From: Sahir Hidayatullah (sahirh@mielesecurity.com)
Date: Sat Feb 11 2006 - 04:05:52 EST
I would say that C is the gold standard of programming languages for
security work. You'll find most PoC code in C as well, so it obviously helps
to be able to understand it. C++ would serve you better for application
development, specifically OOP. That said, I believe knowing a couple of
quick scripting style languages really helps when you need to whip up a tool
in a hurry.
I've recently fallen in love with Ruby www.ruby-lang.org, thanks in no small
part to its adoption by the Metasploit Project. I urge all of you to have a
look at it since it's both powerful and intuitive. Those who are already
familiar with Perl or Python will find it a breeze to pick up.
Cheers,
Sahir Hidayatullah.
-----Original Message-----
From: johnny Mnemonic [mailto:security4thefainthearted@hotmail.com]
Sent: Friday, February 10, 2006 11:12 AM
To: pen-test@securityfocus.com
Subject: Programming skills for Pen Testers
ok we all know that in addition to good network, host and application
security skills, programming in C is a pre-requisite for a decent pen tester
or at least one who wants to write their own security tools or simply audit
the open source code they use. My question is, despite their similarities
should a pen tester be concentrating on C or C++ ? That's it!
Thanks.
_________________________________________________________________
Get MSN Hotmail alerts on your mobile.
http://mobile.msn.com/ac.aspx?cid=uuhp_hotmail
----------------------------------------------------------------------------
-- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:30 EDT