Hacking & Python Cheatsheet
Shared 11/28/2025•299 views
1. Python Basics for Hacking Interpreted Language: No compilation needed, quick to test. Libraries: Extensive modules for network, crypto, web. Scripting: Automate repetitive tasks. Syntax: Print: print("Hello, World!") Variables: x = 10 , name = "Alice" Functions: def greet(name): return f"Hello, {name}" Loops: for i in range(5): print(i) while True: # ... Conditionals: if x > 5: print("Greater") elif x == 5: print("Equal") else: print("Less") 2. Networking with Python 2.1. Sockets ( socket module) Client-Side: import socket s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect(("example.com", 80)) s.sendall(b"GET / HTTP/1.1\r\nHost: example.com\r\n\r\n") data = s.recv(1024) s.close() print(data.decode()) Server-Side (Basic): import socket HOST = '127.0.0.1' PORT = 65432 with socket.socket(socket.AF_INET, socket.SOCK_STREAM) as s: s.bind((HOST, PORT)) s.listen() conn, addr = s.accept() with conn: print(f"Connected by {addr}") while True: data = conn.recv(1024) if not data: break conn.sendall(data) 2.2. HTTP Requests ( requests module) Installation: pip install requests GET Request: import requests r = requests.get("http://example.com") print(r.status_code) print(r.text) POST Request: data = {'key': 'value'} r = requests.post("http://example.com/api", data=data) Headers/Cookies: headers = {'User-Agent': 'MyAgent'} cookies = {'sessionid': 'abc'} r = requests.get("http://example.com", headers=headers, cookies=cookies) 3. OS Interaction & System Hacking 3.1. OS Module ( os ) Execute Commands: os.system("ls -la") (Returns exit code) output = os.popen("ls -la").read() (Returns output) Environment Variables: os.environ['PATH'] File Operations: os.mkdir() , os.remove() , os.path.exists() 3.2. Subprocess ( subprocess ) Run External Commands: import subprocess result = subprocess.run(["ls", "-la"], capture_output=True, text=True) print(result.stdout) print(result.stderr) Shell Execution (use with caution): subprocess.run("ls -la", shell=True) 4. Cryptography & Hashing 4.1. Hashing ( hashlib ) MD5: import hashlib data = b"hello" md5_hash = hashlib.md5(data).hexdigest() print(md5_hash) SHA256: sha256_hash = hashlib.sha256(data).hexdigest() print(sha256_hash) 4.2. Base64 Encoding ( base64 ) Encode: import base64 encoded = base64.b64encode(b"secret") print(encoded) # b'c2VjcmV0' Decode: decoded = base64.b64decode(b"c2VjcmV0") print(decoded) # b'secret' 5. Web Hacking Tools/Concepts 5.1. Web Scraping ( BeautifulSoup , requests ) Installation: pip install beautifulsoup4 Example: from bs4 import BeautifulSoup import requests url = "http://example.com" response = requests.get(url) soup = BeautifulSoup(response.text, 'html.parser') title = soup.find('title').text print(title) 5.2. SQL Injection Concepts Payloads: ' OR 1=1 -- , ' UNION SELECT null, database() -- Python Use: Automate sending crafted requests to vulnerable endpoints. 5.3. XSS (Cross-Site Scripting) Payloads: <script>alert('XSS')</script> Python Use: Scan for reflection points, automate fuzzing. 6. Common Python Libraries for Security Scapy : Packet manipulation, network scanning. Paramiko : SSHv2 protocol implementation (client and server). Cryptography : High-level cryptographic recipes and low-level primitives. Nmap (python-nmap): Python wrapper for Nmap scanner. Pillow : Image manipulation (steganography). 7. Ethical Hacking Workflow (Python's Role) Reconnaissance: Automate information gathering (OSINT, web scraping). Scanning: Port scanning, vulnerability scanning. Gaining Access: Exploit development, brute-forcing, password cracking. Maintaining Access: Backdoors, rootkits. Covering Tracks: Log cleaning. 8. Important Security Considerations Legality: Always have explicit permission before testing systems. Anonymity: Use VPNs, Tor, proxies when necessary. Sanitization: Always sanitize user input to prevent injection attacks. Least Privilege: Run scripts with minimal necessary permissions. Error Handling: Gracefully handle exceptions, avoid leaking sensitive info in errors.