+ 64

Best language for aspiring Penetration Tester?

I want to be a Penetration tester, but I don’t know which languages are the best for that type of thing, or if they all are.

17th May 2018, 11:45 AM
Nicholas
Nicholas - avatar
81 Respuestas
+ 83
Penetration testing is huge, so your first step should be establishing the kind of targets you want to test, so you don't burden yourself. Once you do that, it's essential that you get accustomed with the software on that kind of targets: - learn about their vulnerabilities; - find out the recommended security practices for that software, which will give you valuable hints about the kind of testing you can start with; - learn about the vulnerabilities of the operating systems that your target software rely on; - learn about network security vulnerabilities; - be creative. Basically, you have to learn a lot if you want to be a proficient penetration tester. Because if you only learn a few things about using some tools in Kali Linux, you will only become what is known as a "script kiddie". 😝 A very good language for penetration testing is Python, because you can do virtually anything with it. No compilation required, no strict types, no memory allocation. Less work, more results for this kind of testing.
21st May 2018, 8:36 PM
Nicolae Crefelean
Nicolae Crefelean - avatar
+ 56
possible C, Java, PHP and as Jan Markus sayd Python 🤔
17th May 2018, 11:53 AM
tooselfish
tooselfish - avatar
+ 51
BRO IF YOU WANT A SUCCESSFUL CAREER IN HACKING YOU NEED TO KNOW ALMOST ALL MAJOR LANGUAGES ( trust me ) HACKING IS LIKE REVERSE ENGINEERING AND BEFORE YOU REVERSE ENGINEER SOMETHING YOU MUST KNOW HOW TO "ENGINEER" IT. for example if you hack a website then fluency with HTML/CSS/JS/PHP etc can prove to be beneficial and will give you an edge over other hackers and a better understanding of the vulnerabilities. As far as your question is concerned I will highly recommend learning Python. learning python will give you an edge over a lot of ethical hackers as Python finds uses in a variety of things in the field of security. for example you can create a python script to automate a tedious task or set of commands in the terminal. Most of the hacking tools are also based on python so knowing python will enable you to be better at using them. But do remember learning Python won't really teach you hacking it will just help you in the hacking process and increasing your efficiency. Hope it helps HAVE A NICE DAY !😉
21st May 2018, 3:44 PM
priyanshu_irl_
priyanshu_irl_ - avatar
+ 37
Also learn bash, power shell, and how to create cron jobs.
17th May 2018, 11:57 AM
Xpl0it
Xpl0it - avatar
+ 23
Bash and/or Powershell, Python, C/C++, various Linux commands and/or maybe Windows commands.
17th May 2018, 1:23 PM
Samuel Vincent
Samuel Vincent - avatar
+ 22
HTML Language used to write web pages. Web hacking Login forms and other data entry methods on the web use HTML forms to get data. Been able to write and interpret HTML, makes it easy for you to identify and exploit weaknesses in the code. 2 JavaScript Client side scripting language Web Hacking JavaScript code is executed on the client browse. You can use it to read saved cookies and perform cross site scripting etc. 3 PHP Server side scripting language Web Hacking PHP is one of the most used web programming languages. It is used to process HTML forms and perform other custom tasks. You could write a custom application in PHP that modifies settings on a web server and makes the server vulnerable to attacks. 4 SQL Language used to communicate with database Web Hacking Using SQL injection, to by-pass web application login algorithms that are weak, delete data from the database etc. 5 Python Ruby Bash Perl High level programming languages Building tools & scripts They come in handy when you need to develop automation tools and scripts. The knowledge gained can also be used in understand and customization the already available tools. 6 C & C++ High level programming Writing exploits, shell codes etc. They come in handy when you need to write your own shell codes, exploits, root kits or understanding and expanding on existing ones. 7 Java CSharp Visual Basic VBScript Other languages Other uses The usefulness of these languages depends on your scenario.
22nd May 2018, 3:44 AM
Andrew Watts
Andrew Watts - avatar
+ 13
Visit cybrary.it it's a free cyber security training site. It includes different programs from beginner to expert. They have different courses that teach using programming languages to enhance penetration. Python, c, c++ are highlighted in the courses having a firm grasp would help you understand faster. My username is makangamchovu in cybrary.it I'll be happy to guide you from there.
22nd May 2018, 5:57 AM
matopekali
matopekali - avatar
+ 10
- C and Python - php and network knowledge - (linux/windows) commands
22nd May 2018, 5:07 PM
Hossein
Hossein - avatar
+ 9
i am suffering for becoming certified tester
21st May 2018, 3:44 PM
Charan Leo25
Charan Leo25 - avatar
+ 8
You need to learn most languages to be an efficient pen tester but I recommend you stay with #python
22nd May 2018, 12:07 AM
Franklin
Franklin - avatar
+ 7
learning cmd and powershell, some reg edit. what u look for? penetrating existing prog or creating one?
21st May 2018, 3:33 PM
Apple Blossom
Apple Blossom - avatar
+ 7
If I put aside programming languages for a moment, "Kali Linux" is exactly what do you want. If you just wanna take feel of it then create an image in pendrive and run it live, but if you wanna go in deep, I would suggest to install it parallelly with whatever OS you have. To operate it you don't need to be a programmer as long as you are a trickster. But at some level you should know shell programming for Linux and that's enough
21st May 2018, 4:04 PM
Zoetic_Zeel
Zoetic_Zeel - avatar
+ 7
If you really wanna be the PEN TESTER GUY, then Maximum proficiency in UNIX and Kali Linux is highly mandatory and Python skills is inevitable. Not forgetting you must know how to build packages that will run along with daemons(services) without having any interaction with the shell, this will prevent your script from been killed using the PS UNIX command. Also you must have good knowledge of configuring virtual box to run multiple operating systems and test run your scripts on the various O.S using virtual box. I hope this helps.
21st May 2018, 9:05 PM
Akoh Peter Emeka
Akoh Peter Emeka - avatar
+ 7
Ruby (Metasploit and wpscan are written in it) & Python
21st May 2018, 11:37 PM
ScriptKittie
ScriptKittie - avatar
+ 7
@Ridwan if your fam hasn’t had this conversation with you yet... ... jk... jk, seriously, hacking pretty much 😋
21st May 2018, 11:39 PM
ScriptKittie
ScriptKittie - avatar
+ 7
Penetration testing is a rabbit hole and I’m still trying to find the white rabbit 🐇🤣. I’m not going to beat a dead horse, obviously from the reads pythons and they also explain why. Kudos to everyone who said python 😝❤️😂Though if I could learn one language it would be the language of electrons(this doesn’t exist as thing sadly). Since that’s what any programming language (any computer)is doing pushing around electrons (a whole lot of them). Seeing how these electrons travel through the computer and communicate between each other is essentially what pentester does. “Will these electrons(the security) give up these other ones (the data) if I give them these (my malicious script)” So it’s more a method, an approach, then it is trying to learn everything about one programming language or even multiple programming language. You can invest a lot of time in any of them and it’ll be very rewarding but at some point WILL touch/look at/ tear up/ modify/recreate with many of them. Then you’ll see this door way of understanding and logic open when I speak of these electrons and their ways. Each system is setup different with different admins different mindsets different hardware different software which will require different tactics and methods. So I think of it like an RPG and the first language is your weapon you need to level up. Then you’ll come across monsters that are resistant to your weapon so you have to start a new quest and find different weapons that will kill that monster or you’ll never get through that level. I’ve known some pentesters that knew very little for higher level programming languages but were super powerful in bash, powershell, network communications, and just understood how the system is designed. Since really the end goal is always the same “make the connection”. There is always more than one way to skin a cat. If you interested I have a few python networking scripts loaded on here so you can see how a simple python program can interface with a network socket.
22nd May 2018, 11:46 AM
Brandon Baldwin
Brandon Baldwin - avatar
+ 6
At least Python and C/C++ or a similar combo.
22nd May 2018, 10:59 AM
Maxwell Anderson
Maxwell Anderson - avatar
+ 6
White Hat Or ruby, Py and ruby are really good for writinf exploits. Php ? its almost only for php backdoors, but there is weevely for that ;) I would suggest Lua, Python , Ruby. And maybe Lisp
24th May 2018, 4:27 PM
1337 H4x0r
1337 H4x0r - avatar
+ 6
tl;Dr the path to becoming a pentester isn't about learning a ton of code. first focus on the basics, like get the knowledge you need for comptia a+ and network+ Then I can recommend perl or python as a scripting language. You should learn c, c++, html, js, php, and sql. along the way learn not only to read assembly but write it, turn it into shellcode, eliminate bad characters, etc. do that and then you just need to learn a few tools which will be piss easy after.
25th May 2018, 3:19 PM
Marinus Bokslag
Marinus Bokslag - avatar
+ 5
you'd better try python...
21st May 2018, 3:29 PM
Mohammad.P
Mohammad.P - avatar