لماذا Python للأمن السيبراني؟

Python هي اللغة الأولى لمحترفي الأمن السيبراني لأسباب عديدة:

  • مكتبات غنية: socket, requests, scapy, paramiko
  • كتابة سريعة: تكتب أداة في ساعة بدلاً من يوم
  • مجتمع ضخم: معظم أدوات الأمن مكتوبة بها

أساسيات مهمة للهاكرز

التعامل مع الشبكة

import socket

# فحص منفذ بسيط
def check_port(host, port, timeout=1):
    try:
        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        sock.settimeout(timeout)
        result = sock.connect_ex((host, port))
        sock.close()
        return result == 0  # True = open
    except socket.error:
        return False

# مثال على استخدامه
target = "192.168.1.1"
for port in range(1, 1025):
    if check_port(target, port):
        print(f"[+] Port {port} is OPEN")

Port Scanner بسيط

import socket
import concurrent.futures

def scan_port(args):
    host, port = args
    try:
        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        sock.settimeout(0.5)
        result = sock.connect_ex((host, port))
        sock.close()
        if result == 0:
            try:
                service = socket.getservbyport(port)
            except Exception:
                service = "unknown"
            return port, service
    except Exception:
        pass
    return None

def fast_scan(host, start=1, end=1024):
    print(f"[*] Scanning {host}...")
    open_ports = []
    
    with concurrent.futures.ThreadPoolExecutor(max_workers=100) as executor:
        results = executor.map(scan_port, [(host, p) for p in range(start, end+1)])
    
    for result in results:
        if result:
            port, service = result
            print(f"[+] {port}/tcp  OPEN  {service}")
            open_ports.append(port)
    
    return open_ports

if __name__ == "__main__":
    fast_scan("192.168.1.1")

HTTP Requests للاستطلاع

import requests
from concurrent.futures import ThreadPoolExecutor

# Directory brute-forcing بسيط
def check_path(url, path):
    full_url = f"{url}/{path}"
    try:
        resp = requests.get(full_url, timeout=3, allow_redirects=False)
        if resp.status_code not in [404, 403]:
            return full_url, resp.status_code
    except requests.RequestException:
        pass
    return None

def dir_bruteforce(url, wordlist_path):
    with open(wordlist_path) as f:
        words = [line.strip() for line in f if line.strip()]
    
    print(f"[*] Scanning {url} with {len(words)} words...")
    
    with ThreadPoolExecutor(max_workers=20) as executor:
        results = executor.map(lambda w: check_path(url, w), words)
    
    for result in results:
        if result:
            url, code = result
            print(f"[{code}] {url}")

dir_bruteforce("http://target.com", "/usr/share/wordlists/dirb/common.txt")

Subprocess — تشغيل الأوامر

import subprocess
import shlex

def run_nmap(target):
    cmd = f"nmap -sV -sC --top-ports 100 {target}"
    result = subprocess.run(
        shlex.split(cmd),
        capture_output=True,
        text=True,
        timeout=120
    )
    return result.stdout

output = run_nmap("192.168.1.1")
print(output)

مكتبة Paramiko للـ SSH

import paramiko

def ssh_connect(host, username, password, port=22):
    client = paramiko.SSHClient()
    client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
    
    try:
        client.connect(host, port=port, username=username, password=password, timeout=5)
        stdin, stdout, stderr = client.exec_command("id && hostname")
        print(stdout.read().decode())
        client.close()
        return True
    except paramiko.AuthenticationException:
        return False
    except Exception as e:
        print(f"Error: {e}")
        return False

المشاريع الموصى بها للتعلم

  1. Port Scanner ← ابدأ هنا
  2. Subdomain Enumeration tool
  3. Web Directory Brute-forcer
  4. SSH Brute-force (على أهداف مرخصة فقط!)
  5. Packet Sniffer باستخدام Scapy