{"id":411,"date":"2011-06-29T21:38:50","date_gmt":"2011-06-29T21:38:50","guid":{"rendered":""},"modified":"2011-11-21T19:54:09","modified_gmt":"2011-11-21T11:54:09","slug":"411","status":"publish","type":"post","link":"http:\/\/zerobox.org\/notes\/411.html","title":{"rendered":"\u8fd0\u7528python\u6e17\u900f"},"content":{"rendered":"

\n

Network<\/h3>\n
\n
Scapy<\/a>: send, sniff and dissect and forge network packets. Usable interactively or as a library<\/li>\n
pypcap<\/a>, Pcapy<\/a> and pylibpcap<\/a>: several different Python bindings for libpcap<\/li>\n
libdnet<\/a>: low-level networking routines, including interface lookup and Ethernet frame transmission<\/li>\n
dpkt<\/a>: fast, simple packet creation\/parsing, with definitions for the basic TCP\/IP protocols<\/li>\n
Impacket<\/a>: craft and decode network packets. Includes support for higher-level protocols such as NMB and SMB<\/li>\n
pynids<\/a>: libnids wrapper offering sniffing, IP defragmentation, TCP stream reassembly and port scan detection<\/li>\n
Dirtbags py-pcap<\/a>: read pcap files without libpcap<\/li>\n
flowgrep<\/a>: grep through packet payloads using regular expressions<\/li>\n
httplib2<\/a>: comprehensive HTTP client library that supports many features left out of other HTTP libraries<\/li>\n
Knock Subdomain Scan<\/a>, enumerate subdomains on a target domain through a wordlist<\/li>\n
Mallory<\/a>, man-in-the-middle proxy for testing<\/li>\n
mitmproxy<\/a>: SSL-capable, intercepting HTTP proxy. Console interface allows traffic flows to be inspected and edited on the fly<\/li>\n<\/ul>\n
Debugging and reverse engineering<\/h3>\n
\n
Paimei<\/a>: reverse engineering framework, includes PyDBG<\/a>, PIDA, pGRAPH<\/li>\n
Immunity Debugger<\/a>: scriptable GUI and command line debugger<\/li>\n
IDAPython<\/a>: IDA Pro plugin that integrates the Python programming language, allowing scripts to run in IDA Pro<\/li>\n
PyEMU<\/a>: fully scriptable IA-32 emulator, useful for malware analysis<\/li>\n
pefile<\/a>: read and work with Portable Executable (aka PE) files<\/li>\n
pydasm<\/a>: Python interface to the libdasm<\/a> x86 disassembling library<\/li>\n
PyDbgEng<\/a>: Python wrapper for the Microsoft Windows Debugging Engine<\/li>\n
uhooker<\/a>: intercept calls to API calls inside DLLs, and also arbitrary addresses within the executable file in memory<\/li>\n
diStorm64<\/a>: disassembler library for AMD64, licensed under the BSD license<\/li>\n
python-ptrace<\/a>: debugger using ptrace (Linux, BSD and Darwin system call to trace processes) written in Python<\/li>\n<\/ul>\n
Fuzzing<\/h3>\n
<\/p>\n
\n
Sulley<\/a>: fuzzer development and fuzz testing framework consisting of multiple extensible components<\/li>\n
Peach Fuzzing Platform<\/a>: extensible fuzzing framework for generation and mutation based fuzzing<\/li>\n
antiparser<\/a>: fuzz testing and fault injection API<\/li>\n
TAOF<\/a>, including ProxyFuzz<\/a>, a man-in-the-middle non-deterministic network fuzzer<\/li>\n
untidy<\/a>: general purpose XML fuzzer<\/li>\n
Powerfuzzer<\/a>: highly automated and fully customizable web fuzzer (HTTP protocol based application fuzzer)<\/li>\n
FileP<\/a>: file fuzzer. Generates mutated files from a list of source files and feeds them to an external program in batches<\/li>\n
SMUDGE<\/a><\/li>\n
Mistress<\/a>: probe file formats on the fly and protocols with malformed data, based on pre-defined patterns<\/li>\n
Fuzzbox<\/a>: multi-codec media fuzzer<\/li>\n
Forensic Fuzzing Tools<\/a>: generate fuzzed files, fuzzed file systems, and file systems containing fuzzed files in order to test the robustness of forensics tools and examination systems<\/li>\n
Windows IPC Fuzzing Tools<\/a>: tools used to fuzz applications that use Windows Interprocess Communication mechanisms<\/li>\n
WSBang<\/a>: perform automated security testing of SOAP based web services<\/li>\n
Construct<\/a>: library for parsing and building of data structures (binary or textual). Define your data structures in a declarative manner<\/li>\n
fuzzer.py (feliam)<\/a>: simple fuzzer by Felipe Andres Manzano<\/li>\n
Fusil<\/a>: Python library used to write fuzzing programs<\/li>\n<\/ul>\n
Web<\/h3>\n
\n
ProxMon<\/a>: processes proxy logs and reports discovered issues<\/li>\n
WSMap<\/a>: find web service endpoints and discovery files<\/li>\n
Twill<\/a>: browse the Web from a command-line interface. Supports automated Web testing<\/li>\n
Windmill<\/a>: web testing tool designed to let you painlessly automate and debug your web application<\/li>\n
FunkLoad<\/a>: functional and load web tester<\/li>\n<\/ul>\n
Forensics<\/h3>\n
\n
Volatility<\/a>: extract digital artifacts from volatile memory (RAM) samples<\/li>\n
SandMan<\/a>: read the hibernation file, regardless of Windows version<\/li>\n
LibForensics<\/a>: library for developing digital forensics applications<\/li>\n
TrIDLib<\/a>, identify file types from their binary signatures. Now includes Python binding<\/li>\n<\/ul>\n
Malware analysis<\/h3>\n
\n
pyew<\/a>: command line hexadecimal editor and disassembler, mainly to analyze malware<\/li>\n
Exefilter<\/a>: filter file formats in e-mails, web pages or files. Detects many common file formats and can remove active content<\/li>\n
pyClamAV<\/a>: add virus detection capabilities to your Python software<\/li>\n
jsunpack-n<\/a>, generic JavaScript unpacker: emulates browser functionality to detect exploits that target browser and browser plug-in vulnerabilities<\/li>\n
yara-python<\/a>: identify and classify malware samples<\/li>\n<\/ul>\n
PDF<\/h3>\n
\n
Didier Stevens\u2019 PDF tools<\/a>: analyse, identify and create PDF files (includes PDFiD<\/a>, pdf-parser<\/a> and make-pdf<\/a> and mPDF)<\/li>\n
Opaf<\/a>: Open PDF Analysis Framework. Converts PDF to an XML tree that can be analyzed and modified.<\/li>\n
Origapy<\/a>: Python wrapper for the Origami Ruby module which sanitizes PDF files<\/li>\n
pyPDF<\/a>: pure Python PDF toolkit: extract info, spilt, merge, crop, encrypt, decrypt\u2026<\/li>\n
PDFMiner<\/a>: extract text from PDF files<\/li>\n
python-poppler-qt4<\/a>: Python binding for the Poppler PDF library, including Qt4 support<\/li>\n<\/ul>\n
Misc<\/h3>\n
\n
InlineEgg<\/a>: toolbox of classes for writing small assembly programs in Python<\/li>\n
Exomind<\/a>: framework for building decorated graphs and developing open-source intelligence modules and ideas, centered on social network services, search engines and instant messaging<\/li>\n
RevHosts<\/a>: enumerate virtual hosts for a given IP address<\/li>\n
simplejson<\/a>: JSON encoder\/decoder, e.g. to use Google\u2019s AJAX API<\/a><\/li>\n
PyMangle<\/a>: command line tool and a python library used to create word lists for use with other penetration testing tools<\/li>\n
Hachoir<\/a>: view and edit a binary stream field by field<\/li>\n<\/ul>\n
Other useful libraries and tools<\/h3>\n
\n
IPython<\/a>: enhanced interactive Python shell with many features for object introspection, system shell access, and its own special command system<\/li>\n
Beautiful Soup<\/a>: HTML parser optimized for screen-scraping<\/li>\n
matplotlib<\/a>: make 2D plots of arrays<\/li>\n
Mayavi<\/a>: 3D scientific data visualization and plotting<\/li>\n
RTGraph3D<\/a>: create dynamic graphs in 3D<\/li>\n
Twisted<\/a>: event-driven networking engine<\/li>\n
Suds<\/a>: lightweight SOAP client for consuming Web Services<\/li>\n
M2Crypto<\/a>: most complete OpenSSL wrapper<\/li>\n
NetworkX<\/a>: graph library (edges, nodes)<\/li>\n
pyparsing<\/a>: general parsing module<\/li>\n
lxml<\/a>: most feature-rich and easy-to-use library for working with XML and HTML in the Python language<\/li>\n
Pexpect<\/a>: control and automate other programs, similar to Don Libes `Expect` system<\/li>\n
Sikuli<\/a>, visual technology to search and automate GUIs using screenshots. Scriptable in Jython<\/a><\/li>\n
PyQt<\/a> and PySide<\/a>: Python bindings for the Qt application framework and GUI library<\/li>\n<\/ul>\n
Source:\u00a0 http:\/\/www.dirk-loss.de\/python-tools.htm<\/a><\/strong><\/p><\/blockquote>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
Network Scapy: send, sniff and dissect a …<\/p>\n
\u7ee7\u7eed\u9605\u8bfb »<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[],"tags":[48,47],"class_list":["post-411","post","type-post","status-publish","format-standard","hentry","tag-python","tag-47"],"views":1281,"_links":{"self":[{"href":"http:\/\/zerobox.org\/notes\/wp-json\/wp\/v2\/posts\/411","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/zerobox.org\/notes\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/zerobox.org\/notes\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/zerobox.org\/notes\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/zerobox.org\/notes\/wp-json\/wp\/v2\/comments?post=411"}],"version-history":[{"count":0,"href":"http:\/\/zerobox.org\/notes\/wp-json\/wp\/v2\/posts\/411\/revisions"}],"wp:attachment":[{"href":"http:\/\/zerobox.org\/notes\/wp-json\/wp\/v2\/media?parent=411"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/zerobox.org\/notes\/wp-json\/wp\/v2\/categories?post=411"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/zerobox.org\/notes\/wp-json\/wp\/v2\/tags?post=411"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}