From: FocusHacks (focushacks@gmail.com)
Date: Fri Feb 10 2006 - 11:53:24 EST
I honestly don't think that programming in C is any sort of a
prerequisite for a penetration tester. It's perhaps a pre-requisite
for a security researcher.
There was a discussion not long ago where we talked about how many
pen-testers actually sit down, wade through other peoples' code look
for exploitable code, and write PoC code. Not many pen-testers do
this. First off, if a person has those sort of skills, they can
probably make more money in development QA than they can as a
pen-tester, and next off, that sort of task takes a LOT of time, and
they wouldn't have enough time in a week to get any pen-tests in, if
they were sitting in front of a computer all day long grokking code.
C++ is object oriented C. If you learn C++, you'll learn C, and if
you learn C, learning C++ isn't hard, but learning how to think
object-oriented causes some people problems.
Most normal UNIX stuff is just written in plain old vanilla C, though.
On 2/9/06, johnny Mnemonic <security4thefainthearted@hotmail.com> wrote:
> ok we all know that in addition to good network, host and application
> security skills, programming in C is a pre-requisite for a decent pen tester
> or at least one who wants to write their own security tools or simply audit
> the open source code they use. My question is, despite their similarities
> should a pen tester be concentrating on C or C++ ? That's it!
>
> Thanks.
>
> _________________________________________________________________
> Get MSN Hotmail alerts on your mobile.
> http://mobile.msn.com/ac.aspx?cid=uuhp_hotmail
>
>
> ------------------------------------------------------------------------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking applications on your
> website. Up to 75% of cyber attacks are launched on shopping carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
> futile against web application hacking. Check your website for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> -------------------------------------------------------------------------------
>
>
-- http://www.FocusHacks.com - The Ford Focus Modification Site! ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:30 EDT