Most up-to date reference for important native libraries is the official documentations. Since all native libraries are equally important for hackers and security researches, we will not go into such detail here. Please refer to original docimentation index for the full list:
However, following libraries needs to be highlighted:
- File and Directory Access
- Cryptographic Services
- Generic Operating System Services
- IPC and Networking
- Structured Markup Processing Tools
- Internet Protocol and Support
- Open arbitrary resources by URL
- Unix Specific Services
- Support for line-oriented command interpreters
- Disassembler for Python bytecode
Network or Internet Related Libraries
Scapy – Packet manipulation program
Forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can’t handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, …), etc.
- Interactive tutorial: http://www.secdev.org/projects/scapy/doc/usage.html#interactive-tutorial
- Interactive session demo: http://www.secdev.org/projects/scapy/demo.html
- Use Scapy to build your own tools: http://www.secdev.org/projects/scapy/build_your_own_tools.html
- Official documentation: http://www.secdev.org/projects/scapy/doc/
- Usage documentation: http://www.secdev.org/projects/scapy/doc/usage.html
BeautifulSoup – Screen-scraping
Python library for pulling data out of HTML and XML files. It works with your favorite parser to provide idiomatic ways of navigating, searching, and modifying the parse tree.
- Source: http://bazaar.launchpad.net/~leonardr/beautifulsoup/bs4/files
- Official documentation: https://www.crummy.com/software/BeautifulSoup/bs4/doc/
Mechanize – Automate interaction with HTTP web servers
Stateful programmatic web browsing in Python. Browse pages programmatically with easy HTML form filling and clicking of links.
- Source: https://github.com/python-mechanize/mechanize
- Official documentation: https://mechanize.readthedocs.io/en/latest/
[Sample] Combining BeautifulSoup with Mechanize
from bs4 import BeautifulSoup
browser['field1'] = 'value'
browser['field2'] = 'value'
browser['field3'] = 'value'
soup = BeautifulSoup(browser.response().read())
body_tag = soup.body
all_paragraphs = soup.find_all('p')
logo_img = soup.find('header').find('div', id="logo").img
Selenium Python Binding
Convenient API to access Selenium WebDrivers like Firefox, Ie, Chrome, Remote etc.
- Getting started: http://selenium-python.readthedocs.io/getting-started.html
- Official documentation: http://selenium-python.readthedocs.io/index.html
[Sample] Combining Selenium with BeautifulSoup
from selenium.webdriver.support.ui import WebDriverWait
from selenium.webdriver.support import expected_conditions as EC
from selenium.webdriver.common.by import By
from selenium import webdriver
# Start the WebDriver and load the page
wd = webdriver.Firefox()
# Wait for the dynamically loaded elements to show up
# This should be changed based on the requirement (dynamic source)
# And grab the page HTML source
html_page = wd.page_source
# Now you can use html_page as you like
from bs4 import BeautifulSoup
soup = BeautifulSoup(html_page)
Zeep – SOAP Client
Zeep inspects the WSDL document and generates the corresponding code to use the services and types in the document. This provides an easy to use programmatic interface to a SOAP server.
- Homepage: http://xael.org/pages/python-nmap-en.html
- Bitbucket: https://bitbucket.org/xael/python-nmap
Sully – Fully automated and unattended fuzzing framework
- Github: https://github.com/OpenRCE/sulley
Binary Analysis Related Libraries
PyHooks – Python wrapper for global input hooks in Windows
Provides callbacks for mouse and keyboard events; events can be monitored and filtered.
- Homepage: https://sourceforge.net/projects/pyhook/
- Since this is no longer maintained better to use ctypes “windll.user32”: https://github.com/m1lhaus/woofer/blob/master/components/winkeyhook.p
pefile – Parse and work with PE files
Inspecting headers, analysis of sections’ data, retrieving embedded data, reading strings from the resources. warnings for suspicious and malformed values, Overwriting fields, Packer detection with PEiD’s signatures, PEiD signature generation. Support to write to some of the fields and to other parts of the PE.
- Homepage / Github: https://github.com/erocarrera/pefile
Pydasm – Disassembler
- Homepage / Github: https://github.com/axcheron/pydasm
PyDbg – win32 debugger interface
- Github: https://github.com/OpenRCE/pydbg
- Presentation: https://www.exploit-db.com/docs/21086.pdf
Automation Related Libraries
Pexpect – Controlling other applications
Pexpect is a pure Python module for spawning child applications; controlling them; and responding to expected patterns in their output.
- Homepage: https://pexpect.readthedocs.io/en/stable/
- Github: https://github.com/pexpect/pexpect
Paramiko – SSHv2 protocol implementation
- Homepage: http://www.paramiko.org/
- API documentation: http://docs.paramiko.org/en/2.2/