Pen testing can be mundane and tedious work, which can cause people to lose track and make mistakes. Scripting helps document the process while automating the workflow and cutting down on errors. In this episode, you can learn about four different scripting programs: Bash (Bourne Again Shell), PowerShell, Ruby, and Python. Familiarize yourself with variables, substitutions, common operations, logic, basic I/O, error handling, arrays, and encoding/decoding.
- Many times, as you engage in penetration testing,…you're going to be typing commands over and over again.…And they may be the exact same commands,…which is really tedious,…or they could be almost the same command,…but something's changed.…For example, let's say that you want to launch nmap…on a series of hosts, a series of targets.…Yes, you can create lists and pass them to nmap,…or you could write a little program…that would actually do it for you and issue these commands…because maybe you want to issue an nmap command…and based on the response, you want to issue…some other commands for the same target…or for the same port or port range.…
Whatever you want to do,…it's easier to automate these activities…because when you start typing things over and over again,…it gets tedious and actually, even worse than that,…it's prone to error.…So in penetration testing, we commonly will automate tasks…through the use of scripts.…Now, scripts will allow us to create these tasks…that we don't have to type over and over again.…
Share this video
Embed this video
Video: Using scripting in pen testing