{"product_id":"python-for-cybersecurity-isbn-9781119850649","title":"Python for Cybersecurity","description":"\u003cp\u003e\u003cb\u003eDiscover an up-to-date and authoritative exploration of Python cybersecurity strategies\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003ci\u003ePython For Cybersecurity: Using Python for Cyber Offense and Defense\u003c\/i\u003e delivers an intuitive and hands-on explanation of using Python for cybersecurity. It relies on the MITRE ATT\u0026amp;CK framework to structure its exploration of cyberattack techniques, attack defenses, and the key cybersecurity challenges facing network administrators and other stakeholders today.\u003c\/p\u003e \u003cp\u003eOffering downloadable sample code, the book is written to help you discover how to use Python in a wide variety of cybersecurity situations, including:\u003c\/p\u003e \u003cul\u003e \u003cli\u003eReconnaissance, resource development, initial access, and execution\u003c\/li\u003e \u003cli\u003ePersistence, privilege escalation, defense evasion, and credential access\u003c\/li\u003e \u003cli\u003eDiscovery, lateral movement, collection, and command and control\u003c\/li\u003e \u003cli\u003eExfiltration and impact\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003eEach chapter includes discussions of several techniques and sub-techniques that could be used to achieve an attacker's objectives in any of these use cases. The ideal resource for anyone with a professional or personal interest in cybersecurity, \u003ci\u003ePython For Cybersecurity\u003c\/i\u003e offers in-depth information about a wide variety of attacks and effective, Python-based defenses against them.\u003c\/p\u003e \u003cp\u003eIntroduction xvii\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 1 Fulfilling Pre- ATT\u0026amp;CK Objectives 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eActive Scanning 2\u003c\/p\u003e \u003cp\u003eScanning Networks with scapy 2\u003c\/p\u003e \u003cp\u003eImplementing a SYN Scan in scapy 4\u003c\/p\u003e \u003cp\u003ePerforming a DNS Scan in scapy 5\u003c\/p\u003e \u003cp\u003eRunning the Code 5\u003c\/p\u003e \u003cp\u003eNetwork Scanning for Defenders 6\u003c\/p\u003e \u003cp\u003eMonitoring Traffic with scapy 7\u003c\/p\u003e \u003cp\u003eBuilding Deceptive Responses 8\u003c\/p\u003e \u003cp\u003eRunning the Code 9\u003c\/p\u003e \u003cp\u003eSearch Open Technical Databases 9\u003c\/p\u003e \u003cp\u003eOffensive DNS Exploration 10\u003c\/p\u003e \u003cp\u003eSearching DNS Records 11\u003c\/p\u003e \u003cp\u003ePerforming a DNS Lookup 12\u003c\/p\u003e \u003cp\u003eReverse DNS Lookup 12\u003c\/p\u003e \u003cp\u003eRunning the Code 13\u003c\/p\u003e \u003cp\u003eDNS Exploration for Defenders 13\u003c\/p\u003e \u003cp\u003eHandling DNS Requests 15\u003c\/p\u003e \u003cp\u003eBuilding a DNS Response 15\u003c\/p\u003e \u003cp\u003eRunning the Code 16\u003c\/p\u003e \u003cp\u003eSummary 17\u003c\/p\u003e \u003cp\u003eSuggested Exercises 17\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 2 Gaining Initial Access 19\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eValid Accounts 20\u003c\/p\u003e \u003cp\u003eDiscovering Default Accounts 20\u003c\/p\u003e \u003cp\u003eAccessing a List of Default Credentials 21\u003c\/p\u003e \u003cp\u003eStarting SSH Connections in Python 22\u003c\/p\u003e \u003cp\u003ePerforming Telnet Queries in Python 23\u003c\/p\u003e \u003cp\u003eRunning the Code 24\u003c\/p\u003e \u003cp\u003eAccount Monitoring for Defenders 24\u003c\/p\u003e \u003cp\u003e\u003cb\u003eIntroduction to Windows Event Logs 25\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAccessing Event Logs in Python 28\u003c\/p\u003e \u003cp\u003eDetecting Failed Logon Attempts 28\u003c\/p\u003e \u003cp\u003eIdentifying Unauthorized Access to Default Accounts 30\u003c\/p\u003e \u003cp\u003eRunning the Code 30\u003c\/p\u003e \u003cp\u003eReplication Through Removable Media 31\u003c\/p\u003e \u003cp\u003eExploiting Autorun 31\u003c\/p\u003e \u003cp\u003eConverting Python Scripts to Windows Executables 32\u003c\/p\u003e \u003cp\u003eGenerating an Autorun File 33\u003c\/p\u003e \u003cp\u003eSetting Up the Removable Media 34\u003c\/p\u003e \u003cp\u003eRunning the Code 34\u003c\/p\u003e \u003cp\u003eDetecting Autorun Scripts 34\u003c\/p\u003e \u003cp\u003eIdentifying Removable Drives 35\u003c\/p\u003e \u003cp\u003eFinding Autorun Scripts 36\u003c\/p\u003e \u003cp\u003eDetecting Autorun Processes 36\u003c\/p\u003e \u003cp\u003eRunning the Code 36\u003c\/p\u003e \u003cp\u003eSummary 37\u003c\/p\u003e \u003cp\u003eSuggested Exercises 37\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 3 Achieving Code Execution 39\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eWindows Management Instrumentation 40\u003c\/p\u003e \u003cp\u003eExecuting Code with WMI 40\u003c\/p\u003e \u003cp\u003eCreating Processes with WMI 41\u003c\/p\u003e \u003cp\u003eLaunching Processes with PowerShell 41\u003c\/p\u003e \u003cp\u003eRunning the Code 42\u003c\/p\u003e \u003cp\u003eWMI Event Monitoring for Defenders 42\u003c\/p\u003e \u003cp\u003eWMI in Windows Event Logs 43\u003c\/p\u003e \u003cp\u003eAccessing WMI Event Logs in Python 45\u003c\/p\u003e \u003cp\u003eProcessing Event Log XML Data 45\u003c\/p\u003e \u003cp\u003eRunning the Code 46\u003c\/p\u003e \u003cp\u003eScheduled Task\/Job 47\u003c\/p\u003e \u003cp\u003eScheduling Malicious Tasks 47\u003c\/p\u003e \u003cp\u003eChecking for Scheduled Tasks 48\u003c\/p\u003e \u003cp\u003eScheduling a Malicious Task 48\u003c\/p\u003e \u003cp\u003eRunning the Code 49\u003c\/p\u003e \u003cp\u003eTask Scheduling for Defenders 50\u003c\/p\u003e \u003cp\u003eQuerying Scheduled Tasks 51\u003c\/p\u003e \u003cp\u003eIdentifying Suspicious Tasks 52\u003c\/p\u003e \u003cp\u003eRunning the Code 52\u003c\/p\u003e \u003cp\u003eSummary 53\u003c\/p\u003e \u003cp\u003eSuggested Exercises 53\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 4 Maintaining Persistence 55\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBoot or Logon Autostart Execution 56\u003c\/p\u003e \u003cp\u003eExploiting Registry Autorun 56\u003c\/p\u003e \u003cp\u003eThe Windows Registry and Autorun Keys 57\u003c\/p\u003e \u003cp\u003eModifying Autorun Keys with Python 60\u003c\/p\u003e \u003cp\u003eRunning the Code 61\u003c\/p\u003e \u003cp\u003eRegistry Monitoring for Defenders 62\u003c\/p\u003e \u003cp\u003eQuerying Windows Registry Keys 63\u003c\/p\u003e \u003cp\u003eSearching the HKU Hive 64\u003c\/p\u003e \u003cp\u003eRunning the Code 64\u003c\/p\u003e \u003cp\u003eHijack Execution Flow 65\u003c\/p\u003e \u003cp\u003eModifying the Windows Path 65\u003c\/p\u003e \u003cp\u003eAccessing the Windows Path 66\u003c\/p\u003e \u003cp\u003eModifying the Path 67\u003c\/p\u003e \u003cp\u003eRunning the Code 68\u003c\/p\u003e \u003cp\u003ePath Management for Defenders 69\u003c\/p\u003e \u003cp\u003eDetecting Path Modification via Timestamps 69\u003c\/p\u003e \u003cp\u003eEnabling Audit Events 71\u003c\/p\u003e \u003cp\u003eMonitoring Audit Logs 73\u003c\/p\u003e \u003cp\u003eRunning the Code 75\u003c\/p\u003e \u003cp\u003eSummary 76\u003c\/p\u003e \u003cp\u003eSuggested Exercises 76\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 5 Performing Privilege Escalation 77\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eBoot or Logon Initialization Scripts 78\u003c\/p\u003e \u003cp\u003eCreating Malicious Logon Scripts 78\u003c\/p\u003e \u003cp\u003eAchieving Privilege Escalation with Logon Scripts 79\u003c\/p\u003e \u003cp\u003eCreating a Logon Script 79\u003c\/p\u003e \u003cp\u003eRunning the Code 79\u003c\/p\u003e \u003cp\u003eSearching for Logon Scripts 80\u003c\/p\u003e \u003cp\u003eIdentifying Autorun Keys 81\u003c\/p\u003e \u003cp\u003eRunning the Code 81\u003c\/p\u003e \u003cp\u003eHijack Execution Flow 81\u003c\/p\u003e \u003cp\u003eInjecting Malicious Python Libraries 82\u003c\/p\u003e \u003cp\u003eHow Python Finds Libraries 82\u003c\/p\u003e \u003cp\u003eCreating a Python Library 83\u003c\/p\u003e \u003cp\u003eRunning the Code 83\u003c\/p\u003e \u003cp\u003eDetecting Suspicious Python Libraries 83\u003c\/p\u003e \u003cp\u003eIdentifying Imports 85\u003c\/p\u003e \u003cp\u003eDetecting Duplicates 85\u003c\/p\u003e \u003cp\u003eRunning the Code 86\u003c\/p\u003e \u003cp\u003eSummary 86\u003c\/p\u003e \u003cp\u003eSuggested Exercises 87\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 6 Evading Defenses 89\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eImpair Defenses 90\u003c\/p\u003e \u003cp\u003eDisabling Antivirus 90\u003c\/p\u003e \u003cp\u003eDisabling Antivirus Autorun 90\u003c\/p\u003e \u003cp\u003eTerminating Processes 93\u003c\/p\u003e \u003cp\u003eCreating Decoy Antivirus Processes 94\u003c\/p\u003e \u003cp\u003eCatching Signals 95\u003c\/p\u003e \u003cp\u003eRunning the Code 95\u003c\/p\u003e \u003cp\u003eHide Artifacts 95\u003c\/p\u003e \u003cp\u003eConcealing Files in Alternate Data Streams 96\u003c\/p\u003e \u003cp\u003eExploring Alternate Data Streams 96\u003c\/p\u003e \u003cp\u003eAlternate Data Streams in Python 97\u003c\/p\u003e \u003cp\u003eRunning the Code 98\u003c\/p\u003e \u003cp\u003eDetecting Alternate Data Streams 98\u003c\/p\u003e \u003cp\u003eWalking a Directory with Python 99\u003c\/p\u003e \u003cp\u003eUsing PowerShell to Detect ADS 100\u003c\/p\u003e \u003cp\u003eParsing PowerShell Output 101\u003c\/p\u003e \u003cp\u003eRunning the Code 102\u003c\/p\u003e \u003cp\u003eSummary 102\u003c\/p\u003e \u003cp\u003eSuggested Exercises 103\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 7 Accessing Credentials 105\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCredentials from Password Stores 106\u003c\/p\u003e \u003cp\u003eDumping Credentials from Web Browsers 106\u003c\/p\u003e \u003cp\u003eAccessing the Chrome Master Key 108\u003c\/p\u003e \u003cp\u003eQuerying the Chrome Login Data Database 108\u003c\/p\u003e \u003cp\u003eParsing Output and Decrypting Passwords 109\u003c\/p\u003e \u003cp\u003eRunning the Code 109\u003c\/p\u003e \u003cp\u003eMonitoring Chrome Passwords 110\u003c\/p\u003e \u003cp\u003eEnabling File Auditing 110\u003c\/p\u003e \u003cp\u003eDetecting Local State Access Attempts 111\u003c\/p\u003e \u003cp\u003eRunning the Code 113\u003c\/p\u003e \u003cp\u003eNetwork Sniffing 114\u003c\/p\u003e \u003cp\u003eSniffing Passwords with scapy 114\u003c\/p\u003e \u003cp\u003ePort- Based Protocol Identification 116\u003c\/p\u003e \u003cp\u003eSniffing FTP Passwords 116\u003c\/p\u003e \u003cp\u003eExtracting SMTP Passwords 117\u003c\/p\u003e \u003cp\u003eTracking Telnet Authentication State 119\u003c\/p\u003e \u003cp\u003eRunning the Code 121\u003c\/p\u003e \u003cp\u003eCreating Deceptive Network Connections 121\u003c\/p\u003e \u003cp\u003eCreating Decoy Connections 122\u003c\/p\u003e \u003cp\u003eRunning the Code 122\u003c\/p\u003e \u003cp\u003eSummary 123\u003c\/p\u003e \u003cp\u003eSuggested Exercises 123\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 8 Performing Discovery 125\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAccount Discovery 126\u003c\/p\u003e \u003cp\u003eCollecting User Account Data 126\u003c\/p\u003e \u003cp\u003eIdentifying Administrator Accounts 127\u003c\/p\u003e \u003cp\u003eCollecting User Account Information 128\u003c\/p\u003e \u003cp\u003eAccessing Windows Password Policies 128\u003c\/p\u003e \u003cp\u003eRunning the Code 129\u003c\/p\u003e \u003cp\u003eMonitoring User Accounts 130\u003c\/p\u003e \u003cp\u003eMonitoring Last Login Times 130\u003c\/p\u003e \u003cp\u003eMonitoring Administrator Login Attempts 131\u003c\/p\u003e \u003cp\u003eRunning the Code 132\u003c\/p\u003e \u003cp\u003eFile and Directory Discovery 133\u003c\/p\u003e \u003cp\u003eIdentifying Valuable Files and Folders 133\u003c\/p\u003e \u003cp\u003eRegular Expressions for Data Discovery 135\u003c\/p\u003e \u003cp\u003eParsing Different File Formats 135\u003c\/p\u003e \u003cp\u003eRunning the Code 136\u003c\/p\u003e \u003cp\u003eCreating Honeypot Files and Folders 136\u003c\/p\u003e \u003cp\u003eMonitoring Decoy Content 136\u003c\/p\u003e \u003cp\u003eCreating the Decoy Content 137\u003c\/p\u003e \u003cp\u003eRunning the Code 138\u003c\/p\u003e \u003cp\u003eSummary 138\u003c\/p\u003e \u003cp\u003eSuggested Exercises 139\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 9 Moving Laterally 141\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eRemote Services 142\u003c\/p\u003e \u003cp\u003eExploiting Windows Admin Shares 142\u003c\/p\u003e \u003cp\u003eEnabling Full Access to Administrative Shares 143\u003c\/p\u003e \u003cp\u003eTransferring Files via Administrative Shares 144\u003c\/p\u003e \u003cp\u003eExecuting Commands on Administrative Shares 144\u003c\/p\u003e \u003cp\u003eRunning the Code 144\u003c\/p\u003e \u003cp\u003eAdmin Share Management for Defenders 145\u003c\/p\u003e \u003cp\u003eMonitoring File Operations 146\u003c\/p\u003e \u003cp\u003eDetecting Authentication Attempts 147\u003c\/p\u003e \u003cp\u003eRunning the Code 148\u003c\/p\u003e \u003cp\u003eUse Alternative Authentication Material 148\u003c\/p\u003e \u003cp\u003eCollecting Web Session Cookies 149\u003c\/p\u003e \u003cp\u003eAccessing Web Session Cookies 150\u003c\/p\u003e \u003cp\u003eRunning the Code 150\u003c\/p\u003e \u003cp\u003eCreating Deceptive Web Session Cookies 151\u003c\/p\u003e \u003cp\u003eCreating Decoy Cookies 151\u003c\/p\u003e \u003cp\u003eMonitoring Decoy Cookie Usage 153\u003c\/p\u003e \u003cp\u003eRunning the Code 153\u003c\/p\u003e \u003cp\u003eSummary 154\u003c\/p\u003e \u003cp\u003eSuggested Exercises 155\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 10 Collecting Intelligence 157\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eClipboard Data 158\u003c\/p\u003e \u003cp\u003eCollecting Data from the Clipboard 158\u003c\/p\u003e \u003cp\u003eAccessing the Windows Clipboard 159\u003c\/p\u003e \u003cp\u003eReplacing Clipboard Data 159\u003c\/p\u003e \u003cp\u003eRunning the Code 160\u003c\/p\u003e \u003cp\u003eClipboard Management for Defenders 160\u003c\/p\u003e \u003cp\u003eMonitoring the Clipboard 161\u003c\/p\u003e \u003cp\u003eProcessing Clipboard Messages 161\u003c\/p\u003e \u003cp\u003eIdentifying the Clipboard Owner 161\u003c\/p\u003e \u003cp\u003eRunning the Code 162\u003c\/p\u003e \u003cp\u003eEmail Collection 162\u003c\/p\u003e \u003cp\u003eCollecting Local Email Data 162\u003c\/p\u003e \u003cp\u003eAccessing Local Email Caches 163\u003c\/p\u003e \u003cp\u003eRunning the Code 163\u003c\/p\u003e \u003cp\u003eProtecting Against Email Collection 164\u003c\/p\u003e \u003cp\u003eIdentifying Email Caches 165\u003c\/p\u003e \u003cp\u003eSearching Archive Files 165\u003c\/p\u003e \u003cp\u003eRunning the Code 166\u003c\/p\u003e \u003cp\u003eSummary 166\u003c\/p\u003e \u003cp\u003eSuggested Exercises 166\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 11 Implementing Command and Control 169\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eEncrypted Channel 170\u003c\/p\u003e \u003cp\u003eCommand and Control Over Encrypted Channels 170\u003c\/p\u003e \u003cp\u003eEncrypted Channel Client 171\u003c\/p\u003e \u003cp\u003eEncrypted Channel Server 172\u003c\/p\u003e \u003cp\u003eRunning the Code 173\u003c\/p\u003e \u003cp\u003eDetecting Encrypted C2 Channels 174\u003c\/p\u003e \u003cp\u003ePerforming Entropy Calculations 175\u003c\/p\u003e \u003cp\u003eDetecting Encrypted Traffic 175\u003c\/p\u003e \u003cp\u003eRunning the Code 176\u003c\/p\u003e \u003cp\u003eProtocol Tunneling 176\u003c\/p\u003e \u003cp\u003eCommand and Control via Protocol Tunneling 176\u003c\/p\u003e \u003cp\u003eProtocol Tunneling Client 177\u003c\/p\u003e \u003cp\u003eProtocol Tunneling Server 177\u003c\/p\u003e \u003cp\u003eRunning the Code 179\u003c\/p\u003e \u003cp\u003eDetecting Protocol Tunneling 179\u003c\/p\u003e \u003cp\u003eExtracting Field Data 181\u003c\/p\u003e \u003cp\u003eIdentifying Encoded Data 181\u003c\/p\u003e \u003cp\u003eRunning the Code 181\u003c\/p\u003e \u003cp\u003eSummary 182\u003c\/p\u003e \u003cp\u003eSuggested Exercises 182\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 12 Exfiltrating Data 183\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eAlternative Protocols 184\u003c\/p\u003e \u003cp\u003eData Exfiltration Over Alternative Protocols 184\u003c\/p\u003e \u003cp\u003eAlternative Protocol Client 185\u003c\/p\u003e \u003cp\u003eAlternative Protocol Server 186\u003c\/p\u003e \u003cp\u003eRunning the Code 188\u003c\/p\u003e \u003cp\u003eDetecting Alternative Protocols 189\u003c\/p\u003e \u003cp\u003eDetecting Embedded Data 190\u003c\/p\u003e \u003cp\u003eRunning the Code 191\u003c\/p\u003e \u003cp\u003eNon- Application Layer Protocols 191\u003c\/p\u003e \u003cp\u003eData Exfiltration via Non- Application Layer Protocols 192\u003c\/p\u003e \u003cp\u003eNon- Application Layer Client 193\u003c\/p\u003e \u003cp\u003eNon- Application Layer Server 193\u003c\/p\u003e \u003cp\u003eRunning the Code 194\u003c\/p\u003e \u003cp\u003eDetecting Non- Application Layer Exfiltration 195\u003c\/p\u003e \u003cp\u003eIdentifying Anomalous Type and Code Values 196\u003c\/p\u003e \u003cp\u003eRunning the Code 196\u003c\/p\u003e \u003cp\u003eSummary 197\u003c\/p\u003e \u003cp\u003eSuggested Exercises 197\u003c\/p\u003e \u003cp\u003e\u003cb\u003eChapter 13 Achieving Impact 199\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eData Encrypted for Impact 200\u003c\/p\u003e \u003cp\u003eEncrypting Data for Impact 200\u003c\/p\u003e \u003cp\u003eIdentifying Files to Encrypt 201\u003c\/p\u003e \u003cp\u003eEncrypting and Decrypting Files 202\u003c\/p\u003e \u003cp\u003eRunning the Code 202\u003c\/p\u003e \u003cp\u003eDetecting File Encryption 203\u003c\/p\u003e \u003cp\u003eFinding Files of Interest 204\u003c\/p\u003e \u003cp\u003eCalculating File Entropies 204\u003c\/p\u003e \u003cp\u003eRunning the Code 205\u003c\/p\u003e \u003cp\u003eAccount Access Removal 205\u003c\/p\u003e \u003cp\u003eRemoving Access to User Accounts 205\u003c\/p\u003e \u003cp\u003eChanging Windows Passwords 207\u003c\/p\u003e \u003cp\u003eChanging Linux Passwords 207\u003c\/p\u003e \u003cp\u003eRunning the Code 207\u003c\/p\u003e \u003cp\u003eDetecting Account Access Removal 208\u003c\/p\u003e \u003cp\u003eDetecting Password Changes in Windows 209\u003c\/p\u003e \u003cp\u003eDetecting Password Changes in Linux 210\u003c\/p\u003e \u003cp\u003eRunning the Code 211\u003c\/p\u003e \u003cp\u003eSummary 211\u003c\/p\u003e \u003cp\u003eSuggested Exercises 212\u003c\/p\u003e \u003cp\u003eIndex 213\u003c\/p\u003e  \u003cp\u003e\u003cb\u003eHOWARD E. POSTON III\u003c\/b\u003e is a freelance consultant and content creator with a professional focus on blockchain and cybersecurity. He has over ten years’ experience in programming with Python and has developed and taught over a dozen courses teaching cybersecurity. He is a sought-after speaker on blockchain and cybersecurity at international security conferences.   \u003c\/p\u003e\u003cp\u003e\u003cb\u003eREAL-WORLD CYBERSECURITY APPLICATIONS FOR PYTHON\u003c\/b\u003e \u003c\/p\u003e\u003cp\u003eThe Python programming language is easy to learn, tremendously powerful, and increasingly being used for sophisticated cybersecurity applications. Python is capable of delivering both offensive and defensive cybersecurity automation, reducing the cost in time and money for network security professionals engaged in defending small and large systems. \u003c\/p\u003e\u003cp\u003eIn\u003ci\u003e Python\u003csup\u003e®\u003c\/sup\u003e for Cybersecurity: Using Python for Cyber Offense and Defense,\u003c\/i\u003e veteran blockchain and cybersecurity educator Howard Poston offers readers a structured and hands-on introduction to the use of Python in the context of computer security. Using the MITRE ATT\u0026amp;CK framework as a set of guideposts, the book explores the lifecycle of a cyberattack and how Python code can be used to overcome critical challenges and threats at each stage of the attack process. \u003c\/p\u003e\u003cp\u003ePerfect for cybersecurity professionals—including SOC analyst penetration testers, and Chief Information Security Officers—Python for Cybersecurity will also earn a place in the libraries of Python programmers and cybersecurity enthusiasts seeking an incisive and practical exploration of the cybersecurity applications of one of the world’s most popular programming languages. \u003c\/p\u003e\u003cp\u003eAlong with real-world use cases and fully functional code examples, the book provides readers with Python applications in a wide variety of areas, including: \u003c\/p\u003e\u003cul\u003e\n\u003cli\u003e \u003cb\u003eINTELLIGENCE COLLECTION AND RECONNAISSANCE\u003c\/b\u003e\n\u003c\/li\u003e \u003cli\u003e\u003cb\u003eVULNERABILITY EXPLOITATION AND LATERAL MOVEMENT\u003c\/b\u003e\u003c\/li\u003e \u003cli\u003e\u003cb\u003eCOMMAND AND CONTROL\u003c\/b\u003e\u003c\/li\u003e \u003cli\u003e\u003cb\u003ePERSISTENCE AND PRIVILEGE ESCALATION\u003c\/b\u003e\u003c\/li\u003e \u003cli\u003e\u003cb\u003eEXTRACTION AND ENCRYPTION OF VALUABLE DATA\u003c\/b\u003e\u003c\/li\u003e\n\u003c\/ul\u003e","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47989892219109,"sku":"NP9781119850649","price":30.0,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9781119850649.jpg?v=1761785816","url":"https:\/\/k12savings.com\/products\/python-for-cybersecurity-isbn-9781119850649","provider":"K12savings","version":"1.0","type":"link"}