Journey into the world of hacking and cyber security with Python programming
Chirag Jariwala (~chirag18) |
root@pycon2018:~# python zer0-day_exploit.py
[+] Checking for vulnerability....
[+] Triggering BoF....
[+] Sending staged payload...
[+] Waiting for server response...
- Do you want to know how hackers use Python for development of their hacking tools and arsenal?
- Have you ever thought how hackers compromise vulnerable computers around the globe with the power of automation that comes with python?
If you are looking for answers to these quentions then you have come to right place...
In this talk, I will demonstrate various use cases of python programming in hacking and cybersecurity. We will go through various python libraries such as Sockets, Httplib2, Scapy, Shodan etc. In the beginning, we will see the various Python implementations to perform computer networks auditing and attacks such as port scanning, ARP spoofing, DoS attack and remote code execution with buffer overflow vulnerability.
Shodan is the search engine for computers and IoT devices connected to the internet around the globe and has API wrapper as a python library. With shodan, I will demonstrate how we can look up for IoT devices. We will see python script in action using shodan to find MQTT brokers to extract GPS information out of them via CVE-2017-7650 vulnerability and due to poor access control list configuration in them.
- Python programming
- Basics of computer networking
I am Chirag Jariwala (@CJHackerz), B.Tech (4th year) Information Technology student from SRM Institute of Science and Technology - Chennai.
I am independent cybersecurity analyst and researcher and have been self-learner in this space quite for a while. I use lots of python scripting in my hacking adventures. I have done numerous workshops and training to teach people about ethical hacking and penetration testing inside my university campus. Have been active community member and given few talks at Null Chennai Chapter (an open source cyber security community which hosts meets for OWASP).
- GitHub: https://github.com/CJHackerz
- Twitter: https://twitter.com/cjhackerz
- LinkedIn: https://www.linkedin.com/in/cjhackerz/
- Null community profile: https://null.co.in/profile/8808-script-alert-chirag-jariwala-script