Programming is an amazing skill to have and I believe it’s especially essential if you want to be good at information security. With the magic of programming, you can write exploits, automate things, get better understanding of how something works under the hood or find vulnerabilities going through source code.
If you are reading this article, you belong to one of the following classes
- You want to learn programming but not sure where to start
- You tried learning programming in the past but you found it hard
- You are insecure about your skills so you are here to see what I have to say
To be able to write basic programs, you should know how to do the following things in the language you want to learn
- string formatting
- if else elif statements
- comparison operators
- arithmetic operators
- increment & decrement operators
- for and while loops
- Iterating over an array
- Finding length of a string or an array
- Get item/char by index from a string or an array
- Splitting and slicing a string or an array
- Finding or replacing a string within a string or an array
- Adding, Accessing, updating, removing items from an array or dictionary
- catching exceptions
- Opening/writing to a file
- Importing files and libraries
This is how I learned. It works even better when you already know a programming language but want to learn another one.
Where to learn all these things? Any good resources?
Pick up any book, seriously. One learns programming by writing programs not by watching a 2 hours long YouTube tutorial in one sitting or reading a book and mumbling “Yeah I get that, mmm hmmm, this chapter was easy, this one too and I can now do this thing too”. Learn a thing and try it before getting any further and don’t spend more than an hour in a day learning it. Believe me, completing all exercises in one day doesn’t work very well.
As I mentioned, you should try to implement everything you learn but where? A lot of people struggle with this so I planned a fun task for newbies which includes more than half of the things mentioned in the list. Don’t worry, there are no Endgame spoilers.
Save the following text in a file named
captain america<alive>black panther<dusted>
After saving, write a program that reads the file and saves all the names in three different files
died.txt without the suffixes i.e. removing
<alive> etc. from the names. The first letters of all the first and last names should be capitalized and the names should be stored in alphabetical order. Watch out for the blank lines and duplicate names ;)
How to write “advanced” programs?
Doing something innovative requires field knowledge. For example, nmap developer had a good understanding of networking, I was able to write XSStrike because I knew a thing or two about XSS, Miroslav wrote sqlmap because he had thoroughly researched SQL injection and so on.
Hence, knowing to the code isn’t enough, you need field knowledge as well. Also, try exploring libraries whether standard or not. For example,
requests library in python lets you make HTTP requests to web pages.
Your first project
Think of something you would like to create. It can be anything ranging from a program that checks which URLs are alive from a list of URLs or a web crawler. That’s all. Yeah, just start writing it. Google whatever you need to know, google the errors you get but don’t stop. You will get a plenty of time for planning and caring about the structure of your projects once you get good enough at the programming language you are learning. But for starters, just keep writing code.
Text Editor or IDE?
I have never used an IDE and I don’t recommend it to anyone either because they make you lazy. If you are taking my advice, I want you to bang your head against a wall after you realize that your program was not running because of a missing bracket in your code. Btw, I have always used Sublime Text and I love it. I use a large enough font and a blue light filter to make sure I don’t strain my eyes.
Is contributing to open source a good idea?
Yes. While you mention that you know programming on your CV, including your open source projects gives you a chance to impress the recruiter if your projects are good.
Also, working on open source projects not only gives you a chance to give back to the community, it also helps you become a better programmer.
Last thing, if this article helps you learn a programming language, let me know, you will make me smile.
Thanks for reading, good luck ^_^