如果你从事的行业是漏洞研究，逆向工程或者渗透测试，那么Python语言你将值得拥有。它是一个具有丰富的扩展库和项目的编程语言。本文仅仅列出了其中的一小部分。下面列举的工具大部分是用Python写的，剩下的一部分是C语言库的Python实现，且他们很容易被Python所使用。其中有些有攻击性比较强的工具（如：渗透测试框架，蓝牙，web漏洞扫描器，等等）被遗漏了，因为这些工具的使用在德国仍然存在一些法律风险。

网络：

• Scapy, Scapy3k: send, sniff and dissect
  and forge network packets. Usable interactively or as a library
• pypcap, Pcapy and pylibpcap: several different
  Python bindings for libpcap
• libdnet: low-level networking
  routines, including interface lookup and Ethernet frame transmission
• dpkt: fast, simple packet
  creation/parsing, with definitions for the basic TCP/IP protocols
• Impacket:
  craft and decode network packets. Includes support for higher-level
  protocols such as NMB and SMB
• pynids: libnids wrapper offering
  sniffing, IP defragmentation, TCP stream reassembly and port scan
  detection
• Dirtbags py-pcap: read pcap
  files without libpcap
• flowgrep: grep through
  packet payloads using regular expressions
• Knock Subdomain Scan, enumerate
  subdomains on a target domain through a wordlist
• SubBrute, fast subdomain
  enumeration tool
• Mallory, extensible
  TCP/UDP man-in-the-middle proxy, supports modifying non-standard
  protocols on the fly
• Pytbull: flexible IDS/IPS testing
  framework (shipped with more than 300 tests)

调试与逆向工程：

• Paimei: reverse engineering
  framework, includes PyDBG, PIDA,
  pGRAPH
• Immunity Debugger:
  scriptable GUI and command line debugger
• mona.py:
  PyCommand for Immunity Debugger that replaces and improves on
  pvefindaddr
• IDAPython: IDA Pro plugin that
  integrates the Python programming language, allowing scripts to run
  in IDA Pro
• PyEMU: fully scriptable IA-32
  emulator, useful for malware analysis
• pefile: read and work with
  Portable Executable (aka PE) files
• pydasm:
  Python interface to the libdasm x86 disassembling library
• PyDbgEng: Python wrapper for the
  Microsoft Windows Debugging Engine
• uhooker:
  intercept calls to API calls inside DLLs, and also arbitrary
  addresses within the executable file in memory
• diStorm: disassembler library
  for AMD64, licensed under the BSD license
• python-ptrace:
  debugger using ptrace (Linux, BSD and Darwin system call to trace
  processes) written in Python
• vdb / vtrace: vtrace is a
  cross-platform process debugging API implemented in python, and vdb
  is a debugger which uses it
• Androguard: reverse
  engineering and analysis of Android applications
• Capstone: lightweight
  multi-platform, multi-architecture disassembly framework with Python
  bindings
• PyBFD: Python interface
  to the GNU Binary File Descriptor (BFD) library

Fuzzing：

• Sulley: fuzzer development and
  fuzz testing framework consisting of multiple extensible components
• Peach Fuzzing Platform:
  extensible fuzzing framework for generation and mutation based
  fuzzing (v2 was written in Python)
• antiparser: fuzz testing and
  fault injection API
• TAOF, (The Art of Fuzzing)
  including ProxyFuzz, a man-in-the-middle non-deterministic network
  fuzzer
• untidy: general purpose XML fuzzer
• Powerfuzzer: highly automated and
  fully customizable web fuzzer (HTTP protocol based application
  fuzzer)
• SMUDGE
• Mistress:
  probe file formats on the fly and protocols with malformed data,
  based on pre-defined patterns
• Fuzzbox:
  multi-codec media fuzzer
• Forensic Fuzzing
  Tools:
  generate fuzzed files, fuzzed file systems, and file systems
  containing fuzzed files in order to test the robustness of forensics
  tools and examination systems
• Windows IPC Fuzzing
  Tools:
  tools used to fuzz applications that use Windows Interprocess
  Communication mechanisms
• WSBang:
  perform automated security testing of SOAP based web services
• Construct: library for parsing
  and building of data structures (binary or textual). Define your
  data structures in a declarative manner
• fuzzer.py
  (feliam):
  simple fuzzer by Felipe Andres Manzano
• Fusil: Python library
  used to write fuzzing programs

Web：

• Requests: elegant and simple HTTP
  library, built for human beings
• HTTPie: human-friendly cURL-like command line
  HTTP client
• ProxMon:
  processes proxy logs and reports discovered issues
• WSMap:
  find web service endpoints and discovery files
• Twill: browse the Web from a command-line
  interface. Supports automated Web testing
• Ghost.py: webkit web client written
  in Python
• Windmill: web testing tool designed
  to let you painlessly automate and debug your web application
• FunkLoad: functional and load web
  tester
• spynner: Programmatic web
  browsing module for Python with Javascript/AJAX support
• python-spidermonkey:
  bridge to the Mozilla SpiderMonkey JavaScript engine; allows for the
  evaluation and calling of Javascript scripts and functions
• mitmproxy: SSL-capable, intercepting HTTP
  proxy. Console interface allows traffic flows to be inspected and
  edited on the fly
• pathod / pathoc: pathological daemon/client
  for tormenting HTTP clients and servers

取证分析：

• Volatility:
  extract digital artifacts from volatile memory (RAM) samples
• Rekall:
  memory analysis framework developed by Google
• LibForensics: library for
  developing digital forensics applications
• TrIDLib, identify file types
  from their binary signatures. Now includes Python binding
• aft: Android forensic toolkit

恶意代码分析：

• pyew: command line hexadecimal
  editor and disassembler, mainly to analyze malware
• Exefilter: filter file formats
  in e-mails, web pages or files. Detects many common file formats and
  can remove active content
• pyClamAV: add
  virus detection capabilities to your Python software
• jsunpack-n, generic
  JavaScript unpacker: emulates browser functionality to detect
  exploits that target browser and browser plug-in vulnerabilities
• yara-python:
  identify and classify malware samples
• phoneyc: pure Python
  honeyclient implementation
• CapTipper: analyse, explore and
  revive HTTP malicious traffic from PCAP file

PDF文件分析：

• peepdf:
  Python tool to analyse and explore PDF files to find out if they can be harmful
• Didier Stevens’ PDF
  tools: analyse,
  identify and create PDF files (includes PDFiD, pdf-parser and make-pdf and mPDF)
• Opaf: Open PDF Analysis Framework.
  Converts PDF to an XML tree that can be analyzed and modified.
• Origapy: Python wrapper
  for the Origami Ruby module which sanitizes PDF files
• pyPDF2: pure Python PDF toolkit: extract
  info, spilt, merge, crop, encrypt, decrypt…
• PDFMiner:
  extract text from PDF files
• python-poppler-qt4:
  Python binding for the Poppler PDF library, including Qt4 support

杂项：

• InlineEgg:
  toolbox of classes for writing small assembly programs in Python
• Exomind:
  framework for building decorated graphs and developing open-source
  intelligence modules and ideas, centered on social network services,
  search engines and instant messaging
• RevHosts: enumerate
  virtual hosts for a given IP address
• simplejson: JSON
  encoder/decoder, e.g. to use Google’s AJAX
  API
• PyMangle: command line tool
  and a python library used to create word lists for use with other
  penetration testing tools
• Hachoir: view and
  edit a binary stream field by field
• py-mangle: command line tool
  and a python library used to create word lists for use with other
  penetration testing tools

其他有用的扩展库与工具：

• IPython: enhanced interactive Python
  shell with many features for object introspection, system shell
  access, and its own special command system
• Beautiful Soup:
  HTML parser optimized for screen-scraping
• matplotlib: make 2D plots of
  arrays
• Mayavi: 3D scientific
  data visualization and plotting
• RTGraph3D: create
  dynamic graphs in 3D
• Twisted: event-driven networking engine
• Suds: lightweight SOAP client for
  consuming Web Services
• M2Crypto:
  most complete OpenSSL wrapper
• NetworkX: graph library (edges, nodes)
• Pandas: library providing
  high-performance, easy-to-use data structures and data analysis
  tools
• pyparsing: general parsing
  module
• lxml: most feature-rich and easy-to-use library
  for working with XML and HTML in the Python language
• Whoosh: fast, featureful
  full-text indexing and searching library implemented in pure Python
• Pexpect: control and automate
  other programs, similar to Don Libes `Expect` system
• Sikuli, visual technology
  to search and automate GUIs using screenshots. Scriptable in Jython
• PyQt and PySide: Python bindings for the Qt
  application framework and GUI library

相关书籍：

• Violent Python by TJ O’Connor. A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers
• Grey Hat Python by Justin Seitz:
  Python Programming for Hackers and Reverse Engineers.
• Black Hat Python by Justin Seitz:
  Python Programming for Hackers and Pentesters
• Python Penetration Testing Essentials by Mohit:
  Employ the power of Python to get the best out of pentesting
• Python for Secret Agents by Steven F. Lott. Analyze, encrypt, and uncover intelligence data using Python

其他：

• SecurityTube Python Scripting Expert (SPSE) is an online course and certification offered by Vivek Ramachandran.
• SANS offers the course SEC573: Python for Penetration Testers.
• The Python Arsenal for Reverse Engineering is a large collection of tools related to reverse engineering.
• There is a SANS paper about Python libraries helpful for forensic analysis (PDF).
• For more Python libaries, please have a look at PyPI, the Python Package Index.

参考链接：https://github.com/dloss/python-pentest-tools