11 answers
Asked Viewed 291 times Translate

What are the programming languages I should master before entering the workforce as a entry-level penetration tester?


+25 Karma if successful
From: You
To: Friend
Subject: Career question for you
13
100% of 10 Pros
100% of 1 Students

11 answers


Updated Translate

Irene’s Answer

If you'd like to be a penetration tester, you have to be good at automating your tests, which means:
* Being comfortable around a command line (e.g. learning Bash scripting would be useful)
* Being comfortable writing scripts. Python is probably the best language for this.


Thank you so much! This advice was very helpful! Nievedha P.

2
100% of 2 Pros
Updated Translate

Jason’s Answer

All of the other answers here are great places to focus your learning vis-a-vis languages.

To be excellent in a security role, it's most important to learn how the computer works, how it communicates over the network, how the operating system and the software running on it interact and how mistakes and omissions can result in vulnerabilities that can be exploited. It's also important to know how hackers think about those interactions when they're coming up with ways of exploiting flaws.

The programming languages you use then become your means of applying that knowledge to look for those vulnerabilities.

Learning Python, Bash, SQL (and/or other languages) will likely be necessary but not sufficient to be successful.

Thank you for letting me know about the various sectors that I would need to know to succeed in security! I really appreciate the detailed and precise explanation! Nievedha P.

1
100% of 1 Pros
Updated Translate

Darin’s Answer

If you want to see some of the popular languages out there look up the TIOBE index. Right now one of the most popular computer languanges is Java

Thank you for providing me a reference! I will definitely look it up! Nievedha P.

0
Updated Translate

arunie’s Answer

Definitely Python.

Thank you Arunie! I do hear that alot! Thanks for confirming it! Nievedha P.

0
Updated Translate

James’s Answer

Python is frequently used in most aspects of penetration testing due to it's versatility. It can be used in network scanning, web fuzzing, exploit development, or any task where repetition is required. It is easy to learn and has abundant learning resources on the internet.

As with every language or skill, you MUST practice. Every single day. Writing small scripts, experiments, failed apps are all your homework. Use CTF challenges (WeChall, OverTheWire, Vulnhub) to practice.

As soon as you walk away from your keyboard, the knowledge will begin to dissipate unless you keep filling it.

Thank you so much for the advice! The CTF challenges were definitely something I needed. I did not think of it for practicing my skills! Nievedha P.

0
Updated Translate

Samuel’s Answer

I tell everyone Python. I am actual currently a Blue Team guy but we work a lot with Red team guys and a lot of our job overlaps. Python is just so useful in so many different ways.

Favorite libraries:

pefile
pandas
sklearn
datetime
numpy

0
Updated Translate

Leslie’s Answer

To add to Irene's answer, as an entry-level pentester, you will need to get comfortable with scripting languages like :

1. Bash scripting (Windows & Linux),
2. Python
3. SQL
4. C
5. Javascript
Most exploits are made available in these languages so you need to be able to at least read the code if necessary. Python is the de-facto language for most exploits, but you will need to know how to read SQL, and C may come in handy when you want smaller executables. Javascript runs on many platforms so it will be a plus.

Thank you Leslie! The detailed explanation for each language made me understand better😊 Nievedha P.

0
Updated Translate

Jeffrey’s Answer

I would suggest Python and/or C++. Very easy to learn.

0
Updated Translate

Glen’s Answer

The most prevalent scripting/programming language today is Python. I would suggest starting with Python because it is very easy to learn and easily understood by humans. It runs on something that simulates a computer called an interpreter. Interpreters analyze and execute Python commands which makes Python very portable and flexible. Yet, at the same time it can be just as powerful as a "classic" Object Orientated Programming (commonly abbreviated with OOP) language like C++.

Many security and pen-testing tools use Python or software such as Ansible which is based on Python. Ansible is a common, open-source software provisioning, configuration management, and application-deployment tool. It maintains a single code base that runs on both Python 2 and Python 3.

In the end, Python is a great choice no matter which language you choose, they are all great paths into the realm of computer science. I hope this was helpful for you and anyone else interested in this area as there are no shortage of opportunities in the security space!

Thank you so much! This was a great explanation to what are the various languages needed in security! I did not know about Ansible and this was great information! Nievedha P.

0
Updated Translate

Jeffrey’s Answer

I would suggest Python and/or C++. Very easy to learn.

0
Updated Translate

James’s Answer

Python is frequently used in most aspects of penetration testing due to it's versatility. It can be used in network scanning, web fuzzing, exploit development, or any task where repetition is required. It is easy to learn and has abundant learning resources on the internet.

As with every language or skill, you MUST practice. Every single day. Writing small scripts, experiments, failed apps are all your homework. Use CTF challenges (WeChall, OverTheWire, Vulnhub) to practice.

As soon as you walk away from your keyboard, the knowledge will begin to dissipate unless you keep filling it.

0