Programming for the InfoSec Pro?

matai

I've been working in information security for awhile now. I don't have any programming or scripting skills beyond basic PowerShell, although I have a solid foundation on programming theory. I feel like I've been noticing a trend where security professionals either have or are developing their programming/scripting skills. Is this something you have all noticed as well?

If so, what languages and skill-sets would you recommend?

Also, where would you recommend learning them?

Thanks!

JoJoCal19

When I was looking, I saw a ton of requests for Python. Also I've seen Java/C/C++ as well.

matai

This was one program I was thinking about:

C# Programming Certificate Program :: Continuing Education

trojin

Python at least

renacido

Depends on what you want to do in security. Network pentesters use a lot of python, vbs, and c++. App sec guys typically have a much larger repetoir for things like code reviews, fuzzing, etc. Researchers doing advanced reversing or building custom tools need to use whatever languages apply to the specific task at hand. Sec analysts and hunt team guys use whatever helps automate and make things efficient (PS, bash, python). Sec engineers don't usually have a pressing need to code to do the job (unless the job where they are is very app-centric) but it certainly doesn't hurt to know how to use python, PS, bash, SQL, etc.

dmoore44

renacido wrote: »

Sec analysts and hunt team guys use whatever helps automate and make things efficient (PS, bash, python).

Coming from the hunter perspective, this is absolutely true. We have a huge, heterogeneous environment (varying versions of Windows and flavors of *nix), and I use POSH to get at info on the Windows boxes, and if available, Python to get at info on the *nix boxes. If POSH or Python are a no-go, I'll default back to good 'ol batch scripting on Windows and Bash on *nix.

jelevated

powershell and python all day.

I don't think you need need deep knowledge of a compiled language to succeed BUT having a working knowledge of something along with a willingness to try out new things will make you a much much more desirable candidate for many roles. Its hard to find people who aren't software developers but aren't, quite literally, afraid to look at code. Knowing how to read assembly, how low level stuff actually works, how memory works, etc will put you in the different class of infosec professional. Again, not saying proficiency is required at all, but being able to look at a piece of code and say, "oh this is assembly or x or y".

DatabaseHead

That's not just security that's all analyst type positions.

In fact I literally turned my back on technology and only focus on development. It alone takes up sooooo much time there really isn't much time left for anything else except for some math and stats courses I take on the companies dime.

adrenaline19

Bash is my bread and butter. I come across a lot of Python though.
Metasploit uses Ruby for some stupid reason, but that doesn't really matter unless you are further along the career path.

Truthfully, the ability to read and understand code is more important than being able to write a complex program from scratch.
Most of the exploits you end up using only require changing little bits such as your I.P. and the payload.

If you can read a program and mostly follow along with what's going on, you are doing fine.

UnixGuy

I'm seeing more and more PowerShell !! Python as well.