Common Vulnerabilities and Exploits with Python

Focused View

Laurentiu Raducu

48:03

95 View

1. Course Overview

1. Course Overview.mp4

01:36

2. Installing Python

1. Introduction.mp4

02:06

2. Installing Python on Windows.mp4

03:28

3. Installing Python on Linux Systems.mp4

02:17

4. Setting up Virtual Environments.mp4

04:51

3. Buffer Overflow Vulnerabilities with Python

1. Explaining the Buffer Overflow Vulnerability.mp4

03:20

2. Exploiting Buffer Overflow in a Vulnerable Software.mp4

09:23

3. Exploiting Buffer Overflow in a Web Service.mp4

02:03

4. Exploiting the EternalBlue Vulnerability.mp4

05:02

4. Common Exploits in Windows

1. Executing Shellcode with Python.mp4

03:45

2. Creating a Keylogger in Python.mp4

05:43

3. Sandbox Detection with Python.mp4

03:30

4. Course Conclusions.mp4

00:59

Description

Just like any other programming language, Python can also be used by attackers to conduct malicious actions. This course will teach you how to prevent common vulnerabilities with Python.

What You'll Learn?

Python is becoming increasingly popular not only in data science, but also in the software engineering community. According to the stack overflow annual survey, Python holds the fourth place as the most popular technology. It allows fast development and it’s relatively easy compared to other high-level programming languages. As its popularity grows, and many people are drawn into using it, the reports of being used for vulnerability exploitation emerge. In this course, Common Vulnerabilities and Exploits with Python, you will learn how to exploit those vulnerabilities from the perspective of an attacker, with the main objective to avoid the mistakes of introducing them in your production software First, you will learn how to perform and protect against a buffer overflow attack. You will focus also on the EternalBlue exploit, which affected many Windows operating system versions. Second, you will see how you can create a keylogger application, capable of recording the keystrokes of the victim, as well as taking screenshots from the target’s computer. Finally, you will discover how you can execute shellcode using Python, and how to enhance a malware to detect anti-malware sandboxing techniques and evade them. By the end of this course, you will improve your skill set in using Python for detecting and avoiding common vulnerabilities.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

Python

Laurentiu Raducu

Instructor's Courses

It all began in highschool, when Laurentiu first started his path in the computer science journey. Initially he started with C++, and fell in love quickly with the prospect of learning to develop software. Thanks to his passion for chess, his first computer program was a console-based ASCII chess game developed in C++. After a while, during university, Laurentiu started to experiment with other OOP programming languages, like Java, Kotlin or Python. He started to play with different tech stacks and frameworks, developing and publishing software apps for Android devices. However, things started to change when Laurentiu decided to explore the world of cybersecurity. He started to go to security hackathons, CTF events, and completed numerous challenges on websites like overthewire.org. At the same time, he realized it might be a good idea to document his journey using short videos, and then he thought that he can become a lecturer, helping people learn more about tech.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.