Essential Python Libraries for Hackers and Security Researchers

It's only fair to share...Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInDigg thisShare on RedditPin on PinterestPrint this pageEmail this to someone

Native Libraries

Most up-to date reference for important native libraries is the official documentations. Since all native libraries are equally important for hackers and security researches, we will not go into such detail here. Please refer to original docimentation index for the full list:

  • https://docs.python.org/2/library/index.html
  • https://docs.python.org/3/library/index.html

However, following libraries needs to be highlighted:

  • File and Directory Access
    • https://docs.python.org/2/library/filesys.html
    • https://docs.python.org/3/library/filesys.html
  • Cryptographic Services
    • https://docs.python.org/2/library/crypto.html
    • https://docs.python.org/3/library/crypto.html
  • Generic Operating System Services
    • https://docs.python.org/2/library/allos.html
    • https://docs.python.org/3/library/allos.html
  • Concurrency
    • https://docs.python.org/2/library/concurrency.html
    • https://docs.python.org/3/library/concurrency.html
  • IPC and Networking
    • https://docs.python.org/2/library/ipc.html
    • https://docs.python.org/3/library/ipc.html
  • Structured Markup Processing Tools
    • https://docs.python.org/2/library/markup.html
    • https://docs.python.org/3/library/markup.html
  • Internet Protocol and Support
    • https://docs.python.org/2/library/internet.html
    • https://docs.python.org/3/library/internet.html
    • Open arbitrary resources by URL
      • https://docs.python.org/2/library/urllib.html
      • https://docs.python.org/3/library/urllib.html
  • Unix Specific Services
    • https://docs.python.org/2/library/unix.html
    • https://docs.python.org/3/library/unix.html

 

  • Support for line-oriented command interpreters
    • https://docs.python.org/2/library/cmd.html
    • https://docs.python.org/3/library/cmd.html
  • Disassembler for Python bytecode
    • https://docs.python.org/2/library/dis.html
    • https://docs.python.org/3/library/dis.html

General Libraries

Virtualenv

Network or Internet Related Libraries

Scapy – Packet manipulation program

Forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can’t handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, …), etc.

  • Interactive tutorial: http://www.secdev.org/projects/scapy/doc/usage.html#interactive-tutorial
  • Interactive session demo: http://www.secdev.org/projects/scapy/demo.html
  • Use Scapy to build your own tools: http://www.secdev.org/projects/scapy/build_your_own_tools.html
  • Official documentation: http://www.secdev.org/projects/scapy/doc/
    • Usage documentation: http://www.secdev.org/projects/scapy/doc/usage.html

BeautifulSoup – Screen-scraping

Python library for pulling data out of HTML and XML files. It works with your favorite parser to provide idiomatic ways of navigating, searching, and modifying the parse tree.

  • Source: http://bazaar.launchpad.net/~leonardr/beautifulsoup/bs4/files
  • Official documentation: https://www.crummy.com/software/BeautifulSoup/bs4/doc/

Mechanize – Automate interaction with HTTP web servers

Stateful programmatic web browsing in Python. Browse pages programmatically with easy HTML form filling and clicking of links.

  • Source: https://github.com/python-mechanize/mechanize
  • Official documentation: https://mechanize.readthedocs.io/en/latest/

[Sample] Combining BeautifulSoup with Mechanize

Source: https://swizec.com/blog/scraping-with-mechanize-and-beautifulsoup/swizec/5039

Selenium Python Binding

Convenient API to access Selenium WebDrivers like Firefox, Ie, Chrome, Remote etc.

  • Getting started: http://selenium-python.readthedocs.io/getting-started.html
  • Official documentation: http://selenium-python.readthedocs.io/index.html

[Sample] Combining Selenium with BeautifulSoup

Source: https://coderwall.com/p/vivfza/fetch-dynamic-web-pages-with-selenium

Zeep – SOAP Client

Zeep inspects the WSDL document and generates the corresponding code to use the services and types in the document. This provides an easy to use programmatic interface to a SOAP server.

Homepage: http://docs.python-zeep.org/en/master/

Python-nmap

  • Homepage: http://xael.org/pages/python-nmap-en.html
  • Bitbucket: https://bitbucket.org/xael/python-nmap

Sully – Fully automated and unattended fuzzing framework

  • Github: https://github.com/OpenRCE/sulley

Binary Analysis Related Libraries

PyHooks – Python wrapper for global input hooks in Windows

Provides callbacks for mouse and keyboard events; events can be monitored and filtered.

  • Homepage: https://sourceforge.net/projects/pyhook/
  • Since this is no longer maintained better to use ctypes “windll.user32”: https://github.com/m1lhaus/woofer/blob/master/components/winkeyhook.p

pefile – Parse and work with PE files

Inspecting headers, analysis of sections’ data, retrieving embedded data, reading strings from the resources. warnings for suspicious and malformed values, Overwriting fields, Packer detection with PEiD’s signatures, PEiD signature generation. Support to write to some of the fields and to other parts of the PE.

  • Homepage / Github: https://github.com/erocarrera/pefile

Pydasm – Disassembler

  • Homepage / Github: https://github.com/axcheron/pydasm

PyDbg – win32 debugger interface

  • Github: https://github.com/OpenRCE/pydbg
  • Presentation: https://www.exploit-db.com/docs/21086.pdf

Automation Related Libraries

Pexpect – Controlling other applications

Pexpect is a pure Python module for spawning child applications; controlling them; and responding to expected patterns in their output.

  • Homepage: https://pexpect.readthedocs.io/en/stable/
  • Github: https://github.com/pexpect/pexpect

Paramiko – SSHv2 protocol implementation

  • Homepage: http://www.paramiko.org/
  • API documentation: http://docs.paramiko.org/en/2.2/

 

It's only fair to share...Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInDigg thisShare on RedditPin on PinterestPrint this pageEmail this to someone

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">