python-cybersecurity/cheat_sheet/modules.md

# 🐍 Core Python (your foundation)

These are built-in. You’ll use them everywhere.

* `socket` → low-level networking (port scanners, connections)
* `subprocess` → run system commands (e.g. `ping`, `nmap`)
* `os` → interact with the operating system
* `sys` → handle arguments and runtime behavior
* `threading` / `concurrent.futures` → speed up scans
* `time` → delays, timing attacks (basic)
* `re` → regex (log analysis, pattern detection)
* `json` → handle API and structured data
* `argparse` → clean CLI tools (very useful)

---

# 🌐 Networking & Web

Where most beginner cybersecurity action happens.

* `requests` → send HTTP requests (GET, POST, etc.)
* `urllib` → lower-level web handling
* `http.client` → raw HTTP interactions

👉 You’ll use these for:

* Web scanners
* API testing
* Automation scripts

---

# 🍲 Parsing & Scraping

Turning messy data into something useful.

* `BeautifulSoup` (bs4) → parse HTML
* `lxml` → faster HTML/XML parsing

👉 Useful for:

* Extracting forms and inputs
* Web reconnaissance

---

# 🔍 Security & Scanning

More “cyber-flavored” tools.

* `scapy` → packet crafting/sniffing (very powerful)
* `nmap` (via `python-nmap`) → automate scans
* `shodan` → search exposed devices (API)

👉 These unlock:

* Network analysis
* Recon automation

---

# 🔐 Cryptography & Hashing

For passwords, encryption, and security logic.

* `hashlib` → hashing (MD5, SHA256, etc.)
* `hmac` → message authentication
* `cryptography` → encryption/decryption (advanced)

👉 Use cases:

* Password crackers
* Hash verification

---

# 📂 File & Log Analysis

Blue team territory.

* `pandas` → analyze large datasets/logs
* `csv` → parse log files
* `collections` → count patterns (e.g. IP frequency)

---

# ⚙️ CLI & Tooling (make your scripts look pro)

* `argparse` → command-line arguments
* `colorama` → colored terminal output
* `rich` → beautiful CLI dashboards

---