123 Essential Python Tools for Penetration Testing and Security Research

Today's article is sourced from dloss/python-pentest-tools and lists 123 Python penetration testing tools.

If you want to engage in vulnerability research, reverse engineering, and penetration testing, I recommend using Python. Python already has many mature libraries, which I will list here.

This list includes tools mostly written in Python; some are Python bindings for existing C libraries.

Some powerful tools (pentest frameworks, Bluetooth smashers, web application vulnerability scanners, war‑dialers, etc.) are excluded due to legal concerns in Germany; the list aims to help white‑hat hackers.

Network

Scapy, Scapy3k: send, sniff, dissect, and forge network packets; usable as a library or interactive application.

pypcap, Pcapy and pylibpcap: various libpcap bindings for Python.

libdnet: low‑level network routing, interface lookup, and Ethernet frame forwarding.

dpkt: fast, lightweight packet creation and parsing for basic TCP/IP protocols.

Impacket: packet crafting and decoding, supports higher‑level protocols like NMB and SMB.

pynids: libnids wrapper providing sniffing, IP fragment reassembly, TCP stream reconstruction, and port‑scan detection.

Dirtbags py-pcap: read pcap files without libpcap.

flowgrep: search packet payloads using regular expressions.

Knock Subdomain Scan: enumerate subdomains on a target domain via dictionary.

SubBrute: fast subdomain enumeration tool.

Mallory: extensible TCP/UDP proxy with on‑the‑fly protocol modification.

Pytbull: flexible IDS/IPS testing framework with over 300 test cases.

Spoodle: massive subdomain + Poodle vulnerability scanner.

SMBMap: enumerate Samba shares in a domain.

Debugging and Reverse Engineering

Paimei: reverse‑engineering framework including PyDBG, PIDA, pGRAPH.

Immunity Debugger: scriptable GUI and command‑line debugger.

mona.py: Immunity Debugger extension replacing pvefindaddr.

IDAPython: plugin for IDA Pro integrating Python for scripting.

PyEMU: full‑script Intel 32‑bit emulator for malware analysis.

pefile: read and process PE files.

pydasm: Python interface to libdasm x86 disassembly library.

PyDbgEng: Python wrapper for Microsoft Windows debugging engine.

uhooker: intercept API calls of DLLs or arbitrary memory addresses.

diStorm: AMD64 disassembly library under BSD license.

Frida: dynamic instrumentation framework for injecting scripts into running processes.

python-ptrace: Python ptrace debugger for Linux, BSD, and Darwin.

vdb / vtrace: vtrace is a cross‑platform process‑debugging API; vdb is a debugger built on it.

Androguard: Android application reverse‑engineering tool.

Capstone: lightweight multi‑platform, multi‑architecture disassembly framework.

Keystone: lightweight multi‑platform, multi‑architecture assembler.

PyBFD: Python bindings for GNU Binary File Descriptor library.

CHIPSEC: framework for analyzing hardware, firmware (BIOS/UEFI), and platform security.

Fuzzing

afl-python: American Fuzzy Lop for pure Python code.

Sulley: extensible fuzzing framework composed of modular components.

Peach Fuzzing Platform: extended fuzzing framework (v2 written in Python).

antiparser: API for fuzzing and fault injection.

TAOF (The Art of Fuzzing): includes ProxyFuzz, a man‑in‑the‑middle network fuzzing tool.

untidy: XML fuzzing tool.

Powerfuzzer: highly automated, fully customizable web fuzzing tool.

SMUDGE

Mistress: pattern‑based detection of malformed data and protocols.

Fuzzbox: media multi‑encoder fuzzing.

Forensic Fuzzing Tools: generate fuzzed files and filesystems to test forensic tool robustness.

Windows IPC Fuzzing Tools: fuzz Windows inter‑process communication mechanisms.

WSBang: web‑service automation testing for SOAP security.

Construct: library for parsing and building binary or text data formats.

fuzzer.py (feliam): simple fuzzing tool by Felipe Andres Manzano.

Fusil: Python library for writing fuzzing programs.

Web

Requests: elegant, simple, human‑friendly HTTP library.

lxml: easy‑to‑use XML/HTML processing library.

HTTPie: user‑friendly command‑line HTTP client similar to cURL.

ProxMon: process proxy logs and report issues.

WSMap: discover web servers and files.

Twill: command‑line web browsing with support for automated web testing.

Ghost.py: WebKit web client written in Python.

Windmill: web testing tool for automating web application debugging.

FunkLoad: web functional and load testing.

spynner: Python web browsing module supporting JavaScript/AJAX.

python‑spidermonkey: Mozilla JS engine ported to Python for executing JavaScript.

mitmproxy: SSL‑capable HTTP proxy with interactive console for traffic inspection and editing.

pathod / pathoc: daemon/client for tormenting HTTP clients and servers.

spidy: simple command‑line web scraper with page download and word stripping.

Forensics

Volatility: extract data from RAM.

Rekall: memory analysis framework developed by Google.

LibForensics: digital forensics application library.

TrIDLib: Python implementation for identifying file types from binary signatures.

aft: Android forensics toolset for malware analysis.

Malware Analysis

pyew: command‑line hex editor and disassembler for malware analysis.

Exefilter: filter specific file formats in emails, web pages, and files; can detect and remove many common formats.

pyClamAV: add virus detection capabilities to Python software.

jsunpack‑n: generic JavaScript interpreter emulating browser functionality to detect exploits.

yara‑python: identify and classify malware samples.

phoneyc: pure‑Python honeypot.

CapTipper: analyze, study, and replay HTTP malicious traffic from PCAP files.

PDF

peepdf: Python PDF analysis tool for detecting malicious PDFs.

Didier Stevens' PDF tools: suite including PDFiD, pdf‑parser, make‑pdf, and mPDF for analyzing, identifying, and creating PDFs.

Opaf: open PDF analysis framework converting PDFs to XML trees for analysis and modification.

Origapy: Python interface to Ruby's Origami tool for reviewing PDF files.

pyPDF2: Python PDF toolkit for information extraction, splitting, merging, creation, encryption, and decryption.

PDFMiner: extract text from PDF files.

python‑poppler‑qt4: Python binding for Poppler PDF library supporting Qt4.

Miscellaneous

InlineEgg: toolbox of small utilities written in Python.

Exomind: framework for targeted attacks via social networks, search engines, and instant messaging.

RevHosts: enumerate virtual hosts for a given IP address.

simplejson: JSON encoder/decoder, e.g., for Google’s AJAX API.

PyMangle: command‑line tool and library for creating dictionaries used in penetration testing.

Hachoir: view and edit binary streams.

py‑mangle: duplicate entry.

wmiexec.py: execute PowerShell commands quickly via WMI.

Pentestly: Python and PowerShell internal penetration testing framework.

hacklib: toolkit for hackers including word cracking, password guessing, reverse shells, etc.

Other Useful Libraries or Tools

IPython: enhanced interactive Python shell with introspection, system shell access, and custom commands.

Beautiful Soup: optimized HTML parser for web scraping.

matplotlib: 2‑D plotting library.

Mayavi: 3‑D scientific data visualization and plotting.

RTGraph3D: create dynamic 3‑D graphs.

Twisted: event‑driven network engine.

Suds: lightweight SOAP client for web services.

M2Crypto: comprehensive OpenSSL wrapper.

NetworkX: graph library (nodes, edges).

Pandas: high‑performance data structures and analysis tools.

pyparsing: generic parsing module.

lxml: most feature‑rich library for XML/HTML processing in Python.

Whoosh: fast, feature‑rich full‑text indexing and search library.

Pexpect: control and automate other programs, similar to Expect.

Sikuli: visual technology using screenshots for GUI automation, runs on Jython.

PyQt and PySide: Python‑bound Qt application framework and GUI libraries.

Books

Violent Python by TJ O'Connor – cookbook for hackers, forensic analysts, pentesters, and security engineers.

Grey Hat Python by Justin Seitz – Python programming for hacking and reverse engineering.

Black Hat Python by Justin Seitz – Python programming for hacking and penetration testing.

Python Penetration Testing Essentials by Mohit – leveraging Python features for optimal penetration testing.

Python for Secret Agents by Steven F. Lott – using Python for analysis, encryption, and intelligence gathering.

Python Web Penetration Testing Cookbook by Cameron Buchanan et al. – over 60 Python use‑cases for web application testing.

Learning Penetration Testing with Python by Christopher Duffy – effective and efficient pentesting with Python scripts.

Python Forensics by Chet Hosmer – workstation for inventing and sharing digital forensics techniques.

The Beginner's Guide to IDAPython by Alexander Hanel.

Talks, Slides and Articles

Python & Reverse Engineering Software by Alexander Hanel.

Python Arsenal for Reverse Engineering by Dmitriy Evdokimov (RUCTF 2016).

More

SecurityTube Python Scripting Expert (SPSE) – online class certified by Vivek Ramachandran.

SANS course SEC573: Python for Penetration Testers.

Python Arsenal for Reverse Engineering – extensive collection of reverse‑engineering tools.

Article from SANS about Python libraries usable for forensic analysis (PDF).

For more Python libraries, see the Python Package Index (PyPI).

Author: Alien from Earth Source: https://zhuanlan.zhihu.com/p/28452712