SEC573 - Python for Pen Testers

gwood113gwood113 Member Posts: 66 ■■■□□□□□□□
Just finished this course up today and thought I'd share my experience: I want to preface this by saying I have ~15 hour of programming class from college (C++/x86 assembly) and a fair amount of experience with PoSH scripting and a couple levels of codewars.com in python 3.4.3. I say that to say: I'm not a software developer, but I'm no stranger to programming.

Five-day course taught by Joff Theyer he's a fantastic instructor who knows his python. The course is currently focused on python 2.7 only, is due to be updated to python 3.4 directly. The first two days are primarily focused on teaching programming basics such as control structures, variables/variable types, boolean math, etc. Days 3 and 4 are where the pen testing tasks like making network connections/website connections, SQL injection, password guessing, session hijacking, cookie forging, captia defeat, etc. Day 5 is a five hour long 'CTF', not really a CTF more like a series of programming challenges that where harder/extended versions of some of the exercises from the course.

My absolute favorite portion of the course was pyWars; think programming challenges in a linux python interpreter. pyWars runs days 1-4 with a promise of a challenge coin for the first person to solve all 66 problems. I was the closest with 62; close but no cigar. Fortunately my team won the CTF so I got a coin in the end anyway

So overall, fun class with practical applications of python with a pen test twist. The more you know about python, and programming in general, the more fun you'll have during the course. Some of the folks in my class had little to know scripting experience and they found portions of the class quite challenging.


Sign In or Register to comment.