Scribd
Upload
23 views6 pages

Penetration Testing Guide

pen test

Uploaded by

devops.dashtech
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
23 views6 pages

Penetration Testing Guide

pen test

Uploaded by

devops.dashtech
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

# Comprehensive Guide: Penetration Testing and Digital Forensics with Python

## 1. Analysis of Wireless Access Points in the Registry

### Theory

Windows systems store information about previously connected wireless networks in the system

registry. This data is critical in forensic investigations as it can provide a timeline of network activity,

corroborate a suspect's location, and highlight security misconfigurations or unauthorized access.

### Registry Locations

- HKLM\SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet: Tracks connected

networks.

- HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\NetworkList: Stores profiles of known

networks.

### Python Implementation

```python

import winreg

def list_wireless_networks():

try:

reg_key = r"SYSTEM\CurrentControlSet\Services\NlaSvc\Parameters\Internet"

key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, reg_key)

i=0

while True:

try:
sub_key_name = winreg.EnumKey(key, i)

print(f"Found Wireless Network: {sub_key_name}")

i += 1

except OSError:

break

winreg.CloseKey(key)

except Exception as e:

print(f"Error accessing Registry: {e}")

list_wireless_networks()

```

## 2. Recover Deleted Items in the Recycle Bin

### Theory

When files are deleted on Windows, they are moved to the $Recycle.Bin directory rather than being

permanently removed. This directory maintains metadata such as the original file name, path, and

deletion time.

### Python Implementation

```python

import os

def recover_recycle_bin():

recycle_bin_path = "C:\\$Recycle.Bin"

for root, dirs, files in os.walk(recycle_bin_path):

for file in files:


print(f"Deleted file found: {os.path.join(root, file)}")

recover_recycle_bin()

```

## 3. Parse PDF Metadata

### Theory

PDF metadata contains details about the document's creation, authorship, and modifications.

Forensic analysts use this to trace document origins, establish timelines, and detect tampering.

### Python Implementation

```python

from PyPDF2 import PdfReader

def extract_pdf_metadata(file_path):

try:

reader = PdfReader(file_path)

metadata = reader.metadata

if metadata:

for key, value in metadata.items():

print(f"{key}: {value}")

else:

print("No metadata found.")

except Exception as e:

print(f"Error reading PDF: {e}")


pdf_file = "example.pdf"

extract_pdf_metadata(pdf_file)

```

## 4. Investigating Application Artifacts

### Theory

Application artifacts are remnants of user interactions with software. These include logs, caches,

configuration files, and databases, which can reveal user activities, system usage, or data

exfiltration attempts.

### Example: Analyze Browser History

```python

import sqlite3

def analyze_browser_history(history_db):

try:

conn = sqlite3.connect(history_db)

cursor = conn.cursor()

cursor.execute("SELECT url, title, visit_count, last_visit_time FROM urls")

rows = cursor.fetchall()

for row in rows:

print(f"URL: {row[0]}, Title: {row[1]}, Visits: {row[2]}, Last Visit Time: {row[3]}")

conn.close()

except Exception as e:

print(f"Error analyzing history: {e}")


history_file = "C:\\Users\\YourUser\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\History"

analyze_browser_history(history_file)

```

## 5. Social Engineering

### Theory

Social engineering involves manipulating individuals into divulging confidential information or

performing actions that compromise security. Mass social engineering scales this to target larger

populations through phishing campaigns, misinformation, and social media manipulation.

### Core Techniques

- Phishing: Deceptive emails or messages tricking users into revealing information.

- Pretexting: Creating a false identity or scenario to gain trust.

- Baiting: Enticing victims with offers, such as infected USB drives or free downloads.

## 6. Web Recon with Python

### Theory

Web reconnaissance involves gathering information about a target system, domain, or application

through publicly available data. This includes identifying subdomains, extracting metadata, and

detecting vulnerabilities.

### Python Implementation: Subdomain Enumeration

```python

import requests
def subdomain_enumeration(domain, subdomains):

for subdomain in subdomains:

url = f"http://{subdomain}.{domain}"

try:

response = requests.get(url)

if response.status_code == 200:

print(f"Found Subdomain: {url}")

except requests.ConnectionError:

pass

target_domain = "example.com"

common_subdomains = ["www", "mail", "ftp", "dev"]

subdomain_enumeration(target_domain, common_subdomains)

```

### Defensive Strategies for Social Engineering and Web Recon

1. Awareness Training: Educate individuals about common attack tactics.

2. Verification Protocols: Verify identities through independent channels.

3. Network Security: Implement firewalls, intrusion detection systems, and secure protocols.

4. Regular Audits: Review systems and user behavior for vulnerabilities.

### Ethical Considerations

- Obtain explicit permission before performing any reconnaissance or penetration testing.

- Adhere to local laws and ethical guidelines.

- Prioritize user privacy and data protection at all times.

You might also like