Programming Lanagague
rob1234
Banned Posts: 151
Hello,
From a security point of view what would be the best scritping/programming lanagaue to learn and why?
Thanks!
From a security point of view what would be the best scritping/programming lanagaue to learn and why?
Thanks!
Comments
-
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
Python is definitely the way to good. Lots of good resources, very versatile, easy to learning, and easy to use to write proofs of concept.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
the_hutch
Banned Posts: 827
Definitely python. Can function as both interpreted and compiled. Plus if you are working with Python 2 (python 3 is getting there), there are massive libraries to take advantage of
-
rob1234
Banned Posts: 151
Yeah I was looking at that one I see Securitytube do a certification in it have not seen any other certs for it though but still a lot of resources out there for it I just like to get a cert at the end of all teh studying helps me to focues!
-
dbrink
Member Posts: 180
I would say Python and Ruby are good to know, but I also think people should check into using Powershell when dealing with Windows systems if possible.Currently Reading: Learn Python The Hard Way
http://defendyoursystems.blogspot.com/ -
rogue2shadow
Member Posts: 1,501 ■■■■■■■■□□
Python and Bash
Ruby is definitely nice but I would start with the top two first. -
ptilsen
Member Posts: 2,835 ■■■■■■■■■■
We seem to get this question a lot, and I have to reject the question itself as it has no meaning. What does "from a security point of view" mean? Does that mean for webapp penetration testing? Network pentesting? Does it mean for writing secure code for other purposes? Does it mean for writing/reverse engineering malware? What systems are involved? All of these questions and others change the answer, and even for each area there is rarely one true answer.
That being said, I will reiterate the answer Python, because it fulfills many of these needs and is useful on most platforms. PowerShell is also extremely useful on Windows, and personally I prefer to write PowerShell scripts over BASH or Python scripts. VBscript really has little to no use when PowerShell can be used. PowerShell can do pretty much everything VBScript can in less and easier-to-use code. -
dbrink
Member Posts: 180
I would say VBScript for a windows environment
I'm going to have to disagree with this. VBScript is a thing of the past, if you want to script in a windows environment you are better off starting with Powershell. Powershell is the future of all Windows automation/scripting.Currently Reading: Learn Python The Hard Way
http://defendyoursystems.blogspot.com/ -
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
I agree to an extent, but if you are attacking Server 2003 VBScript is basically your only choice. I don't know a lot of admins who went about installing Powershell onto their 2003 servers.WIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
hardstylewon
Member Posts: 15 ■□□□□□□□□□
You should look up and study each language and see the advantages and disadvantages of each and relate them to how you would use it. I personally prefer Perl. But Python is also easy to use and pretty quick.
Edit: You should definitely learn a language opposed to learning JUST shell scripting. -
JDMurray
Admin Posts: 13,127 Admin
Web-based security is very hot these days. Good to know languages associated with Web programming, such as Javascript, PHP, HTML (a presentation language), Java, ASP.NET (useable from a variety of .NET programming languages), and SQL for the back-end database everyone is trying to steal using its front-end Web site. -
the_hutch
Banned Posts: 827
VBscript really has little to no use when PowerShell can be used. PowerShell can do pretty much everything VBScript can in less and easier-to-use code.
Hmm...to be honest, I'm not real familiar with powershell. I've played around a little bit with it, and was pleased to find that it had a very bash-esque approach to navigating the file system on command line. But other than that, I didn't really know it was such a powerful tool...and honestly didn't even realize you could script in powershell. This intrigues me. How do I get started? Anybody have any good resources for learning powershell scripting? -
ptilsen
Member Posts: 2,835 ■■■■■■■■■■
Basically everything you'll do in VBScript makes a WMI, LDAP, or API call. PowerShell has the same capabilities, but has many features built into cmdlets to make it easier. The Get-Help cmdlet makes understanding the use of each cmdlet very easy -- frankly, the Get-Help entries are IMO far superior to the average GNU/Linux/UNIX man page. Regex is straightforward, and pretty much everything can be piped intuitively.
Most of the PowerShell resources I've used have been direct from Microsoft. Lots of standard Technet articles, and The Scripting Guy blog is just awesome. Just about every question I've ever asked as I've been writing something in PowerShell has come up on that blog.
Just to give a comparison, simple WMI tasks that would usually take me an hour or more in VBScript usually take me ten minutes in PowerShell. Unless you program or script in some variation of VB day in and day out, PowerShell is a huge time saver. -
the_Grinch
Member Posts: 4,165 ■■■■■■■■■■
Everyone I spoke to always says to get "Learn Windows Powershell in 30 Days of Lunches."
Amazon.com: Learn Windows PowerShell in a Month of Lunches (9781617290213): Don Jones: BooksWIP:
PHP
Kotlin
Intro to Discrete Math
Programming Languages
Work stuff -
JDMurray
Admin Posts: 13,127 Admin
"In A Month Of Lunches?" I wonder how long the publishing staff had to repeat that series title to themselves before it started to sound good.
-
dbrink
Member Posts: 180
Hmm...to be honest, I'm not real familiar with powershell. I've played around a little bit with it, and was pleased to find that it had a very bash-esque approach to navigating the file system on command line. But other than that, I didn't really know it was such a powerful tool...and honestly didn't even realize you could script in powershell. This intrigues me. How do I get started? Anybody have any good resources for learning powershell scripting?
Pretty much all of Microsoft's administrative GUIs now are just GUI front-ends to Powershell commands. Exchange, Lync, etc all have command shells that have tons of cmdlets for administering the system. There are some tasks that can't be performed in the GUI and can only be done from Powershell. You should check it out, it is a definite time saver.Currently Reading: Learn Python The Hard Way
http://defendyoursystems.blogspot.com/ -
the_hutch
Banned Posts: 827
the_Grinch wrote: »Everyone I spoke to always says to get "Learn Windows Powershell in 30 Days of Lunches."
Amazon.com: Learn Windows PowerShell in a Month of Lunches (9781617290213): Don Jones: Books
hrmph...no kindle version :-/. Must find other options. -
Zartanasaurus
Member Posts: 2,008 ■■■■■■■■■□
Plus they alias a lot of their commands to *nix equivalents by default to make those guys comfortable. For instance, I always access the PoSh help system using man.Basically everything you'll do in VBScript makes a WMI, LDAP, or API call. PowerShell has the same capabilities, but has many features built into cmdlets to make it easier. The Get-Help cmdlet makes understanding the use of each cmdlet very easy -- frankly, the Get-Help entries are IMO far superior to the average GNU/Linux/UNIX man page. Regex is straightforward, and pretty much everything can be pipedCurrently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
Zartanasaurus
Member Posts: 2,008 ■■■■■■■■■□
Available on Safari Books however. Great 1st book in Powershell IMO.hrmph...no kindle version :-/. Must find other options.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
Zartanasaurus
Member Posts: 2,008 ■■■■■■■■■□
I think it was meant to be a play on O'Reilly's "In a Nutshell" series. It's the tech equivalent to 6 minute abs."In A Month Of Lunches?" I wonder how long the publishing staff had to repeat that series title to themselves before it started to sound good.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
dmoore44
Member Posts: 646
hrmph...no kindle version :-/. Must find other options.
See if you can persuade your organization to spring for a Safari Books Online subscription. If your organization tends to buy a lot of reference books, Safari Books Online will save them a lot of money... Safari gets current books pretty quickly so you'll always have up to date info. The subscription is under $500/yr and you get access to all of their books and training videos. You also get a limited number of tokens with which you can download a .pdf/.mobi/.epub version of a book. They also have an offline e-reader app for iPad and Android tabs. It's pretty damn awesome.
And just so everyone knows, I am not affiliated with Safari Books in any way. I work for the man.Graduated Carnegie Mellon University MSIT: Information Security & Assurance Currently Reading Books on TensorFlow -
Zartanasaurus
Member Posts: 2,008 ■■■■■■■■■□
I haven't used the iPad app, but the Android app has issues. It's better than nothing and great when it works, but it's nowhere near as nice as the Kindle app.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
the_hutch
Banned Posts: 827
See if you can persuade your organization to spring for a Safari Books Online subscription. If your organization tends to buy a lot of reference books, Safari Books Online will save them a lot of money... Safari gets current books pretty quickly so you'll always have up to date info. The subscription is under $500/yr and you get access to all of their books and training videos. You also get a limited number of tokens with which you can download a .pdf/.mobi/.epub version of a book. They also have an offline e-reader app for iPad and Android tabs. It's pretty damn awesome.
And just so everyone knows, I am not affiliated with Safari Books in any way. I work for the man.
Actually not a bad idea at all. I think I could pitch that pretty well. They are having a lot of trouble getting people to keep up with their continuing education for their 8570 certs (I think only myself and two others in our squadron have completed it). And a big part of the reason behind that is that the only option they have for people (if you are not a cert junky like myself) is ridiculously long and boring CBTs. But I know that most CE programs will honor reading technical books for credit. I think I spin it from that angle, I might be able to get it approved. -
SephStorm
Member Posts: 1,731 ■■■■■■■□□□
i realized that I can rarely read books online. Especially if I have to be online to do it. And i have the kindle for pc app which is good, until you need to update and dont have internet access. -
Qord
Member Posts: 632 ■■■■□□□□□□
Hows about right here?hrmph...no kindle version :-/. Must find other options.
http://www.techexams.net/blogs/slowhand/72-windows-powershell-resources.html -
the_hutch
Banned Posts: 827
JayTheCracker wrote: »python, php, javascript, bash
Unfortunately, a plugin is required to get Python running on powershell. Since I work in an organization with a very strict (and fairly dysfunctional) Change Management program, python in powershell is not really an option for me
-
crashdump
Banned Posts: 134
Hello,
From a security point of view what would be the best scritping/programming lanagaue to learn and why?
Thanks!
+1 for Java
