The company says more than a third of daily attacks against sites the company protects come from a malicious or legitimate tool coded in Python.
Imperva says that around 77 percent of all the sites the company protects, have been attacked by at least one Python-based tool.
Furthermore, when the company looked at the list of tools that hackers used for their attacks, more than a quarter were coded in Python, by far the attackers' favorite tool.
"Hackers, like developers, enjoy Python's advantages which makes it a popular hacking tool," the Imperva team says.
These advantages include an easy to pick up syntax, a breadth of online tutorials, and an extensive collection of libraries and other ready-made tools available in places like PyPI and GitHub.
In fact, many of the Python tools attackers use have often been created for use inside legitimate apps, or by security researchers themselves, for use in testing their own systems against various vulnerabilities.
But once these testing tools make it on GitHub, they also enter the public domain, from where hackers deploy them in other ways than the ones for which they were initially created.
Based on Imperva's data, the most abused legitimate Python tools are the "requests" and "urllib" libraries, two of the cornerstones of almost any Python web app.
As for what hackers do with these things, Imperva's crew says they're attempting to exploit vulnerabilities like CVE-2017-9841 (PHPUnit), CVE-2015-8562 (Joomla), or CVE-2018-1000207 (ModX PHP CMS).
The moral of this report is that if you have a web app, web server, or website exposed online, it's quite likely that some script kiddie is using a Python tool downloaded from GitHub to break into your server. Which, in hindsight, is no surprise, since Python is just as versatile as Java, but much easier to learn, good and bad guys alike.
These are 2018's biggest hacks, leaks, and data breaches