Python for web application security professionals
by Chintan Dave - InfoSec Institute - Wednesday, 16 October 2013.
3. Send a HTTP request - So far no HTTP Request is sent on the wire. In order to do so, use the request() method. This is when the HTTP packet that we have created is sent out over the network to the target web server, using the method passed on as an argument (in our case GET).

4. Get a HTTP response - Now that we have sent a request, we can use getresponse() object to get serverís response. This method will return a HTTP response object back, which when read will send output generated by the server.


urllib2 is a little different from the httplib library when it comes to creating and sending out HTTP requests. We donít have to open up a connection and instead after importing, we can make a request directly. This is much simpler when compared to httplib. It is suggested that users make use of urllib2 as it's recommended even by the Python community.

Readers should go through the Python documentation to understand what functions are supported by the urllib2 module to explore the full potential of this library and utilize it when creating their own tools or scripts.

What follows is a sample SQL injection tool that Iíve created only for demonstration purpose. It hits the login page of the website and injects single payload. The following is a simple script:

1. import urllib

2. import urllib2

3. location = ""

4. values = {"username":"'","password":"password","btnSubmit":"Login"}

5. data = urllib.urlencode(values)

6. req = urllib2.Request(location,data)

7. response = urllib2.urlopen(req)

8. page_data =

9. print page_data

First we are importing the urllib and urllib2 libraries. We are then associating the target URL to the variable ďlocationĒ and assigning post data to the variable ďvaluesĒ. Once these steps are completed, we are encoding the URL data and then submitting the request to the server and reading the response received.

The above script is just to show how easily one can create custom tools. The above script is far from perfect and will need much modification before using in practice. It only fires one request, while in real life our tool should fire multiple requests by iterating over a list of payloads. Itís left as an exercise to readers to go through libraries and the functions it supports to understand how they can create their own tools. A real life tool will also have to take care of session management and hence needs to also deal with cookies and other HTTP headers like referrers, content type etc. Weíll also need to iterate over the a list of URLs repeatedly until all our payloads are fired one by one for each and every parameter in order to ensure coverage.


Python is an easy to learn language which can be helpful to penetration testers to create their custom tools which they can use to achieve coverage. Thus plugging in holes which are at times created by vulnerability scanners because they are unable to hit certain pages due to one or the other reason. Users can create reusable code by using Pythonís object orientation which can help them create classes that can be inherited and extended. Python can not only be used for quick and dirty scripting to achieve small automation tasks but also be used to create enterprise class vulnerability scanning routines.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Feb 9th