- [Instructor] It's occasionally useful…when testing to use raw packets to probe a target.…We can do this in Python by invoking the Scapy library.…Scapy is a Python tool,…but it also comes as a library…to use within your own Python script.…It enables you to create each of the layers of a packet,…and within these layers,…set all or any of the fields.…Let's try a simple demonstration of Scapy,…creating a send flood.…Here we can see the flood routine,…setting up a loop for the source port,…and creating a send packet with its IP address…and TCP address,…and sending it to the target.…
Okay, we can run this script…against our Metasploitable server now.…This is sending a lot of packets out.…Of course this isn't a sophisticated flood,…but it does show the power of Scapy.…
Author
Malcolm Shore
Released
10/23/2017Cybersecurity expert Malcolm Shore reviews popular pen testing tools, as well as the Bash and Python scripting skills required to be able to acquire, modify, and re-use exploit code. He also provides a refresher on Kali Linux and introduces techniques for testing web services. At the end of this course, you'll be prepared to take more advanced training, and to pursue the popular Offensive Security Certified Professional (OSCP) certification.
- Pen testing overview
- Pen testing tools
- Bash scripting
- Python scripting
- Kali and Metasploit
- Web testing
- Finding exploit code
Skill Level Intermediate
Duration
Views
-
Introduction
-
Welcome1m 14s
-
Course disclaimer1m 8s
-
-
1. What is Pen Testing?
-
Pen testing overview8m 54s
-
The cyber kill chain7m 1s
-
-
2. Pen Testing Tools
-
An Nmap refresher4m 33s
-
A Netcat refresher4m 39s
-
-
3. Bash Scripting
-
Refreshing your bash skills2m 29s
-
Using functions in bash1m 19s
-
-
4. Python Scripting
-
Using the system functions1m 47s
-
Using networking functions1m 47s
-
Working with websites3m 48s
-
Accessing SQLite databases1m 51s
-
5. Kali and Metasploit
-
A Kali refresher2m 23s
-
Fuzzing with Spike2m 38s
-
A refresher on Metasploit4m 48s
-
Exploiting with Armitage6m 8s
-
-
6. Web Testing
-
Approaching web testing3m 31s
-
Fingerprinting webservers4m 44s
-
-
7. Understanding Exploit code
-
Exploiting a target8m 26s
-
Understanding code injection14m 15s
-
Finding exploit code2m 35s
-
-
Conclusion
-
What's next1m 27s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Using Scapy to work with packets