Adversaries may abuse Python commands and scripts for execution. Python is a very popular scripting/programming language, with capabilities to perform many functions. Python can be executed interactively from the command-line (via the python.exe interpreter) or via scripts (.py) that can be written and distributed to different systems. Python code can also be compiled into binary executables.

Python comes with many built-in packages to interact with the underlying system, such as file operations and device I/O. Adversaries can use these libraries to download and execute commands or other scripts as well as perform various malicious behaviors.

Python a Programming/Scripting Language common in the infosec community some great and powerful tools have been published using the language (Impacket, cough* cough*). Currently in its version 3 it is great for infosec this can also execute on Windows meeting certain requirements of course having Python being installed, and Linux the majority of the distributions come with it as a Default.

Examples (Unix):

This is also a great offensive tool some sites (pentestmonkey) contain some great examples of 1liner shells to execute with certain languages an Python is no exception as it has an option as well.

Last updated