Do you know Python?
Python, probably the most popular programming language in the world, proves to be the most commonly used hacking tool language.
Security Business Imperva came to this conclusion after looking at GitHub and found that more than 20% of GitHub repositories were used for attack tools and proof-of-concepts The exploit is written in Python. (Recommended Learning: Python Video Tutorial)
"In almost all security-related topics in GitHub, most repositories are written in Python, including w3af, Tools like Sqlmap and even the infamous AutoSploit tool," the company explained in a blog post, adding that hackers enjoy Python's advantages - easy to learn, easy to read, comprehensive libraries - just like everyone else.
Python is not only present in GitHub repos, but also in events. Imperva claims that the largest group of web clients it can identify in its security incident data (about 25%) are based on Python.
Most
Looking at the usage of Python in attacks on websites protected by Imperva, the company found that a whopping 77% were attacked by Python-based tools, and in At least one-third of the incidents in most daily attacks can be attributed to coding written in Python.
Security Business points to Urllib and Requests as the two most popular Python libraries used by attackers asyncio, a relative newcomer that is just starting to show signs of adoption. Among the most common attacks involving Python tools, the two most popular attacks over the past two months were against a PHP-based remote execution flaw in the PHPUnit framework (CVE-2017-9841) and a remote code execution flaw in Joomla (CVE -2015-8562).
Imperva’s observations don’t provide much insight into whether mitigating Python-based attacks is any different than dealing with other types of attacks. But the company did note that Python requires minimal coding skills, making it easy to script and exploit vulnerabilities.
IBM researcher Grady Booch told The Register that Imperva's observations appear to be reasonable. "I haven't delved into Imperva's data or methodology, but it's true on many levels: Python is popular because it's most often used at the edges of systems where software is more tractable (and less risky, e.g. - the foundations of a system facilities compared),” he said.
Thomas Reed, director of Mac and mobile at security firm Malwarebytes, said he tends to agree with Imperva's findings. "We've seen some malware on Macs that's coded in nothing but Python!" he told us, pointing to EvilOSX, Bella, and Pupy. "Python is also very popular with white hats... It's now my scripting language of choice and is popular with many other Mac security experts and administrators. There's even a way to include Objectives in Python scripts - C method, via pyobjc, for extra power."
For more Python-related technical articles, please visit the Python Tutorial column to learn!
The above is the detailed content of Do you know Python?. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1387
52
Is the vscode extension malicious?
Apr 15, 2025 pm 07:57 PM
VS Code extensions pose malicious risks, such as hiding malicious code, exploiting vulnerabilities, and masturbating as legitimate extensions. Methods to identify malicious extensions include: checking publishers, reading comments, checking code, and installing with caution. Security measures also include: security awareness, good habits, regular updates and antivirus software.
Can vs code run in Windows 8
Apr 15, 2025 pm 07:24 PM
VS Code can run on Windows 8, but the experience may not be great. First make sure the system has been updated to the latest patch, then download the VS Code installation package that matches the system architecture and install it as prompted. After installation, be aware that some extensions may be incompatible with Windows 8 and need to look for alternative extensions or use newer Windows systems in a virtual machine. Install the necessary extensions to check whether they work properly. Although VS Code is feasible on Windows 8, it is recommended to upgrade to a newer Windows system for a better development experience and security.
How to run programs in terminal vscode
Apr 15, 2025 pm 06:42 PM
In VS Code, you can run the program in the terminal through the following steps: Prepare the code and open the integrated terminal to ensure that the code directory is consistent with the terminal working directory. Select the run command according to the programming language (such as Python's python your_file_name.py) to check whether it runs successfully and resolve errors. Use the debugger to improve debugging efficiency.
Can visual studio code be used in python
Apr 15, 2025 pm 08:18 PM
VS Code can be used to write Python and provides many features that make it an ideal tool for developing Python applications. It allows users to: install Python extensions to get functions such as code completion, syntax highlighting, and debugging. Use the debugger to track code step by step, find and fix errors. Integrate Git for version control. Use code formatting tools to maintain code consistency. Use the Linting tool to spot potential problems ahead of time.
Choosing Between PHP and Python: A Guide
Apr 18, 2025 am 12:24 AM
PHP is suitable for web development and rapid prototyping, and Python is suitable for data science and machine learning. 1.PHP is used for dynamic web development, with simple syntax and suitable for rapid development. 2. Python has concise syntax, is suitable for multiple fields, and has a strong library ecosystem.
Can vscode be used for mac
Apr 15, 2025 pm 07:36 PM
VS Code is available on Mac. It has powerful extensions, Git integration, terminal and debugger, and also offers a wealth of setup options. However, for particularly large projects or highly professional development, VS Code may have performance or functional limitations.
Can visual studio code run python
Apr 15, 2025 pm 08:00 PM
VS Code not only can run Python, but also provides powerful functions, including: automatically identifying Python files after installing Python extensions, providing functions such as code completion, syntax highlighting, and debugging. Relying on the installed Python environment, extensions act as bridge connection editing and Python environment. The debugging functions include setting breakpoints, step-by-step debugging, viewing variable values, and improving debugging efficiency. The integrated terminal supports running complex commands such as unit testing and package management. Supports extended configuration and enhances features such as code formatting, analysis and version control.
Golang vs. Python: Concurrency and Multithreading
Apr 17, 2025 am 12:20 AM
Golang is more suitable for high concurrency tasks, while Python has more advantages in flexibility. 1.Golang efficiently handles concurrency through goroutine and channel. 2. Python relies on threading and asyncio, which is affected by GIL, but provides multiple concurrency methods. The choice should be based on specific needs.
