Python tools for penetration testers

If you are involved in vulnerability research, reverse engineering or penetration testing, I suggest to try out the Python programming language. It has a rich set of useful libraries and programs. This page lists some of them.

Most of the listed tools are written in Python, others are just Python bindings for existing C libraries, i.e. they make those libraries easily usable from Python programs.

Some of the more aggressive tools (pentest frameworks, bluetooth smashers, web application vulnerability scanners, war-dialers, etc.) are left out, because the legal situation of these tools is still a bit unclear in Germany -- even after the decision of the highest court. This list is clearly meant to help whitehats, and for now I prefer to err on the safe side.

Network

Debugging and reverse engineering

Fuzzing

Web

Forensics

Malware analysis

PDF

Misc

Other useful libraries and tools

The Python Arsenal for Reverse Engineering is a large collection of tools related to reverse engineering.

There is a SANS paper about Python libraries helpful for forensic analysis (PDF).

For more Python libaries, please have a look at PyPI, the Python Package Index.

CC-BY (de) 2010 - 2014 Dirk Loss - Last Changed: 2014-01-11