SANS Pen Test Cheat Sheet: Python – pyWars (SEC573)

by: Mark Baggett

Python skills are incredibly useful for all kinds of information security personnel, from pen testers to cyber defenders to forensics pros.  With so many tools written in Python and so many Python libraries to work magic in just a few lines of code, I wrote a course (SANS SEC573) on how to get the most out of this handy language.

But, In 2012 I faced a challenge.

I had created a software platform for delivering SEC573’s Python based labs to students called pyWars and I needed to test that server under load before I used it in a classroom environment.  I had already run fuzzers and traffic generators against the server, but nothing quite matches the testing that is done by a human.  I know this to be true because we succeed as Penetration testers despite the availability of high quality vulnerability scanners!  I decided to have a SANS@Night session where I would issue an open invitation to students at the conference to come and try out the new SEC573 labs.  One of the immutable rules of information security is this, if you invite people to come hack stuff and give them free beer, then people will come.  So that is what we did.

But what about people who don’t know Python?!

I can’t expect people to really test my labs when I haven’t taught them any Python.  So, I boiled down the bare essentials into a 1 hour introduction I could present to get people going on the labs.  I would present the material and if everyone remembered EVERYTHING I said they could complete the labs.  But none of us remember everything.  I needed a condensed version of the essential Python skills required to perform common tasks covered in the courseware that I could hand out.  Thus the SEC573 Python 2.7 cheat sheet was born.

This cheat sheet is specific to version 2.7 and it covers the bare essential of coding in Python.  It is intended to help you quickly find the proper syntax of commonly used Python commands.   Whether you are going to take the new GPYC  – GIAC (Python Coder) Certification or just want to knock out a program without pulling our your reference manuals I hope that you will find the cheat sheet useful.Python_CheatSheet_07052016

Download: Python Cheat Sheet – 2pg PDF

Learn more about GIAC’s *new* Python Coder CertificationGPYC.

Mark Baggett
SANS Instructor
Course Author – SEC573

SANS Online Training:

OLT_forBlogs

All SANS Online Training courses include:

  • Convenience and Flexibility
  • Subject-Matter Expert Support
  • Anytime, Anywhere access for four or more months
  • Save costs and time – no travel necessary

Test Drive any of 30 SANS courses today at www.sans.org/demo

“I love the material, I love the SANS Online delivery, and I want the entire industry to take these courses.” – Nick Sewell, IIT

Leave a Reply

Your email address will not be published. Required fields are marked *