Python Tools List 2021

-

Python Tools List 2021


Python Code

Network

  • Scapy: send, sniff and dissect and forge network packets. Usable interactively or as a library
  • pypcapPcapy and pylibpcap: several different Python bindings for libpcap
  • libdnet: low-level networking routines, including interface lookup and Ethernet frame transmission
  • dpkt: fast, simple packet creation/parsing, with definitions for the basic TCP/IP protocols
  • Impacket: craft and decode network packets. Includes support for higher-level protocols such as NMB and SMB
  • pynids: libnids wrapper offering sniffing, IP defragmentation, TCP stream reassembly and port scan detection
  • Dirtbags py-pcap: read pcap files without libpcap
  • flowgrep: grep through packet payloads using regular expressions
  • Knock Subdomain Scan, enumerate subdomains on a target domain through a wordlist
  • SubBrute, fast subdomain enumeration tool
  • Mallory, extensible TCP/UDP man-in-the-middle proxy, supports modifying non-standard protocols on the fly
  • Pytbull: flexible IDS/IPS testing framework (shipped with more than 300 tests)


Debugging and Reverse engineering

  • Paimei: reverse engineering framework, includes PyDBG, PIDA, pGRAPH
  • Immunity Debugger: scriptable GUI and command line debugger
  • mona.py: PyCommand for Immunity Debugger that replaces and improves on pvefindaddr
  • IDAPython: IDA Pro plugin that integrates the Python programming language, allowing scripts to run in IDA Pro
  • PyEMU: fully scriptable IA-32 emulator, useful for malware analysis
  • pefile: read and work with Portable Executable (aka PE) files
  • pydasm: Python interface to the libdasm x86 disassembling library
  • PyDbgEng: Python wrapper for the Microsoft Windows Debugging Engine
  • uhooker: intercept calls to API calls inside DLLs, and also arbitrary addresses within the executable file in memory
  • diStorm: disassembler library for AMD64, licensed under the BSD license
  • python-ptrace: debugger using ptrace (Linux, BSD and Darwin system call to trace processes) written in Python
  • vdb / vtrace: vtrace is a cross-platform process debugging API implemented in python, and vdb is a debugger which uses it
  • Androguard: reverse engineering and analysis of Android applications
  • Capstone: lightweight multi-platform, multi-architecture disassembly framework with Python bindings
  • PyBFD: Python interface to the GNU Binary File Descriptor (BFD) library

Fuzzing

  • Sulley: fuzzer development and fuzz testing framework consisting of multiple extensible components
  • Peach Fuzzing Platform: extensible fuzzing framework for generation and mutation based fuzzing (v2 was written in Python)
  • antiparser: fuzz testing and fault injection API
  • TAOF, (The Art of Fuzzing) including ProxyFuzz, a man-in-the-middle non-deterministic network fuzzer
  • untidy: general purpose XML fuzzer
  • Powerfuzzer: highly automated and fully customizable web fuzzer (HTTP protocol based application fuzzer)
  • SMUDGE
  • Mistress: probe file formats on the fly and protocols with malformed data, based on pre-defined patterns
  • Fuzzbox: multi-codec media fuzzer
  • Forensic Fuzzing Tools: generate fuzzed files, fuzzed file systems, and file systems containing fuzzed files in order to test the robustness of forensics tools and examination systems
  • Windows IPC Fuzzing Tools: tools used to fuzz applications that use Windows Interprocess Communication mechanisms
  • WSBang: perform automated security testing of SOAP based web services
  • Construct: library for parsing and building of data structures (binary or textual). Define your data structures in a declarative manner
  • fuzzer.py (feliam): simple fuzzer by Felipe Andres Manzano

Malware Analysis

  • pyew: command line hexadecimal editor and disassembler, mainly to analyze malware
  • Exefilter: filter file formats in e-mails, web pages or files. Detects many common file formats and can remove active content
  • pyClamAV: add virus detection capabilities to your Python software
  • jsunpack-n, generic JavaScript unpacker: emulates browser functionality to detect exploits that target browser and browser plugin vulnerabilities
  • yara-python: identify and classify malware samples
  • phoneyc: pure Python honeyclient implementation

Web

  • Requests: elegant and simple HTTP library, built for human beings
  • HTTPie: human-friendly cURL-like command line HTTP client
  • ProxMon: processes proxy logs and reports discovered issues
  • WSMap: find web service endpoints and discovery files
  • Twill: browse the Web from a command-line interface. Supports automated Web testing
  • Ghost.py: webkit web client written in Python
  • Windmill: web testing tool designed to let you painlessly automate and debug your web application
  • FunkLoad: functional and load web tester
  • spynner: Programmatic web browsing module for Python with Javascript/AJAX support
  • python-spidermonkey: bridge to the Mozilla SpiderMonkey JavaScript engine; allows for the evaluation and calling of Javascript and functions
  • mitmproxy: SSL-capable, intercepting HTTP proxy. Console interface allows traffic flows to be inspected and edited on the fly
  • pathod / pathoc: pathological daemon/client for tormenting HTTP clients and servers

Other useful libraries and tools

  • iPython: enhanced interactive Python shell with many features for object introspection, system shell access, and its own special command system
  • Beautiful Soup: HTML parser optimized for screen-scraping
  • matplotlib: make 2D plots of arrays
  • Mayavi: 3D scientific data visualization and plotting
  • RTGraph3D: create dynamic graphs in 3D
  • Twisted: event-driven networking engine
  • Suds: lightweight SOAP client for consuming Web Services
  • NetworkX: graph library (edges, nodes)
  • Pandas: library providing high-performance, easy-to-use data structures and data analysis tools
  • pyparsing: general parsing module
  • lxml: most feature-rich and easy-to-use library for working with XML and HTML in the Python language
  • Whoosh: fast, featureful full-text indexing and searching library implemented in pure Python
  • Pexpect: control and automate other programs, similar to Don Libes `Expect` system
  • Sikuli, visual technology to search and automate GUIs using screenshots. Scriptable in Jython
  • PyQt and PySide: Python bindings for the Qt application framework and GUI library

Books

  • Violent Python by TJ O’Connor. A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
  • Grey Hat Python by Justin Seitz: Python Programming for Hackers and Reverse Engineers.
  • Black Hat Python by Justin Seitz
  • Python for Secret Agents by Steven F. Lott. Analyze, encrypt, and uncover intelligence data using Python
  • usil: Python library used to write fuzzing program

wire shark- 5 Best Hacking Tools For Windows 10



Comments

Post a Comment

Popular posts from this blog

The Top 10 Python Frameworks For Web Development💻

-
Image
The Top 10 Python Frameworks For Web Development Get the “ Top 10 Python Web Frameworks ” build, which contains a version of Python and most of the tools listed in this post so you can test them out for yourself. Python web frameworks have always been key to web development, even though Python gets a lot of kudos for its use in the Machine Learning space these days. In fact, whenever I whip up a prototype of a new idea, I usually wrap it around a web server before I test it out, or ask others to evaluate it. A web-based interface makes it far easier to interact with prototypes. In most cases, you don’t even need a GUI – a simple API served up by a web server can make your prototype just as easy to interact with. I usually pick a quick and easy web server like Python’s Flask, but there are hundreds of web frameworks in Python. This post highlights many of the major Python web frameworks, from the old guard that have been under development for more than a decade (like Django) to newcomer
Read more

6 Jobs You Can Land If You Learn Python

-
  6 Jobs You Can Land If You Learn Python Learning Python has gone mainstream. If you haven’t noticed, hundreds of today’s most successful  tech companies are using Python , including Instagram, Netflix, Reddit, Lyft, Google, and Spotify. But it’s also being used at the New York Times, Bloomberg, and even at your local bank. 1. Python Developer Becoming a Python developer is the most direct job out there for someone who knows the Python programming language. A Python developer can be expected to: Build websites Optimize data algorithms Solve data analytics problems Implementing security and data protection Writing reusable, testable and efficient code A wide array of companies listed with Randstad are looking for Python developers. Learn Python today, and tomorrow you could end up as a Python developer working at a startup like Lyft, or larger company like ADP. 2. Product Manager Product managers are responsible for researching new user features, find gaps in the market, and make an ar
Read more

TOP 5 LIVE CYBER ATTACK MAPS FOR VISUALIZING DIGITAL THREAT 🔴

-
Image
TOP 5 LIVE CYBER ATTACK MAPS FOR VISUALIZING DIGITAL THREAT  Recently, Broimum has conducted a  study  that shows how digital crime revenue has grown to 1.5 trillion dollars annually in illicit profits.  GitHub ,  EA  , and many other popular websites now face larger, hi-tech attacks every day, all while falling victim to the growing trend of cybercrime. Frantic internet users are asking questions like, Who is behind the attacks? Where are these attacks coming from? What’s the top attacker host? These questions can be answered by exploring the logs, then performing lookups for all available information. How does a DDoS attack work? A DDoS attack requires the attacker to gain control of a network of online machines. Computers are infected with malware, turning them into a bot. Then, the attacker has control over the group of bots, now called a botnet. Once a botnet is established, the attacker will send instructions to each bot from a remote control. Once the IP address is targeted, eac
Read more