WyzGuys Tech Talk

Do you find your cybersecurity career is limited by your inability to program?  Few of the cybersecurity professionals I know personally know how to program, with the exception of those who work in a programming environment.  If you are considering learning to program, what languages are best for a cybersecurity career?  Do you need more than one? Where is the best place to start?

Prepare by setting up a couple practice systems to work with, and using  Windows and Linux virtual machines would be a good way to go.  Fatal accidents are easy to repair, and spinning up a new VM takes a few minutes.

There are also great training resources, many of them free, on places such as Cybrary, UDemy, and Linda.com

Shell Scripting – Probably the best place to start is with a scripting language.  In Windows this will be Powershell.  In Linux it will be Bash.  These days, Windows allows Bash scripting natively, so you may not need to have a Linux system handy to practice with, at  least not right away.

Powershell is based on earlier Windows coding environments such as Basic and Virtual Basic.  There are a lot of new exploits that take advantage of the power and permissions available in Powershell, so learning how to script in Powershell has both practical (automation of repetitive tasks) and tactical (blue team and red team uses) applications.

Bash is the Linux version of shell scripting, and again is a handy tool for both practical and tactical uses.

C – Of the classical programming languages, C is a programming language that has been used for over 50 years.  Unix was the first machine-portable operating system, and C was used to program for Unix.  There are still new cyber-exploits being released that are written in C.  If you like to begin at the beginning, this may be for you.

Python is the most popular programming language, and has cross-platform capabilities that means programs and exploits coded in Python will run on virtually and system.  If you want your skills to follow the crowd, this is for you.

PHP – Like Python, this is a very popular programming language.  It is used by over 80% of websites.  The popular CMS WordPress is written almost entirely in PHP.  If your career leads you into protecting websites and web applications, this is for you.

JavaScript is another popular programming language that is used in websites and applications.  Fluency in JavaScript can help you interpret, write, and correct errors in JavaScript code that can lead to exploits such as Cross-Site Scripting (XSS), Cross-Site Forgery Request (CSRF), and SQL Injection.

SQL or Structured Query Language is not technically a programming language, but most modern databases run on some version of SQL.  Modifying SQL queries can lead to SQL injection attacks, which can lead to loss of database contents, or even the takeover of the server.

Starting with a scripting language is probably the easiest way to learn code writing conventions.  Moving on to programming language choices, if you work in a server environment, I would suggest Python.  If you work more on the web, then PHP and/or JavaScript should be your preference.  If you work in databases, then SQL.

Good luck on your quest to learn how to program!

More information

• Tech Republic
• Objective-C, Golang, and Windows PowerShell lead list of 15 highest-paying programming languagesFind out which programming languages pay the most, and which ones are growing the fastest, according to a new Upwork report.