CSbyGB - Pentips
Buy me a tea
  • CS By GB - PenTips
    • Welcome to CSbyGB's Pentips
  • Networking, Protocols and Network pentest
    • Basics
    • DNS
    • FTP
    • HTTP & HTTPS
    • IMAP
    • IPMI
    • MSSQL
    • MYSQL
    • NFS
    • Oracle TNS
    • POP3
    • RDP
    • RPC
    • Rservices
    • Rsync
    • SMB
    • SMTP
    • SNMP
    • SSH
    • VOIP and related protocols
    • Winrm
    • WMI
    • Useful tips when you find unknown ports
  • Ethical Hacking - General Methodology
    • Introduction
    • Information Gathering
    • Scanning & Enumeration
    • Exploitation (basics)
    • Password Attacks
    • Post Exploitation
    • Lateral Movement
    • Proof-of-Concept
    • Post-Engagement
    • MITRE ATT&CK
  • External Pentest
    • External Pentest
  • Web Pentesting
    • Introduction to HTTP and web
    • Enumeration
    • OWASP Top 10
    • General Methodo & Misc Tips
    • Web Services and API
    • Vunerabilities and attacks
      • Clickjacking
      • CORS (Misconfigurations)
      • CSRF
      • SSRF
      • Bypass captcha
      • Template Injection (client and server side)
      • MFA bypass
      • XXE
    • Exposed git folder
    • Docker exploitation and Docker vulnerabilities
    • Websockets
  • Mobile App Pentest
    • Android
    • IOS
  • Wireless Pentest
    • Wireless pentest
  • Cloud Pentest
    • Cloud Pentest
    • Google Cloud Platform
    • AWS
  • Thick Client Pentest
    • Thick Client
  • Hardware Pentest
    • ATM
    • IoT
  • Secure Code Review
    • Secure code review
    • Java notes for Secure Code Review
  • AI & AI Pentest
    • MITRE ATLAS
    • OWASP ML and LLM
    • Hugging face
    • AI Python
    • Gemini
    • Ollama
  • Checklist
    • Web Application and API Pentest Checklist
    • Linux Privesc Checklist
    • Mobile App Pentest Checklist
  • Tools
    • Burpsuite
    • Android Studio
    • Frida
    • CrackMapExec
    • Netcat and alternatives
    • Nmap
    • Nuclei
    • Evil Winrm
    • Metasploit
    • Covenant
    • Mimikatz
    • Passwords, Hashes and wordlist tools
    • WFuzz
    • WPScan
    • Powershell Empire
    • Curl
    • Vulnerability Scanning tools
    • Payload Tools
    • Out of band Servers
    • STEWS
    • Webcrawlers
    • Websocat
  • VM and Labs
    • General tips
    • Setup your pentest lab
  • Linux
    • Initial Foothold
    • Useful commands and tools for pentest on Linux
    • Privilege Escalation
      • Kernel Exploits
      • Password and file permission
      • Sudo
      • SUID
      • Capabilities
      • Scheduled tasks
      • NFS Root Squashing
      • Services
      • PATH Abuse
      • Wildcard Abuse
      • Privileged groups
      • Exploit codes Cheat Sheet
  • Windows
    • Offensive windows
    • Enumeration and general Win tips
    • Privilege Escalation
    • Active Directory
    • Attacking Active Directory
      • LLMNR Poisoning
      • SMB Relay Attacks
      • Shell Access
      • IPv6 Attacks
      • Passback Attacks
      • Abusing ZeroLogon
    • Post-Compromise Enumeration
      • Powerview or SharpView (.NET equivalent)
      • AD Manual Enumeration
      • Bloodhound
      • Post Compromise Enumeration - Resources
    • Post Compromise Attacks
      • Pass the Password / Hash
      • Token Impersonation - Potato attacks
      • Kerberos
      • GPP/cPassword Attacks
      • URL File Attack
      • PrintNightmare
      • Printer Bug
      • AutoLogon exploitation
      • Always Installed Elevated exploitation
      • UAC Bypass
      • Abusing ACL
      • Unconstrained Delegation
    • Persistence
    • AV Evasion
    • Weaponization
    • Useful commands in Powershell, CMD and Sysinternals
    • Windows Internals
  • Programming
    • Python programming
    • My scripts
    • Kotlin
  • Binary Exploitation
    • Assembly
    • Buffer Overflow - Stack based - Winx86
    • Buffer Overflow - Stack based - Linux x86
  • OSINT
    • OSINT
    • Create an OSINT lab
    • Sock Puppets
    • Search engines
    • OSINT Images
    • OSINT Email
    • OSINT Password
    • OSINT Usernames
    • OSINT People
    • OSINT Social Media
    • OSINT Websites
    • OSINT Business
    • OSINT Wireless
    • OSINT Tools
    • Write an OSINT report
  • Pentester hardware toolbox
    • Flipper Zero
    • OMG cables
    • Rubber ducky
  • Post Exploitation
    • File transfers between target and attacking machine
    • Maintaining Access
    • Pivoting
    • Cleaning up
  • Reporting
    • How to report your findings
  • Red Team
    • Red Team
    • Defenses Enumeration
    • AV Evasion
  • Writeups
    • Hackthebox Tracks
      • Hackthebox - Introduction to Android Exploitation - Track
    • Hackthebox Writeups
      • Hackthebox - Academy
      • Hackthebox - Access
      • Hackthebox - Active
      • Hackthebox - Ambassador
      • Hackthebox - Arctic
      • Hackthebox - Awkward
      • Hackthebox - Backend
      • Hackthebox - BackendTwo
      • Hackthebox - Bastard
      • Hackthebox - Bastion
      • Hackthebox - Chatterbox
      • Hackthebox - Devel
      • Hackthebox - Driver
      • Hackthebox - Explore
      • Hackthebox - Forest
      • Hackthebox - Good games
      • Hackthebox - Grandpa
      • Hackthebox - Granny
      • Hackthebox - Inject
      • Hackthebox - Jeeves
      • Hackthebox - Jerry
      • Hackthebox - Lame
      • Hackthebox - Late
      • Hackthebox - Love
      • Hackthebox - Mentor
      • Hackthebox - MetaTwo
      • Hackthebox - Monteverde
      • Hackthebox - Nibbles
      • Hackthebox - Optimum
      • Hackthebox - Paper
      • Hackthebox - Photobomb
      • Hackthebox - Poison
      • Hackthebox - Precious
      • Hackthebox - Querier
      • Hackthebox - Resolute
      • Hackthebox - RouterSpace
      • Hackthebox - Sauna
      • Hackthebox - SecNotes
      • Hackthebox - Shoppy
      • Hackthebox - Soccer
      • Hackthebox - Steamcloud
      • Hackthebox - Toolbox
      • Hackthebox - Vault
      • Hackthebox - Updown
    • TryHackme Writeups
      • TryHackMe - Anonymous
      • TryHackMe - Blaster
      • TryHackMe - CMesS
      • TryHackMe - ConvertMyVideo
      • TryHackMe - Corridor
      • TryHackMe - LazyAdmin
      • TryHackMe - Looking Glass
      • TryHackMe - Nahamstore
      • TryHackMe - Overpass3
      • TryHackMe - OWASP Top 10 2021
      • TryHackMe - SimpleCTF
      • TryHackMe - SQL Injection Lab
      • TryHackMe - Sudo Security Bypass
      • TryHackMe - Tomghost
      • TryHackMe - Ultratech
      • TryHackMe - Vulnversity
      • TryHackMe - Wonderland
    • Vulnmachines Writeups
      • Web Labs Basic
      • Web Labs Intermediate
      • Cloud Labs
    • Mobile Hacking Lab
      • Mobile Hacking Lab - Lab - Config Editor
      • Mobile Hacking Lab - Lab - Strings
    • Portswigger Web Security Academy Writeups
      • PS - DomXSS
      • PS - Exploiting vulnerabilities in LLM APIs
    • OWASP projects and challenges writeups
      • OWASP MAS Crackmes
    • Vulnerable APIs
      • Vampi
      • Damn Vulnerable Web Service
      • Damn Vulnerable RESTaurant
    • Various Platforms
      • flAWS 1&2
  • Digital skills
    • How to make a gitbook
    • Marp
    • Linux Tips
    • Docker
    • VSCodium
    • Git Tips
    • Obsidian
  • Durable skills
    • Durable skills wheel/Roue des compétences durables
  • Projects
    • Projects
      • Technical Projects
      • General Projects
  • Talks
    • My Talks about Web Pentest
    • My talks about Android Application hacking
    • Other of my talks and Podcast
  • Resources
    • A list of random resources
Powered by GitBook
On this page
  • shebang
  • Strings
  • Print a string
  • Using f-Strings
  • type()
  • Math
  • Variables and Methods
  • Functions
  • Boolean Expressions
  • Relational and Boolean operators
  • Conditional Statements
  • Lists (mutable)
  • Tuples (immutable)
  • Looping
  • For loops
  • While loops
  • Importing modules
  • Advanced strings
  • Dictionaries
  • Sys
  • Reading and writing files
  • Sockets
  • Building a port scanner
  • Virtual Environments
  • Using functions from a local file
  • Built-in packages
  • The math package
  • The statistics package
  • The random package
  • The pandas package
  • Package matplotlib
  • Package Beautiful soup
  • Use APIs
  • Example with a weather API
  • Resources
  1. Programming

Python programming

  • It is really useful for a pentester to know about python and be able to script something. Being able to automate things can definitely help us go quicker in our daily practice. Of course we do not need to be a developer but it is very helpful to be able to read code.

notes from my practice, TCM Academy and DeepLearning.AI

shebang

  • For python our script need to have this shebang in the first line #!/bin/python3 this will allow us to launch the script using ./ myscript.py instead of python3 myscript.py

Strings

Print a string

#!/bin/python3
print("Hello world!") # double quotes
print('Hello world!') # single quotes
print("""This string runs
multiple lines""") # triple quotes for multiple lines
print("This string is "+"awesome") # concatenation

Using f-Strings

f-Strings is useful to mix strings with computations or data

# Will print The temperature 75F in degrees celsius is 23.88888888888889C
print(f"The temperature 75F in degrees celsius is {(75 - 32) * 5 / 9}C")
# It works also with multiligne strings
print(f"""
    Most countries use the metric system for recipe measurement, 
    but American bakers use a different system. For example, they use 
    fluid ounces to measure liquids instead of milliliters (ml).
    
    So you need to convert recipe units to your local measuring system!
    
    For example, 8 fluid ounces of milk is {8 * 29.5735} ml.
    And 100ml of water is {100 / 29.5735} fluid ounces.
""")
# This will print
''' 
 Most countries use the metric system for recipe measurement, 
    but American bakers use a different system. For example, they use 
    fluid ounces to measure liquids instead of milliliters (ml).
    
    So you need to convert recipe units to your local measuring system!
    
    For example, 8 fluid ounces of milk is 236.588 ml.
    And 100ml of water is 3.381405650328842 fluid ounces.
'''

# It also works on variables
my_name = "gabrielle"
print(f"Hello {my_name}!")
# this will print Hello gabrielle!
# And we can mix var and computation as follow
fav_num = 8
print(f"Your favorite number plus 10 is {fav_num+10}")
# this will print Your favorite number plus 10 is 18

type()

In Python, you can check the type of any data that you are using. To check the data type, you can use the type() function.

# str
type("mystring")
# int
type(100)
# float
type(2.99)

Math

The order of operations in Python is the same as in arithmetic. First, you compute parentheses, then exponents, then you multiply and divide (from left to right), and finally, you add and subtract (from left to right).

#!/bin/python3
print(50 + 50) # will add and print the result
print(50 - 50) # will substract and print the result
print(50 + 50) # will multiply and print the result
print(50 / 50) # will divide and print the result
print(50 + 50 - 50 * 50 / 50) # will calculate the equation and print the result
print(50 ** 2) # exponents
print(50 % 6) # modulo
print(50 // 6) # no leftovers
# convert from from Fahrenheit to Celsius
print((75 - 32) * 5 / 9)

Variables and Methods

#!/bin/python3
mystring = "this is a string stored in a variable called mystring"
print(mystring) # will print the content of the var
print(mystring.upper()) # the upper() method will put the text in all caps
print(mystring.lower()) # the lower() method will put the text in all lower
print(mystring.title()) # the title() method will capitalize the first letter of each word
print(len(mystring)) # the len method will print the number of chars in the var mystring
name = "name" # string
age = 7 # int
size = 2.4 # float
print(int(30.9)) # will cast a float in an int and not round so the it will print 30
age += 1 # will add 1 to the initial ar so the valur will become 8

Functions

#!/bin/python3
def who_am_i():
  name = "name"
  age =7
  print("my name is "+ name + "I am "+ str(age) +" years old")
  
who_am_i() #will call the function 

# function with a parameter
def add_one_hundred(num):
  print(num + 100)

add_one_hundred(100) # will call the function and use the 100 as the parameter

# Function with multiple parameters
def add(x,y):
  print(x + y)

add(7,7) # will call the function so it will add 7+7

def multiply(x,y):
  return x * y

print(multiply(7,7)) # will print 49

def square_root(x):
  print(x** .5)

square_root(64) # will print 8.0

def nl():
  print('\n')

nl() # will save us time because we can just call the function instead of writing the print statement everytime we want a new line

Boolean Expressions

#!/bin/python3

bool1 = True
bool2 = 3*3 == 9
bool3 = False
bool4 = 3*3 != 9
print(bool1,bool2,bool3,bool4) # will print True True False False
print(type(bool1)) # will print <class 'bool'>

Relational and Boolean operators

#!/bin/python3

greater_than = 7 > 5 # True
less_than = 5 < 7 # True
greater_than_equal_to = 7 >= 7 # True
less_than_equal_to = 7 <= 7 # True

test_and = (7 > 5) and (5 < 7) # True
test_and2 = (7 > 5) and (5 > 7) # False
test_or = (7 > 5) or (5 < 7) # True
test_or2 = (7 > 5) or (5 > 7) # True
test_not = not True # False

Conditional Statements

#!/bin/python3

def drink(money):
  if money >= 2:
    return "You got a drink"
  else:
    return "no drink for you"

print(drink(3))
print(drink(1))

def alcohol(age, money):
  if (age >= 21) and (money >= 5):
    return "We're getting a drink"
  elif (age >= 21) and (money < 5):
    return "Come back with more money"
  elif (age < 21) and (money >= 5):
    return "Nice try kid!"
  else:
    return "You're too poor and too young"

print(alcohol(21,5))
print(alcohol(21,4))
print(alcohol(20,4))

Lists (mutable)

Declare a list

friends_list = ["Tommy", "Isabel", "Daniel"]
print(friends_list)
# will print ['Tommy', 'Isabel', 'Daniel']
len(friends_list)
# will print 3
print(friends_list[1]) 
# Output: Isabel
# add single element to list
friends_list.append("Otto")
#using remove
friends_list.remove("Tommy")
#!/bin/python3

movies=["When Harry met Sally","movie2","movie 3","movi 4"] # this is a list
print(movies[0]) # return first item
print(movies[1:4]) # will print from 2nd item to 3rd
print(movies[1:]) # will print from 2nd item to last item
print(movies[:2]) # will print from begining of the list until the 1st item (so here only the first item)
print(movies[-1]) # will print the very last item of the list
movies.append("another movie") # add an item to the end of the list
movies.pop() # will remove the last item of the list
movies.pop(0) # will remove the first item of the list
print(len(movies) # print length of list

Tuples (immutable)

  • It is immutable meaning we can not use pop or append on them once it is declared it can not be modified.

#!/bin/python3

grades=(""a,"b","c","d","e","f")
print(grades[1]) # will print b

Looping

For loops

  • Start to finish of an iterate

#!/bin/python3

vegetables=["cucumber", "spinach", "cabbage"]
for x in vegetables:
  print(x)

While loops

  • Execute as long as true

#!/bin/python3

i=1

while 1<10:
  print(i)
  i++

Importing modules

#!/bin/python3
import sys # systems functions and parameters
from datetime import datetime as dt # import with alias + plus using from makes it to import only part of the module

print(sys.version)
print(dt.now())

Advanced strings

#!/bin/python3

my_name="myname"
print(my_name[0])
print(my_name[-1])

sentence = "This is a sentence"
print(sentence.split()) # will split using space as a delimiter so it will take each word separately
sentence_split = sentence.split()
sentence_join = ' '.join(sentence_split)
quote = "he said 'give me all your money'" # we can use single quotes in double quotes to keep the double quote from being escaped (would also work the other way around)
quote = "he said \"give me all your money\"" # we can also escape characters with \
too_much_space = "               hello                  "
print(too_much_space.strip())
print("A" in "Apple") # will print True
print("A" in "apple") # will print False
letter = "A"
word = "Apple"
print(letter.lower() in word.lower()) # improved
movie = "movie"
print("my favorite movie is {}.".format(movie))

Dictionaries

  • Key value pairs A Dictionnary is a data structure that helps you store key-value pairs. The main difference with list, is that dictionaries assign a key to each values instead of an index.

#!/bin/python3

drinks = {"Drink1": 7, "Drink2": 10, "Drink3": 8} # drink is the key, price is the value
print(drinks)

ice_cream_flavors = {
    "Mint Chocolate Chip": "Refreshing mint ice cream studded with decadent chocolate chips.",
    "Cookie Dough": "Vanilla ice cream loaded with chunks of chocolate chip cookie dough.",
    "Salted Caramel": "Sweet and salty with a smooth caramel swirl and a hint of sea salt."
}

employees = { "Finance": ["Bob", "Linda", "Tina"], "IT": ["Gene", "Louise", "Nicole"], "HR": ["Jimmy", "Marty"]
print(employees)

employees['Legal'] = ["Mr. Frond"] # Add new key:value pair
print(employees)

employees.update({"Sales": ["Adie", "Ollie"]}) # Add new key:value pair
print(employees)

drinks["Drink1"] = 8
print(drinks)
print(drinks.get("drink1"))

Sys

import sys
import time

# get info on system
def get_info():
	print(sys.version)
	print(sys.executable)
	print(sys.platform)

# we can use sys for user input
	# Here it is going to wait for user input until user types exit
def user_input():
	for line in sys.stdin:
		if line.strip() == "exit":
			break
		sys.stdout.write(">> {}".format(line))

# writes on the same line
def oneline():
	for i in range(1,5):
		sys.stdout.write(str(i))
		sys.stdout.flush()

# writes on different lines
def multiplelines():
	for i in range(1,5):
		print(i)

# makes a progress bar
def progress_bar():
	for i in range(0, 51):
		time.sleep(0.1)
		sys.stdout.write("{} [{}{}]\r".format(i, '#'*i, "."*(50-i)))
		sys.stdout.flush()
	sys.stdout.write("\n")

# will print all args when the script is launched
def print_args():
	print(sys.argv)

	if len(sys.argv) != 3:
		print("[X] To run {} enter a username and password".format(sys.argv[0]))
	username = sys.argv[1]
	password = sys.argv[2]
	print("{}:{}".format(username, password))


# sys allows to access the path where python will search for modules
def get_modulespath():
	print(sys.path)

def get_all_modules():
	print(sys.modules)


get_info()
user_input()
oneline()
progress_bar()
print_args()
get_modulespath()
get_all_modules()

# Exit with an exit code mentionning everything was ok
sys.exit(0)

# Note: to check exit code in terminal we can use echo $?

Reading and writing files

# file has to exist here we put a file in the same dir
f = open("top-10.txt")
print(f)

f = open("top-10.txt", 'rt')
print(f)
print("-----")
print("read")
print(f.read())
print("-----")
f = open("top-10.txt", 'rt')
print("readlines")
print(f.readlines())
# will not print content another time
print(f.readlines())
# will print content again if we ask for it with seek
f.seek(0)
print(f.readlines())
# iterate over eachline and strip off chars
f.seek(0)
for line in f:
	print(line.strip())

f.close()

# write to a file
f = open("test.txt", "w")
f.write("test line!")
f.close()
# read it to see if it exists:
f = open("test.txt")
print(f.read())
# append an existing file
f = open("test.txt", "a")
f.write("test line! again")
# check results
f = open("test.txt")
print(f.read())

# get info on the file
print(f.name)
print(f.closed)
print(f.mode)

# for larger file we can use the file object
with open('rockyou.txt', encoding='latin-1') as f:
	for line in f:
		pass

Sockets

  • We use socket to connect to an open port and an IP addess

#!/bin/python3
import socket

HOST='127.0.0.1'
PORT='7777'

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) # AF_INET is IPV4 SOCK_STREAM is the port
s.connect((HOST,PORT))
  • To test our script we can launch netcat

  • nc -nlvp 7777

Building a port scanner

  • We can use socket to build a port scanner

#!/bin/python3
import sys
import socket
from datetime import datetime

# usage: python3 scanner.py <IP-ADR>

# Define our target
if len(sys.argv) == 2:
  target = socket.gethostbyname(sys.argv[1]) # Translate host name to IPV4
else:
  print("Invalid amount of arguments")
  print("Syntax python3 scanner.py <IP-ADR>")

# Add a banner
print("-" * 50)
print("Scanning target "+target)
print("Time started: "+str(datetime.now()))
print("-" * 50)

try:
  for port in range(1,65535):
  s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
  socket.setdefaultitmeout(1)
  result = s.connect_ex((target,port)) # returns an error indicator if connection successful will return 0 otherwise will return 1
  if result == 0:
    print("Port {} is open".format(port))
  s.close()

# Make a clean exit if there is a keyboard interruption like ctrl+c
except KeyboardInterrupt:
  print("\nExiting program. ")
  sys.exit()

except socket.gaierror:
  print("Hostname could not be resolved.")
  sys.exit()
  
except socket.error:
  print("Could not connect to server.")
  sys.exit()
  • This script is just and exercise (done in the PEH TCM course) so it definitely could be improved:

    • Handle other type of errors

    • ...

Virtual Environments

We might sometimes need to use a version for a script and another version for another Create and isolate python virtual environments not dependant With virtualenv we can have multiple version of a package installed and usable in a system at the same time pip install virtualenv We can then create a folder and launch our virtual env in it:

mkdir virtual demo
cd virtual-demo
python3 -m venv env

We then have to activate it:

source env/bin/activate

And in our virtual environment we can install anything we need We can have multiple virtual environments running at the same time. One we finished with the virtualenv we can type deactivate

Using functions from a local file

We can create a file called helper_functions.py We can then import our file in our other python script by using import.

# Imports a specific function
from helper_functions import myfunction
# Imports every function
import helper_functions
# Imports every function using this we do not have to call the function using helper_functions.myfunction
from helper_functions import *

Built-in packages

The math package

# Import from the math package the cos, sin and pi functions
from math import cos, sin, pi
print(pi)

The statistics package

from statistics import mean, stdev
my_friends_heights = [160, 172, 155, 180, 165, 170, 158, 182, 175, 168]
# calculate the mean value
mean(my_friends_heights)
# calculate the standard deviation
stdev(my_friends_heights)

The random package

from random import sample
spices = ["cumin", "turmeric", "oregano", "paprika"]
vegetables = ["lettuce", "tomato", "carrot", "broccoli"]
proteins = ["chicken", "tofu", "beef", "fish", "tempeh"]
# The sample function takes two parameters: the list you want to select from, and the number of items you want to select
random_spices = sample(spices, 2)
random_vegetables = sample(vegetables, 2)
random_protein = sample(proteins, 1)
print(random_protein)

The pandas package

import pandas as pd creates a shortcut that you can use to avoid typing pandas.

# Dataset adapted from here https://www.kaggle.com/datasets/nehalbirla/vehicle-dataset-from-cardekho
data = pd.read_csv('car_data.csv')

print(data)
# Code to show only the cars with a price >= 10000
print(data[data["Price"]>=10000])
# Show all the cars from the 2015 
print(data[data["Year"]==2015])
filtered_data = data[data["Year"]==2015]
print(filtered_data["Price"].median())

Package matplotlib

# Note the .pyplot
import matplotlib.pyplot as plt
plt.scatter(data["Kilometer"], data["Price"])

plt.title('Car Price vs. Kilometers Driven')
plt.xlabel('Kilometers Driven')
plt.ylabel('Price (in USD)')

plt.show()

# create a pie chart of the data showing how many cars were sold each year.
import matplotlib.pyplot as plt

# Assuming 'data' is your DataFrame and it has a 'Year' column
# that indicates the year each car was sold

# Step 1: Aggregate the data to count cars sold per year
car_sales_per_year = data['Year'].value_counts()

# Step 2: Create the pie chart
plt.pie(car_sales_per_year, labels=car_sales_per_year.index, autopct='%1.1f%%')

# Add a title
plt.title('Cars Sold Per Year')

# Show the plot
plt.show()

Package Beautiful soup

Beautiful soup is a python package to interpret HTML webpages inside python programs

Use APIs

Example with a weather API

import os
import requests
from dotenv import load_dotenv
# Get the Weather API key from the .env file
# https://openweathermap.org/price you need to set an env variable for the API key
load_dotenv('.env', override=True)
api_key = os.getenv('WEATHER_API_KEY')
# Store the latitude value in the 'lat' variable
lat = 37.4419   # Palo Alto, CA

# Store the longitude value in the 'long' variable
lon = -122.1430
url = f"https://api.openweathermap.org/data/2.5/forecast?units=metric&cnt=1&lat={lat}&lon={lon}&appid={api_key}"

# Use the get function from the requests library to store the response from the API
response = requests.get(url)
# Take the response from the API (in JSON) and assign it to a Python dictionary
data = response.json()

# Print (will print all in json)
print(data)

# Get better looking results
temperature = data['list'][0]['main']['temp']
description = data['list'][0]['weather'][0]['description']
wind_speed = data['list'][0]['wind']['speed']
print(f"Temperature: {temperature}")
print(f"Weather Description: {description}")
print(f"Wind Speed: {wind_speed}")

# Write a weather report
weather_string = f"""The temperature is {temperature}°C. 
It is currently {description},
with a wind speed of {wind_speed}m/s.
"""

print(weather_string)

Resources

PreviousWindows InternalsNextMy scripts

Last updated 4 months ago

We can see that our env is launched

By default our virtual env does not contains our previously installed python packages or any modules We can check which virtualenv is being called with which python3:

On our host (outside of our virtualenv) the same command gives this:

Practical Ethical Hacking - The Complete Course
Practical Ethical Hacking - TCM Security
Python 101 For Hackers
Python 101 for Hackers - TCM Security
Python 201 For Hackers
Python 201 for Hackers - TCM Security
CheckiO - coding games and programming challenges for beginner and advanced
Checkio programming challenges to learn Python
Logo
Logo
Logo
Logo