[Owasp-Malaysia] Python tools for penetration testers

OWASP Malaysia admin at owasp.my
Sun Jan 9 21:10:50 EST 2011

Dear all,

This is for python Fan and if you are realy developer on it. Please free to
test it and if you have time please sent some report what your exactly do
for this tool.This is collection for who love python as their part of life.
Please FREE and use this as you know this is Open Source Software. if you
are involved in vulnerability research, reverse engineering or penetration
testing, We suggest to try out the Python
<http://www.python.org/>programming language. It has a rich set of
useful libraries and programs.

Most of the listed tools are written in Python, others are just Python
bindings for existing C libraries, i.e. they make those libraries easily
usable from Python programs.

Some of the more aggressive tools (pentest frameworks, bluetooth smashers,
web application vulnerability scanners, war-dialers, etc.) are left out,
because the legal situation of these tools is still a bit unclear not at
Malaysia. This list is clearly meant to help whitehats, and for now we
prefer to on the safe side.

   - Scapy <http://secdev.org/projects/scapy>: send, sniff and dissect and
   forge network packets. Usable interactively or as a library
   - pypcap <http://code.google.com/p/pypcap/>,
   pylibpcap <http://pylibpcap.sourceforge.net/>: several different Python
   bindings for libpcap
   - libdnet <http://code.google.com/p/libdnet/>: low-level networking
   routines, including interface lookup and Ethernet frame transmission
   - dpkt <http://code.google.com/p/dpkt/>: fast, simple packet
   creation/parsing, with definitions for the basic TCP/IP protocols
   - Impacket <http://oss.coresecurity.com/projects/impacket.html>: craft
   and decode network packets. Includes support for higher-level protocols such
   as NMB and SMB
   - pynids <http://jon.oberheide.org/pynids/>: libnids wrapper offering
   sniffing, IP defragmentation, TCP stream reassembly and port scan detection
   - Dirtbags py-pcap <http://dirtbags.net/py-pcap/>: read pcap files
   without libpcap
   - flowgrep <http://monkey.org/%7Ejose/software/flowgrep/>: grep through
   packet payloads using regular expressions
   - httplib2 <http://code.google.com/p/httplib2/>: comprehensive HTTP
   client library that supports many features left out of other HTTP libraries

Debugging and reverse engineering

   - Paimei <http://code.google.com/p/paimei>: reverse engineering
   framework, includes PyDBG <http://pedram.redhive.com/PyDbg/>, PIDA,
   - Immunity Debugger <http://www.immunityinc.com/products-immdbg.shtml>:
   scriptable GUI and command line debugger
   - IDAPython <http://d-dome.net/idapython/>: IDA Pro plugin that
   integrates the Python programming language, allowing scripts to run in IDA
   - PyEMU <http://code.google.com/p/pyemu/>: fully scriptable IA-32
   emulator, useful for malware analysis
   - pefile <http://code.google.com/p/pefile/>: read and work with Portable
   Executable (aka PE) files
   - pydasm <http://dkbza.org/pydasm.html>: Python interface to the
disassembling library
   - PyDbgEng <http://pydbgeng.sourceforge.net/>: Python wrapper for the
   Microsoft Windows Debugging Engine
   - uhooker <http://oss.coresecurity.com/projects/uhooker.htm>: intercept
   calls to API calls inside DLLs, and also arbitrary addresses within the
   executable file in memory
   - diStorm64 <http://www.ragestorm.net/distorm/>: disassembler library for
   AMD64, licensed under the BSD license
   - python-ptrace <http://bitbucket.org/haypo/python-ptrace/wiki/Home>:
   debugger using ptrace (Linux, BSD and Darwin system call to trace processes)
   written in Python


   - Sulley <http://code.google.com/p/sulley/>: fuzzer development and fuzz
   testing framework consisting of multiple extensible components
   - Peach Fuzzing Platform <http://peachfuzz.sourceforge.net/>: extensible
   fuzzing framework for generation and mutation based fuzzing
   - antiparser <http://antiparser.sourceforge.net/>: fuzz testing and fault
   injection API
   - TAOF <http://theartoffuzzing.com/>, including
   a man-in-the-middle non-deterministic network fuzzer
   - untidy <http://untidy.sourceforge.net/>: general purpose XML fuzzer
   - Powerfuzzer <http://www.powerfuzzer.com/>: highly automated and fully
   customizable web fuzzer (HTTP protocol based application fuzzer)
   - FileP <https://www.isecpartners.com/file_fuzzers.html>: file fuzzer.
   Generates mutated files from a list of source files and feeds them to an
   external program in batches
   - SMUDGE <http://www.fuzzing.org/wp-content/SMUDGE.zip>
   - Mistress <http://www.packetstormsecurity.org/fuzzer/mistress.rar>:
   probe file formats on the fly and protocols with malformed data, based on
   pre-defined patterns
   - Fuzzbox <https://www.isecpartners.com/fuzzbox.html>: multi-codec media
   - Forensic Fuzzing
   generate fuzzed files, fuzzed file systems, and file systems containing
   fuzzed files in order to test the robustness of forensics tools and
   examination systems
   - Windows IPC Fuzzing
   tools used to fuzz applications that use Windows Interprocess Communication
   - WSBang <https://www.isecpartners.com/wsbang.html>: perform automated
   security testing of SOAP based web services
   - Construct <http://construct.wikispaces.com/>: library for parsing and
   building of data structures (binary or textual). Define your data structures
   in a declarative manner
   - fuzzer.py (feliam)<http://sites.google.com/site/felipeandresmanzano/fuzzer.py?attredirects=0>:
   simple fuzzer by Felipe Andres anzano


   - ProxMon <https://www.isecpartners.com/proxmon.html>: processes proxy
   logs and reports discovered issues
   - WSMap <https://www.isecpartners.com/wsmap.html>: find web service
   endpoints and discovery files
   - Twill <http://twill.idyll.org/>: browse the Web from a command-line
   interface. Supports automated Web testing
   - Windmill <http://trac.getwindmill.com/>: web testing tool designed to
   let you painlessly automate and debug your web application
   - FunkLoad <http://funkload.nuxeo.org/>: functional and load web tester


   - Volatility <https://www.volatilesystems.com/default/volatility/>:
   extract digital artifacts from volatile memory (RAM) samples
   - SandMan <http://sandman.msuiche.net/>: read the hibernation file,
   regardless of Windows version
   - LibForensics <http://code.google.com/p/libforensics/>: library for
   developing digital forensics applications
   - TrIDLib <http://mark0.net/code-tridlib-e.html>, identify file types
   from their binary signatures. Now includes Python binding

Malware analysis

   - pyew <http://code.google.com/p/pyew/>: command line hexadecimal editor
   and disassembler, mainly to analyze malware
   - Didier Stevens' PDF
   analyse, identify and create PDF files (includes
   pdf-parser <http://blog.didierstevens.com/programs/pdf-tools/#pdf-parser>and
   make-pdf <http://blog.didierstevens.com/programs/pdf-tools/#make-pdf> and
   - Origapy <http://www.decalage.info/python/origapy>: Python wrapper for
   the Origami Ruby module which sanitizes PDF files
   - Exefilter <http://www.decalage.info/exefilter>: filter file formats in
   e-mails, web pages or files. Detects many common file formats and can remove
   active content
   - pyClamAV <http://xael.org/norman/python/pyclamav/index.html>: add virus
   detection capabilities to your Python software


   - InlineEgg <http://oss.coresecurity.com/projects/inlineegg.html>:
   toolbox of classes for writing small assembly programs in Python
   - Exomind<http://corelabs.coresecurity.com/index.php?module=Wiki&action=view&type=tool&name=Exomind>:
   framework for building decorated graphs and developing open-source
   intelligence modules and ideas, centered on social network services, search
   engines and instant messaging
   - RevHosts <http://www.securityfocus.com/tools/3851>: enumerate virtual
   hosts for a given IP address
   - simplejson <http://undefined.org/python/#simplejson>: JSON
   encoder/decoder, e.g. to use Google's AJAX

Other useful libraries and tools

   - IPython <http://ipython.scipy.org/>: enhanced interactive Python shell
   with many features for object introspection, system shell access, and its
   own special command system
   - Beautiful Soup <http://www.crummy.com/software/BeautifulSoup/>: HTML
   parser optimized for screen-scraping
   - matplotlib <http://matplotlib.sourceforge.net/>: make 2D plots of
   - Mayavi <http://code.enthought.com/projects/mayavi/>: 3D scientific data
   visualization and plotting
   - RTGraph3D <http://www.secdev.org/projects/rtgraph3d/>: create dynamic
   graphs in 3D
   - Twisted <http://twistedmatrix.com/>: event-driven networking engine
   - Suds <https://fedorahosted.org/suds/>: lightweight SOAP client for
   consuming Web Services
   - M2Crypto <http://chandlerproject.org/bin/view/Projects/MeTooCrypto>:
   most complete OpenSSL wrapper
   - NetworkX <http://networkx.lanl.gov/>: graph library (edges, nodes)
   - pyparsing <http://pyparsing.wikispaces.com/>: general parsing module
   - lxml <http://codespeak.net/lxml/>: most feature-rich and easy-to-use
   library for working with XML and HTML in the Python language
   - Pexpect <http://www.noah.org/wiki/Pexpect>: control and automate other
   programs, similar to Don Libes `Expect` system
   - Sikuli <http://groups.csail.mit.edu/uid/sikuli/>, visual technology to
   search and automate GUIs using screenshots. Scriptable in

Admin Office
OWASP Malaysia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-malaysia/attachments/20110110/bd671ac0/attachment.html 

More information about the Owasp-Malaysia mailing list