5 Python Libraries for Cyber Security

Chris Doucette
Dec 10, 2018 · 3 min read
Photo by Marius Masalar on Unsplash

Introduction

Python is currently one of the fastest growing and most in demand languages. It’s usefulness has been proven in software engineering and data science. Another useful application of the language is for building cyber security tools. In this article, I would like to share with you some of my favorite libraries for building cyber security tools.

Requests

Requests is one of my most used libraries by far and it is for many others as it is one of the most downloaded Python libraries at 400,000 downloads each day. Requests is used for crafting HTTP requests within your Python scripts. This is useful for calling public APIs and grabbing HTML pages.

Installation:

$ pip install requests

Example:

import requestsurl = 'https://haveibeenpwned.com/api/v2/breachedaccount/test@example.com'result = requests.get(url)print(result.text)# [{"Name":"000webhost","Title":"000webhost"...}]

Scapy

Scapy is a useful libary for interacting with packets. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, store or read them using pcap files, match requests and replies, and much more. It is very useful for creating a network scanner to a packet sniffer

Installation:

$ pip install scapy

Example:

from scapy.all import sr1,IP,ICMP

p=sr1(IP(dst='8.8.8.8')/ICMP())
if p:
p.show()

Nmap

Nmap is a well-known open source network scanner. This library allows you to integrate nmap with your Python scripts so you are able to use the power of nmap to scan hosts and then interact with the data within your Python script.

Installation:

$ pip install python-nmap

Example:

import nmapnm = nmap.PortScanner()
nm.scan('127.0.0.1', '22-443')

for host in nm.all_hosts():
print('----------------------------------------------------')
print('Host : %s (%s)' % (host, nm[host].hostname()))
print('State : %s' % nm[host].state())
for proto in nm[host].all_protocols():
print('----------')
print('Protocol : %s' % proto)
lport = nm[host][proto].keys()
lport.sort()
for port in lport:
print ('port : %s\tstate : %s' % (port, nm[host][proto][port]['state']))
# ----------------------------------------------------
# Host : 127.0.0.1 (localhost)
# State : up
# ----------
# Protocol : tcp
# port : 22 state : open
# port : 25 state : open
# port : 80 state : open
# port : 111 state : open
# port : 443 state : open

Beautiful Soup

Beautiful Soup is a library that makes it easy to scrape information from web pages. It has functionality to navigating, searching, and modifying a webpage to extract any data you may need.

Installation:

$ pip install beautifulsoup4

Example:

html_doc = """
<html>
<head>
<title>Test Page</title>
</head>
<body>
<p><b>This is a test page.</b></p>
</body>
</html>
"""

from bs4 import BeautifulSoup
soup = BeautifulSoup(html_doc, 'html.parser')
for tag in soup.find_all('b')
print(tag.name)
# b

Yara

Yara is a tool built by VirusTotal for easily finding patterns within data. It’s like Ctrl+F on steroids. You are able to specify strings or regex patterns and if you would like a condition or multiple conditions to be met. This library allows you to easily implement Yara within your scripts. I have personally used it before to pull out data that matched on yara rules from API queries.

Installation:

pip install yara-python

Example:

import yararule = yara.compile(source='rule foo: bar {strings: $a = "lmn" condition: $a}')
matches = rule.match(data='abcdefgjiklmnoprstuvwxyz')
print(matches)
#[foo]

Conclusion

These are my picks for my favorite libraries to use when building cyber security tools. If you know of any others feel free to comment them below!

EdibleSec

Easily consumable information security stories :: https://ediblesec.com

Chris Doucette

Written by

Security Engineer | ediblesec.com | Follow me on Twitter: @thegrumpyape

EdibleSec

EdibleSec

Easily consumable information security stories :: https://ediblesec.com

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade