
• Netcat Client & Server for Remote code execution
• TCP Proxy
• SSH with Paramiko
• Basic SSH server using the paramiko
• SSH reverse tunneling
• Simple SSH server
• Packet Sniffer Using raw sockets
• Packet Sniffer Decoding Header
• Packet Sniffer Decoding ICMP
• Python Subnet Scanner with ICMP Packet Analysis
• Email Credential Sniffer in Python
• ARP Cache Poisoning with Scapy
• PCAP Image Extractor & Face Detector
• Brute-force HTTP authentication scan
• Check Open and Closed Ports on a Remote Host
• Multithreaded TCP Port Scanning
• Scanning a Range of Ports on a Remote Host
• Test a Socket Connection to a Remote Host
• Resolve Host Name from an IP Address

Web Hacking

• Web Path Scanner (Joomla Site Crawler)
• Directory & File Bruteforcer
• Multi-threaded Brute-Force Login Script
• multi-threaded brute-force attack on a WordPress login page

Burp Fuzzing

• Burp Suite Intruder Payload Generator (Python Extension)
• Burp Suite Extension: BHP Wordlist (Bing Search Integration)
• Burp Suite Extension: BHP Wordlist Generator

Github Command and Control

• GitHub-based trojan

Trojaning Tasks on Windows

• keylogger
• Captures a screenshot of the entire desktop on a Windows system
• Execute shellcode from a web server
• Sandbox Detection
• Monitor processes on a Windows system
• Monitor specific directories
• Code Injection

Browser Attacks

• Browser Hijacking and Login Redirect
• Simple HTTP Server for Capturing Credentials
• Document Exfiltration Using Tumblr
• Generates a new RSA key pair with a 2048-bit key length
• Decrypts and decompresses the encrypted data

Forensics

• Extract password hashes from a Windows memory dump using Volatility 3
• Redirect execution to the injected shellcode
• Immunity Debugger

Automating Administrative Task

• Accept input from a file.
• Accept input from a pipe.
• Capture and process command output.
• Execute external system commands.
• Generate and handle warning messages.
• Example of using getpass for secure password input.
• Handle password input securely.
• List directory contents.
• Example of using Python's logging module.
• Log warnings and error codes.
• Run scripts without user prompts.
• Open a web page or URL.
• Example of using os module for directory operations.
• Reprompt for password input.
• Set CPU usage limits for processes.
• Read and parse configuration files.
• Read and process multiple configuration files.
• Redirect input/output streams.
• Create backups of files or directories.
• Run scripts with user prompts.

Books

• Violent Python
• Grey Hat Python
• Black Hat Python
• Python Penetration Testing Essentials
• Python for Secret Agents
• Python Web Penetration Testing Cookbook
• Learning Penetration Testing with Python
• Python Forensics
• The Beginner's Guide to IDAPython
• Python for Offensive PenTest: A Practical Guide to Ethical Hacking and Penetration Testing Using Python

Python Tools for Penetration Testing

Network

• Scapy: send, sniff and dissect and forge network packets. Usable interactively or as a library
• Impacket: craft and decode network packets. Includes support for higher-level protocols such as NMB and SMB
• SMBMap: enumerate Samba share drives across an entire domain
• dpkt: fast, simple packet creation/parsing, with definitions for the basic TCP/IP protocols
• AutoRecon: Multi-threaded network reconnaissance tool
• Mitm6: IPv6-based MITM tool that exploits IPv6 features to conduct man-in-the-middle attacks
• Habu: python network hacking toolkit
• Knock Subdomain Scan, enumerate subdomains on a target domain through a wordlist
• SubBrute, fast subdomain enumeration tool
• pypcap, Pcapy, Pcapy-NG and libpcap: several different Python bindings for libpcap
• libdnet: low-level networking routines, including interface lookup and Ethernet frame transmission
• Mallory, extensible TCP/UDP man-in-the-middle proxy, supports modifying non-standard protocols on the fly
• Pytbull-NG: flexible IDS/IPS testing framework (shipped with more than 300 tests)
• Spoodle: A mass subdomain + poodle vulnerability scanner

Debugging and reverse engineering

• Frida: A dynamic instrumentation framework which can inject scripts into running processes
• Capstone: lightweight multi-platform, multi-architecture disassembly framework with Python bindings
• Unicorn Engine: CPU emulator framework with Python bindings
• Androguard: reverse engineering and analysis of Android applications
• Paimei: reverse engineering framework, includes PyDBG, PIDA, pGRAPH
• IDAPython: IDA Pro plugin that integrates the Python programming language, allowing scripts to run in IDA Pro
• PyEMU: fully scriptable IA-32 emulator, useful for malware analysis
• pefile: read and work with Portable Executable (aka PE) files
• pydasm: Python interface to the libdasm x86 disassembling library
• PyDbgEng: Python wrapper for the Microsoft Windows Debugging Engine
• diStorm: disassembler library for AMD64, licensed under the BSD license
• python-ptrace: debugger using ptrace (Linux, BSD and Darwin system call to trace processes) written in Python
• Keystone: lightweight multi-platform, multi-architecture assembler framework with Python bindings
• PyBFD: Python interface to the GNU Binary File Descriptor (BFD) library
• CHIPSEC: framework for analyzing the security of PC platforms including hardware, system firmware (BIOS/UEFI), and platform components.
• Ghidatron: The FLARE team's open-source extension to add Python 3 scripting to Ghidra.

Fuzzing

• afl-python: enables American fuzzy lop fork server and instrumentation for pure-Python code
• Sulley: fuzzer development and fuzz testing framework consisting of multiple extensible components
• Peach Fuzzing Platform: extensible fuzzing framework for generation and mutation based fuzzing (v2 was written in Python)
• untidy: general purpose XML fuzzer
• Powerfuzzer: highly automated and fully customizable web fuzzer (HTTP protocol based application fuzzer)
• Construct: library for parsing and building of data structures (binary or textual). Define your data structures in a declarative manner
• Fusil: Python library used to write fuzzing programs

Web

• XSStrike: Advanced XSS detection suite
• Requests: elegant and simple HTTP library, built for human beings
• lxml: easy-to-use library for processing XML and HTML; similar to Requests
• HTTPie: human-friendly cURL-like command line HTTP client
• Twill: browse the Web from a command-line interface. Supports automated Web testing
• FunkLoad: functional and load web tester
• spynner: Programmatic web browsing module for Python with Javascript/AJAX support
• mitmproxy: SSL-capable, intercepting HTTP proxy. Console interface allows traffic flows to be inspected and edited on the fly
• spidy: simple command-line web crawler with page downloading and word scraping
• https://github.com/TrixSec/waymap: web vulnerability scanner built for penetration testers

Forensics

• Volatility: extract digital artifacts from volatile memory (RAM) samples
• Rekall: memory analysis framework developed by Google
• TrIDLib, identify file types from their binary signatures. Now includes Python binding

Malware analysis

• pyew: command line hexadecimal editor and disassembler, mainly to analyze malware
• Exefilter: filter file formats in e-mails, web pages or files. Detects many common file formats and can remove active content
• jsunpack-n, generic JavaScript unpacker: emulates browser functionality to detect exploits that target browser and browser plug-in vulnerabilities
• yara-python: identify and classify malware samples
• phoneyc: pure Python honeyclient implementation
• CapTipper: analyse, explore and revive HTTP malicious traffic from PCAP file
• Cuckoo: Automated malware analysis system
• CAPE: Malware configuration and payload extraction

PDF

• pdfminer.six: extract text from PDF files
• peepdf-3: Python tool to analyse and explore PDF files to find out if they can be harmful
• Didier Stevens' PDF tools: analyse, identify and create PDF files
• pyPDF: pure Python PDF toolkit: extract info, spilt, merge, crop, encrypt, decrypt...

Misc

• Angr: Powerful binary analysis framework for vulnerability research and exploit development
• ScoutSuite: Multi-cloud security auditing tool
• Exomind: framework for building decorated graphs and developing open-source intelligence modules and ideas, centered on social network services, search engines and instant messaging
• simplejson: JSON encoder/decoder, e.g. to use Google's AJAX API
• PyMangle: command line tool and a python library used to create word lists for use with other penetration testing tools
• Hachoir: view and edit a binary stream field by field
• py-mangle: command line tool and a python library used to create word lists for use with other penetration testing tools
• wmiexec.py: execute Powershell commands quickly and easily via WMI
• Pentestly: Python and Powershell internal penetration testing framework
• hacklib: Toolkit for hacking enthusiasts: word mangling, password guessing, reverse shell and other simple tools
• Certipy: Active Directory Certificate Services enumeration and abuse tool
• BloodHound.py: Python-based BloodHound ingestor for Active Directory security assessment

Other useful libraries and tools

• Project Jupyter: enhanced interactive shell with many features for object introspection, system shell access, and its own special command system
• Beautiful Soup: HTML parser optimized for screen-scraping
• matplotlib: make 2D plots of arrays
• Mayavi: 3D scientific data visualization and plotting
• RTGraph3D: create dynamic graphs in 3D
• Twisted: event-driven networking engine
• Suds: lightweight SOAP client for consuming Web Services
• NetworkX: graph library (edges, nodes)
• Pandas: library providing high-performance, easy-to-use data structures and data analysis tools
• pyparsing: general parsing module
• lxml: most feature-rich and easy-to-use library for working with XML and HTML in the Python language
• Whoosh: fast, featureful full-text indexing and searching library implemented in pure Python
• Pexpect: control and automate other programs, similar to Don Libes `Expect` system
• SikuliX, visual technology to search and automate GUIs using screenshots. Scriptable in
• PyQt and PySide: Python bindings for the Qt application framework and GUI library