Python for Cybersecurity: The Development Of Security Tools and Penetration Testing

Python has become a popular language among cybersecurity professionals due to its versatility, simplicity, and diverse set of libraries and frameworks. It is widely utilized in penetration testing and security tool development. We will look at how Python is used in various domains and discuss some well-liked tools and frameworks of Python for cybersecurity in this blog article. 

Development of Security Tools

Python's simplicity of use and readability make it a popular choice for creating security tools. Python for cybersecurity can swiftly prototype and create systems to automate different security processes. Several popular categories of Python-based security tools include. 

Vulnerability Scanners: Python is used in the development of tools like OpenVAS and Nikto, which check for vulnerabilities in networks and web applications. Python is a good choice for this purpose because of its ability to program networks.

Packet Sniffers: With the help of Python's socket module, programmers may build packet sniffers to examine network traffic. A well-liked Python package for manipulating and analyzing packets is called Scapy.

Password Cracking Tools: Python is a good choice for creating password cracking programs because of its threading and multiprocessing features. Python is used by programs like John the Ripper and Hydra to crack passwords.

Web Application Security Tools: Web application security technologies are developed using Python web frameworks such as Flask and Django. These tools assist in locating frequent online vulnerabilities such as XSS and SQL injection.

Penetration Testing

Python's versatility and ease of creating bespoke scripts make it a popular choice for penetration testing. Python is used by penetration testers for a variety of purposes, such as:

Exploit Development: Python is often used to develop exploits for known vulnerabilities. Frameworks like Metasploit also allow the integration of Python scripts for exploit development.

Automating Tasks: During penetration testing, repetitive operations are automated using Python scripts. One possible use for scripts is to automate the process of listing all the services and vulnerabilities on a target system.

Social Engineering: Python scripts can be used to create malicious payloads or send phishing emails, among other social engineering attacks.

Popular Python Libraries and Frameworks for Cybersecurity

Scapy: Scapy is a potent interactive packet manipulation software and library written in Python. It can be used to send and receive packets over a network, match requests and answers, collect packets, forge or decode packets of a variety of protocols, and much more.

Requests: Requests is a minimalistic yet sophisticated Python HTTP framework. It offers ways to use HTTP to access web resources.

PyCrypto: A collection of cryptographic protocols and algorithms developed for Python users is called PyCrypto. It was widely used for the development of Python for cybersecurity development.

Conclusion:

Python is a great choice for creating security tools and doing penetration testing because of its ease of use and adaptability. Security experts may easily automate processes and create unique solutions to its vast libraries and frameworks. You can hire Python developers to continue essential tools in cybersecurity experts' toolboxes and for emerging cyber threats.

learning to code!

When I was 9 years old, I learned enough html to code neopets pages, my own geocities websites, and I even made forums on my own sites so my friends could all roleplay together or rant together lol. And then? I forgot so much. I no longer no how to make a forum, or even a 'next page' button - so even the dream of just making a simple blog or webnovel site feels like a huge hurdle now. (9 year old me could probably figure it out in 2 hours).

So I'm relearning! I figured this would be a fun post to place resources I find for coding, since there's coding languages, and I figure maybe if you like running you're blog then you also might be interested in tools for making blogs!

First, for those of you who miss the old geocities and angelfire type of sites to make your own free site on: neocities.org

You can make free sites you can code yourself, the way 9 year old me did. A lot of people have made SUCH amazing sites, it's baffling my mind trying to figure out how they did, I definitely wish I could make an art portfolio site even a fourth as cool as some of the sites people have made on here.

And for those pressed for time, who aren't about to learn coding right now: wix.com is the place I recommend for building a site, it requires no coding skill and is fairly straightforward about adding pages or features by clicking buttons. I used it to make my art portfolio site, I am testing out using it for my webnovel - the alternative is Wordpress, but wix.com is letting me basically make a wordpress blog Inside my own site. It's very beginner friendly in terms of "how the fuck do I set up a 'sign up for updates' message and have my site actually email these people my novel updates?" and "I need a 4x20 grid of my art down the page, that lets people click the art to see it's information and make it bigger."

I did neocities.org's little html tutorial today, it's the part of html I DID remember (links, paragraphs, headers).

My next step is to go through htmldog.com's tutorials. They go from beginner, to intermediate, to CSS. Unlike many a coding tutorial I've seen, they explain what program on your computer you need to WRITE the code in and then how to save it and how to open it. (You'd think this isn't a big deal but I've been looking into how to learn Python for months and I can't find a tutorial explaining what fucking program to write my python in... notepad? do I need something else? I don't fucking know!! My dad finally gave me a printed textbook which supposedly tells you what to download to start... I learned C++ in college and for that you needed Visual Basic to code C++, so I figured I needed Something to Write the fucking python IN.)

27-Year-Old EXE becomes Python - AI-assisted reverse engineering 🤖⚡💾🐍 https://blog.adafruit.com/2025/02/27/27-year-old-exe-becomes-python-in-minutes-with-claude-ai-assisted-reverse-engineering/

Still Moving Forward

Just about to finish Course 3, Networks and Network Security as part of the Google Cybersecurity Professional Certification.

Struggled over the past week or so after having an operation under general anesthetic, I'm not used to staying in one place for a long time or lying for extended periods, its wreaked havoc on my body.

But I'm back at it, smashed course and coming to the end of course 3. Done some practise projects and learnt a lot of stuff. Been getting distracted a lot by wanting to engage with more knowledge so I end up talking to Gemini a lot (yes I have moved away from ChatGPT).

Used Gemini to help me setup Ubuntu and start using the command line to perform some basic tasks as I start to understand that more. Even got my daughter who is five to play some text based games with me, it's all she wants to do now.

It has made me think about IT education when I was in school. We were shown some basic website access stuff and how to use excel but no one ever taught us terminal and other backend techniques that could have inspired us more. I do remember talking to the technician a few times when I forgot a password or needed help with something, I remember being impressed by the technology he was surrounded. That must have been over 25 years ago.

rambling now. Anyway, I'm back at it and looking to smash it all by Sunday 10th November, it's now Thursday.

🫧 introduction 🫧

Hi!

Get to know me a little below <3

Name: Elif (random screenname I picked, similar enough to my actual name)

Pronouns: She/Elle

Age: Adult under 21

Languages: English (Standard, AAVE), French (Standard/Parisian)

Ethnicity/Religion/Etc: Black American (Northern Californian), Jewish (Ashki, Belarussian), Autistic, Bi

^I don't post about any of that here, but representation is important

Current Interests (I mostly post what's listed here):

Full-Stack Development, Linux, Python, C++, Cybersecurity, French & Russian (language study), Russian literature, Reading (generally), Poetry, Penmanship, Writing (Poetry), Fashion, Music (classical, instrumental, violin), and Shopping

Inactive Interests:

AC (New Horizons), The Sims 4, Hollow Knight, World of Warcraft, English literature, Cooking, Knitting, Sewing, and Violin (playing)

Tech/Apps/Sites I use & study with:

MacBook Air (Linux Mint 21.3 Cinnamon) and an iPad (iPadOS 16.2 + Apple Pen) .

GoodNotes, LibreOffice, Libby, Pinterest, and GoodReads.

Codecademy, FreeCodeCamp, LearnPython, Cybrary, LeetCode, Github, and KeyHero.

For my non-tech studies I mostly just read books.

DNI / Preferred boundaries

Not Welcome Here:

TERFs, SWERFs, RadFems, EDblr (Any/All), Discourse blogs, Anti-Voting, Anti-Union, AI fanatics/Cryptocurrency users, Cops, Zionists, Antisemites, Incels/Femcels, Eugenicists of any kind.

DO NOT ASSUME I'M A FAN OF [Shitty People] NOT LISTED

Welcome here:

Pretty much everyone else

Boundaries for Interaction:

You're welcome to interact however you'd like!

Everything posted here is open for commentary/discussion and you're also welcome to speak with me directly through asks/dm about whatever as long as it's related to this blog and/or something posted on it. This is an entirely SFW space and minors are welcome to interact, however, please remember that we & everyone else here are strangers and do not share personal information with me or others interacting on my page.

If you're an NSFW blog please switch to a SFW account/blog to interact at all. If you interact using your NSFW account/blog I will assume you're doing so intentionally or a bot and you'll be blocked.

Accessibility:

🫧 I do not post any flashing videos or images.

🫧 I do not post any NSFW content.

🫧 I do not post vent posts, post/reblog about other's personal traumas, or post/reblog about The News (unless said news directly relates to one of the things in my current interests list).

🫧 I do not repost any kind of chainmail, positive or negative.

🫧 I do not share or make any content related to generally triggering subjects, if you have specific and/or uncommon trigger(s) but still want to follow/interact with my blog please let me know and I'll tell you whether or not my blog is a safe space for you.

🫧 I do not pathologize/ridicule/joke about OCD, NPD, BPD, ASPD, Bipolar 1/2, Psychosis (with any root cause), or any other mental health conditions; If I've posted/reblogged something that does so please alert me.

🫐 I do use tone tags (If I miss one please let me know) when discussing thoughts/feelings/comments.

🫐 If I for some reason post/reblog something that is commonly triggering or discusses something you as a follower/mutual have let me know triggers you it will be tagged to the best of my ability.

🫐 I do add alt-text to all of the photos I post.

🫐 I do my best to avoid posting/reblogging screenreader unfriendly posts but If something I posted messed with your screenreader anyway please tell me so I can do my best to remedy it.

🫐 I do respect & honor everyones pronouns, gender identity, and sexual/romantic orientation regardless of whether I personally understand it.

🫐 I do respond to all asks/messages but I'm busy so it may take time.

I am trying my best <3

If you have any accessibility requests for this blog or even this post specifically, please let me know and I will genuinely consider updating to include it if I can.

Replicates Itself VIRUS

Growth is exciting, but only if your app can handle it! Cloud technology ensures your app scales effortlessly to meet increasing demand. 📈 Get ready for success! 🔗Learn more: https://greyspacecomputing.com/custom-mobile-application-development-services/  📧 Visit: https://greyspacecomputing.com/portfolio

Back to the learning for this year! I took a few weeks off at the end of 2023 to stop any burnout... I am so glad I did because now I'm nice and refreshed to start it back up again. I also managed to get accepted on a university course starting in September 2024! I'm now on a class for Python, front-end development with javascript and learning some cybersecurity things on the side (literally starting from scratch on that topic because I know nothing!) I've made sure to have other hobbies while I do this, so I have time to relax and process my thoughts without overloading myself. I like to crochet, read and play the violin in my downtime...what about you? What are your hobbies?

Should I actually make meaningful posts? Like maybe a few series of computer science related topics?

I would have to contemplate format, but I would take suggestions for topics, try and compile learning resources, subtopics to learn and practice problems

Password Manager Part 1

So the other day I was thinking about what else I could do to make my cyber life safer. So I started to looking into a Password Manager. Now you can buy a subscription to a password manager service and there are some good sites out there, but the problem is two things the subscription and security.

By security I mean you look around and you see leaks every where. Corporations getting hacked or they use the info to sale your info and all the user data is under there control. All it would take is someone to hack the password manages and then all the passwords could be out there and your rushing to change everything before they get in.

I don't have the money to do something like that, so I started to dig into making my own Password Manager using Python.I started looking into what I would need.

First would be encryption, one of the standards of the cybersecurity world. Using a mix of hashing through the SHA256 algorithm, and always salting your hashes you can make your stored passwords even more secure.

The code

# Setting up crytogtaphy from cryptography.hazmat.primitives import hashes from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC from cryptography.hazmat.backends import defult_backend import base64

def derive_encryption_key(master_password, salt): kdf = PBKDF2HMAC( algorithm=hashes.SHA256(), length=32, salt=salt, iterations=100000, backend=defult_backend() ) key = base64.urlsafe_b64encode(kdf.derive(master_oasswird.encode())) return key

Then encryption and decryption, the method of the program will use to keep the passwords encrypted and then decryption when they need to be executed. Writing this code was more challenging but there some amazing resources out there. With quick google searches you can find them.

The Code

# Encryption and Decrptions from cryptography.fernet import Fernet

def encrypt_password(password, key): fernet = Fernet(key) encrypted_password = fernet.encrypt(password.encode()) return encrypted_password

def decrypt_password(encrytped_password, key): fernet = fernet(key) decrypt_password = fernet.decrypt(encrypted_password).decode() return decrypted_password

Next up I wanted Random Password generation, at least 12 chars long, with letters, numbers and special chars.

The Code

# password generation import string import random

def generate_secure_password(length=12): char_pool = string.ascii_letters + string.digits + string.punctuation password = ''.join(random.choice(char_pool) for _ in range(length)) return password

Finally it would be needing a data base to store the passwords. Through googling, and research. I would need to set up a SQL Data base. This would be something new for me. But first I could set up the code and the key for the user. Later I will add the SQL data base.

Now part of this would be setting up a Master Password and user name. This worried me abet, because anybody could just hop in and take a look at the code and see the Master Password and then get access to all my passwords and such. So to keep your code safe, it is all about restricting your code. Location, keep your code in a safe locked files, away from prying eyes and encrypted, and access to the source code should be restricted to just you and who ever you trust.

The Code

# Seting up SQL database. def setup_database(): conn = sqlite3.connect('users.db') c = conn.cursor() c.execute('''CREATE TABLE IF NOT EXISTS Uer_keys (user_id TEXT PRIMARY KEY, key BLOB)''') conn.comit() conn.close()

def main(): # setup database setup_database()

#create a key for the user master_password = input("Enter your master password: ") salt = b' some_salt' # Generate secure salt for each user key = derive_encryption_key(master_password, salt)

#Simulate user intreaction user_id = "[email protected]" #user ID user_password = "Password1234" #user password to encrypt

# Encrypt the users password encrypt_password = encrypt_password(user_password, key) print(f"decrypted password for {user_id}; {decrypt_password}")

# Placeholder for intrgrtating the password storage and retriecal logic # This would inculde calls to interact with the SQL database.

if __name__ == "__main__": main()

Now I have much more to do to the program, I need to set up a SQL data base for storage this will be its own can of worms. Learning SQL will be a new challenge for me.

Also I wanted to add more features to the program, I was thinking about setting up an auto fill feature. Now the program will just display the requested password and you have to manually put it in. I want to see if there will be a way to auto fill it.

So stay tuned as I do more research.

i'm working on a new security tool called dbe.

dbe is designed to simulate a cybersecurity scenario in which an agent learns to perform various actions in order to infect machines, perform self-healing, and propagate to other machines. The agent uses a Q-learning algorithm to learn which actions to take based on the current state of the environment.

The script takes a list of IP addresses as input and scans them to see if they are vulnerable to a specific exploit. If a vulnerable machine is found, the agent tries to infect it by connecting to a remote server and executing a payload. The agent also performs periodic self-healing actions to ensure that it is running smoothly, and propagates to other machines in order to spread the infection.

The script uses a Q-table to keep track of the expected rewards for each action in each state, and updates the Q-table based on the rewards received for each action taken. The agent also uses a decaying exploration probability to balance exploration and exploitation of the environment.

The script is written in Python and uses various libraries such as subprocess, threading, and numpy to perform its functions. It can be run from the command line with various options to customize its behavior.

In simpler terms, the script is like a game where the agent learns to take actions in order to achieve a goal (in this case, infecting machines and spreading the infection). The agent uses a special kind of learning algorithm called Q-learning to figure out which actions are the best to take in each situation. The script also includes some safety measures to make sure the agent doesn't cause any harm to itself or others.

https://github.com/geeknik/dbe

Google Cloud Professional Cloud Architect Certification. Become a GCP Cloud Architect, Latest GCP Exam and Case Studies.

Google Cloud Platform is one of the fastest-growing cloud service platforms offered today that lets you run your applications and data workflows at a 'Google-sized' scale.

Google Cloud Certified Professional Cloud Architect certification is one of the most highly desired IT certifications out today. It is also one of the most challenging exams offered by any cloud vendor today. Passing this exam will take many hours of study, hands-on experience, and an understanding of a very wide range of GCP topics.

Luckily, we're here to help you out! This course is designed to be your best single resource to prepare for and pass the exam to become a certified Google Cloud Architect.

Why should do a Google Cloud Certification?

Here are few results from Google's 2020 Survey:

89% of Google Cloud certified individuals are more confident about their cloud skills

GCP Cloud Architect was the highest paying certification of 2020 (2) and 2019 (3)

More than 1 in 4 of Google Cloud certified individuals took on more responsibility or leadership roles at work

Why should you aim for Google Cloud - GCP Cloud Architect Certification?

Google Cloud Professional Cloud Architect certification helps you gain an understanding of cloud architecture and Google Cloud Platform.

As a Cloud Architect, you will learn to design, develop, and manage robust, secure, scalable, highly available, and dynamic solutions to drive business objectives.

The Google Cloud Certified - Professional Cloud Architect exam assesses your ability to:

Design and architect a GCP solution architecture

Manage and provision the GCP solution infrastructure

Design for security and compliance

Analyze and optimize technical and business processes

Manage implementations of Google Cloud architecture

Ensure solution and operations reliability

Are you ready to get started on this amazing journey to becoming a Google Cloud Architect?

So let's get started!

Who this course is for:

You want to start your Cloud Journey with Google Cloud Platform

You want to become a Google Cloud Certified Professional Cloud Architect

TOP 10 courses that have generally been in high demand in 2024-

Data Science and Machine Learning: Skills in data analysis, machine learning, and artificial intelligence are highly sought after in various industries.

Cybersecurity: With the increasing frequency of cyber threats, cybersecurity skills are crucial to protect sensitive information.

Cloud Computing: As businesses transition to cloud-based solutions, professionals with expertise in cloud computing, like AWS or Azure, are in high demand.

Digital Marketing: In the age of online businesses, digital marketing skills, including SEO, social media marketing, and content marketing, are highly valued.

Programming and Software Development: Proficiency in programming languages and software development skills continue to be in high demand across industries.

Healthcare and Nursing: Courses related to healthcare and nursing, especially those addressing specific needs like telemedicine, have seen increased demand.

Project Management: Project management skills are crucial in various sectors, and certifications like PMP (Project Management Professional) are highly valued.

Artificial Intelligence (AI) and Robotics: AI and robotics courses are sought after as businesses explore automation and intelligent technologies.

Blockchain Technology: With applications beyond cryptocurrencies, blockchain technology courses are gaining popularity in various sectors, including finance and supply chain.

Environmental Science and Sustainability: Courses focusing on environmental sustainability and green technologies are increasingly relevant in addressing global challenges.

Join Now

learn more -

Python and Cybersecurity: The Future of Ethical Hacking

Finished Course 1 of the Google Cyber Security Certification.

Took a few days off from the cyber course because I've been chocka with work and I also went off on several tangents. I started a Data Science course using K means clustering, I started a Psychology course and found a few AI and climate change courses I'd like to do. Finally got back to the Cyber course today - I will say that even though I do have a tendency to engage my wandering mind I found my way back to the cyber course an felt the same enthusiasm as I did when I first started; which is a rarity for me I'll be honest.

I did however keep my mind somewhat focused on the cyber security stuff by watching the Hack Google series on YouTube. Through this I obviously went off onto other tangents and watched an interesting video about Google Research working with wild fire researchers to enable earlier detection systems and better modelling to fight the fires and save more lives. This is the importance of data and this is what we are capable of as a species, data is not just an advertisers wet dream.

Anyway on to course 2 which is Play It Safe: Manage Security Risks.

I wonder how I could create a career using these newly gained skills to help in the climate crisis fight? That would be a worthwhile career.

Hackers, Computer Science Engineers and geniuses in that field....

Can we talk? I have a lot of questions and am practically brimming with curiosity to know the answer to some of them

Give me a dm 💋