Best language for aspiring Penetration Tester? | SoloLearn: Learn to code for FREE!

+64

Best language for aspiring Penetration Tester?

I want to be a Penetration tester, but I don’t know which languages are the best for that type of thing, or if they all are.

5/17/2018 11:45:57 AM

Nicholas

83 Answers

New Answer

+83

Penetration testing is huge, so your first step should be establishing the kind of targets you want to test, so you don't burden yourself. Once you do that, it's essential that you get accustomed with the software on that kind of targets: - learn about their vulnerabilities; - find out the recommended security practices for that software, which will give you valuable hints about the kind of testing you can start with; - learn about the vulnerabilities of the operating systems that your target software rely on; - learn about network security vulnerabilities; - be creative. Basically, you have to learn a lot if you want to be a proficient penetration tester. Because if you only learn a few things about using some tools in Kali Linux, you will only become what is known as a "script kiddie". 😝 A very good language for penetration testing is Python, because you can do virtually anything with it. No compilation required, no strict types, no memory allocation. Less work, more results for this kind of testing.

+56

possible C, Java, PHP and as Jan Markus sayd Python 🤔

+51

BRO IF YOU WANT A SUCCESSFUL CAREER IN HACKING YOU NEED TO KNOW ALMOST ALL MAJOR LANGUAGES ( trust me ) HACKING IS LIKE REVERSE ENGINEERING AND BEFORE YOU REVERSE ENGINEER SOMETHING YOU MUST KNOW HOW TO "ENGINEER" IT. for example if you hack a website then fluency with HTML/CSS/JS/PHP etc can prove to be beneficial and will give you an edge over other hackers and a better understanding of the vulnerabilities. As far as your question is concerned I will highly recommend learning Python. learning python will give you an edge over a lot of ethical hackers as Python finds uses in a variety of things in the field of security. for example you can create a python script to automate a tedious task or set of commands in the terminal. Most of the hacking tools are also based on python so knowing python will enable you to be better at using them. But do remember learning Python won't really teach you hacking it will just help you in the hacking process and increasing your efficiency. Hope it helps HAVE A NICE DAY !😉

+37

Also learn bash, power shell, and how to create cron jobs.

+23

Bash and/or Powershell, Python, C/C++, various Linux commands and/or maybe Windows commands.

+22

HTML Language used to write web pages. Web hacking Login forms and other data entry methods on the web use HTML forms to get data. Been able to write and interpret HTML, makes it easy for you to identify and exploit weaknesses in the code. 2 JavaScript Client side scripting language Web Hacking JavaScript code is executed on the client browse. You can use it to read saved cookies and perform cross site scripting etc. 3 PHP Server side scripting language Web Hacking PHP is one of the most used web programming languages. It is used to process HTML forms and perform other custom tasks. You could write a custom application in PHP that modifies settings on a web server and makes the server vulnerable to attacks. 4 SQL Language used to communicate with database Web Hacking Using SQL injection, to by-pass web application login algorithms that are weak, delete data from the database etc. 5 Python Ruby Bash Perl High level programming languages Building tools & scripts They come in handy when you need to develop automation tools and scripts. The knowledge gained can also be used in understand and customization the already available tools. 6 C & C++ High level programming Writing exploits, shell codes etc. They come in handy when you need to write your own shell codes, exploits, root kits or understanding and expanding on existing ones. 7 Java CSharp Visual Basic VBScript Other languages Other uses The usefulness of these languages depends on your scenario.

+19

I would give Python a try.

+13

Visit cybrary.it it's a free cyber security training site. It includes different programs from beginner to expert. They have different courses that teach using programming languages to enhance penetration. Python, c, c++ are highlighted in the courses having a firm grasp would help you understand faster. My username is makangamchovu in cybrary.it I'll be happy to guide you from there.

+10

- C and Python - php and network knowledge - (linux/windows) commands

+9

i am suffering for becoming certified tester

+8

You need to learn most languages to be an efficient pen tester but I recommend you stay with #python

+8

Penetration testing doesn't need a particular language. You need to learn a whole bunch of things like: 1) Get to know about exploits and where and how to use them 2) Know more about vulnerabilities and where to use them 3)You can start practicing in some hacking os like Kali Linux, Backtrack, Parrot etc. 4)Get to know about basic vulnerabilities of servers and networks Actually it can't be described in a simple way...you just have to be creative and have an idealistic approach to get successful. You will come to know about Scripting and searching vulnerabilities of servers, systems etc. So I recommend everyone to use Python for penetration testing as it's easy and simple. All The Best

+7

learning cmd and powershell, some reg edit. what u look for? penetrating existing prog or creating one?

+7

If I put aside programming languages for a moment, "Kali Linux" is exactly what do you want. If you just wanna take feel of it then create an image in pendrive and run it live, but if you wanna go in deep, I would suggest to install it parallelly with whatever OS you have. To operate it you don't need to be a programmer as long as you are a trickster. But at some level you should know shell programming for Linux and that's enough

+7

If you really wanna be the PEN TESTER GUY, then Maximum proficiency in UNIX and Kali Linux is highly mandatory and Python skills is inevitable. Not forgetting you must know how to build packages that will run along with daemons(services) without having any interaction with the shell, this will prevent your script from been killed using the PS UNIX command. Also you must have good knowledge of configuring virtual box to run multiple operating systems and test run your scripts on the various O.S using virtual box. I hope this helps.

+7

Ruby (Metasploit and wpscan are written in it) & Python

+7

@Ridwan if your fam hasn’t had this conversation with you yet... ... jk... jk, seriously, hacking pretty much 😋

+7

Penetration testing is a rabbit hole and I’m still trying to find the white rabbit 🐇🤣. I’m not going to beat a dead horse, obviously from the reads pythons and they also explain why. Kudos to everyone who said python 😝❤️😂Though if I could learn one language it would be the language of electrons(this doesn’t exist as thing sadly). Since that’s what any programming language (any computer)is doing pushing around electrons (a whole lot of them). Seeing how these electrons travel through the computer and communicate between each other is essentially what pentester does. “Will these electrons(the security) give up these other ones (the data) if I give them these (my malicious script)” So it’s more a method, an approach, then it is trying to learn everything about one programming language or even multiple programming language. You can invest a lot of time in any of them and it’ll be very rewarding but at some point WILL touch/look at/ tear up/ modify/recreate with many of them. Then you’ll see this door way of understanding and logic open when I speak of these electrons and their ways. Each system is setup different with different admins different mindsets different hardware different software which will require different tactics and methods. So I think of it like an RPG and the first language is your weapon you need to level up. Then you’ll come across monsters that are resistant to your weapon so you have to start a new quest and find different weapons that will kill that monster or you’ll never get through that level. I’ve known some pentesters that knew very little for higher level programming languages but were super powerful in bash, powershell, network communications, and just understood how the system is designed. Since really the end goal is always the same “make the connection”. There is always more than one way to skin a cat. If you interested I have a few python networking scripts loaded on here so you can see how a simple python program can interface with a network socket.

+6

At least Python and C/C++ or a similar combo.

+6

White Hat Or ruby, Py and ruby are really good for writinf exploits. Php ? its almost only for php backdoors, but there is weevely for that ;) I would suggest Lua, Python , Ruby. And maybe Lisp