Penetration Testing mailing list archives

RE: Programming skills for Pen Testers

From: "Terry Vernon" <tvernon24 () comcast net>
Date: Fri, 10 Feb 2006 14:27:04 -0600

Since programming skills aren't a "have it or die" requirement to do the job
it would seem it's all up to preference. I would say however, from
preference, that learning C opened up several pathways for me when I was
getting into pen-testing, which was a graduated path that came after my
script kiddy period. Also knowing C gives the ability to read almost every
other major coding language used in app development today with minimal trips
to Google. 

I'd say if you know one, you can wing it in the other. So go with the one
you feel most comfortable with. I'd pick C for its historic value and the
fact that C++ is simply C with improvements.

-Terry

-----Original Message-----
From: johnny Mnemonic [mailto:security4thefainthearted () hotmail com] 
Sent: Thursday, February 09, 2006 11:42 PM
To: pen-test () securityfocus com
Subject: Programming skills for Pen Testers 

ok we all know that in addition to good network, host and application 
security skills, programming in C is a pre-requisite for a decent pen tester

or at least one who wants to write their own security tools or simply audit 
the open source code they use. My question is, despite their similarities 
should a pen tester be concentrating on C or C++ ? That's it!

Thanks.

_________________________________________________________________
Get MSN Hotmail alerts on your mobile. 
http://mobile.msn.com/ac.aspx?cid=uuhp_hotmail


----------------------------------------------------------------------------
--
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are

futile against web application hacking. Check your website for
vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers
do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
----------------------------------------------------------------------------
---


------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner: 

Hackers are concentrating their efforts on attacking applications on your 
website. Up to 75% of cyber attacks are launched on shopping carts, forms, 
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are 
futile against web application hacking. Check your website for vulnerabilities 
to SQL injection, Cross site scripting and other web attacks before hackers do! 
Download Trial at:

http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------

Current thread:

Programming skills for Pen Testers johnny Mnemonic (Feb 10)
- RE: Programming skills for Pen Testers Terry Vernon (Feb 10)
  - RE: Programming skills for Pen Testers Muhammad Omar Khan (Feb 11)
- Re: Programming skills for Pen Testers Justin Ferguson (Feb 10)
- Re: Programming skills for Pen Testers FocusHacks (Feb 11)
  - Re: Programming skills for Pen Testers intel96 (Feb 12)
    - RES: Programming skills for Pen Testers 7978488 (Feb 12)
- Re: Programming skills for Pen Testers thomas springer (Feb 11)
  - Re: Programming skills for Pen Testers pagvac (Feb 11)
- RE: Programming skills for Pen Testers Sahir Hidayatullah (Feb 11)
- <Possible follow-ups>
- RE: Programming skills for Pen Testers Shenk, Jerry A (Feb 11)
  - RE: Programming skills for Pen Testers jeremiah (Feb 11)

(Thread continues...)