Top Python Libraries used by Hackers

(thread)
1. socket: A library that provides low-level core networking services.
2. scapy: A powerful interactive packet manipulation library and tool.
3. recon-ng: A web reconnaissance framework written in Python.
4. requests: A library for sending HTTP requests in Python.
5. beautifulsoup: A library for pulling data out of HTML and XML files.
6. mona: A plugin for Immunity Debugger that provides a collection of Python scripts for exploit development and reverse engineering.
7. pwntools: A CTF framework and exploit development library in Python.
8. A 59-second video with @HackerSploit in which I go through all of them: youtube.com/shorts/IUXkkZ5…
9. If you enjoyed this thread, there's much more to come! So, stay tuned.

Motivate me to continue posting by liking, retweeting, and following me @cristivlad25.

#pentesting #appsec #infosec #cybersecurity #hacking #bugbountytips #appsec

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with 🇷🇴 cristi

🇷🇴 cristi Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @CristiVlad25

Jan 21
Look for these file extensions in your pentests and appsec assessments.

(thread)
1. .env - commonly used to store environment variables, including sensitive information such as passwords and tokens.
2. .yml/.yaml - commonly used in configuration files for software written in programming languages like Ruby, Python and JavaScript.
Read 13 tweets
Jan 20
In this week's newsletter:

- iOS Pentesting | ChatGPT my Teacher | Recon -

(thread) Image
1. How I'm using ChatGPT as a virtual teacher. And of course, how you can use it too.
2. My greatest pentesting challenge for this week.
Read 5 tweets
Jan 19
Squeezing the juices out of robots.txt.

A fully automated workflow that you've never seen before.

(thread)
1. This script scrapes the disallowed paths from the robots.txt files of a list of domains and saves them to a single file. It also removes any unwanted entries and sorts the file in a particular way.

Can you write it yourself? Here’s how the script should look like.
2. Create a directory called "massrobots" in the pwd. This is where you'll save all the robots.txt files for later processing.
Read 15 tweets
Jan 19
The 4 Pentesting Learning Paths by @RealTryHackMe.

(thread)
1. CompTIA Pentest+ Pathway (Easy)

Gain hands-on exercises and practical exam preparation to prepare you for the CompTIA PenTest+ exam.

Go here: tryhackme.com/path-action/pe…
2. Jr Penetration Tester Pathway (Intermediate)

This pathway gives you with the practical skills to perform security assessments against web applications and enterprise infrastructure.

Go here: tryhackme.com/path-action/jr…
Read 6 tweets
Jan 18
2023 Hacker's Guide: How to Break into Pentesting and AppSec.

(thread)
1. Hands down, one of the best practical resources is @RealTryHackMe. I would take the "Complete Beginner" learning path, then the "Jr. Penetration Tester" path. It will get you off the ground in no time.

tryhackme.com/path-action/be…
2. Simultaneously, I would practice at @PortSwigger Academy. Personally, I'd focus on all things Broken Access Control.

portswigger.net/web-security/a…
Read 8 tweets
Jan 17
Ultimate GraphQL Recon.

(thread) Image
1. Fingerprint the API endpoint using graphw00f.

github.com/dolevf/graphw0…
2. Check the results against the Threat Matrix.

github.com/nicholasaleks/…
Read 7 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(