Top 5 Programming Languages for CyberSecurity in 2020
You might want to check these out if you're interested in starting your career.
Whether you are a would-be professional, a security enthusiast, or a seasoned veteran, the truth is that the tech landscape is constantly changing. The purpose of this article isn’t to force any programming language upon you, it’s to offer up perspectives on why you might want to look at each one.
My daughter asked me the other day why there are so many languages. I told her they’re just like tools you buy at the hardware store — there’s a tool for every job, and many tools you can use for the same job.
Sure, you could flip your screwdriver around and hammer a nail into place very poorly and you would technically get the job done, but using a hammer would be a lot less stupid. Ok, on to the list.
Python has been at the front of the game for quite a few years now. It’s a general purpose, server side scripting language (meaning it doesn’t have to be compiled) that been used for thousands of security projects. The majority of security tools and PoCs you will find are written in Python, and with good reason: it’s super easy to pick up and use. Not to mention, there are tons of amazing modules being developed every day to help you tackle nearly any problem. Even if you don’t plan on using it, you might want to learn how to read/modify scripts with Python. Chances are, you’ll end up doing just that at some point.
I just gagged a little, sorry. I’m not a huge Windows fan, and most of us aren’t anymore, but that doesn’t change the fact that Windows will be the front-runner for years to come. Banks will use Windows XP until the wheels fall off, and the federal government uses Windows (usually not XP..) throughout all of their departments. So what can powershell do for you? Everything but wipe the tears from your eyes. It’s a powerhouse for post exploitation of a Windows machine, and can do some cool stuff like dumping ADFS user emails and helping with user privilege escalation.
4. Assembly Language
This isn’t for everyone. Literally, you won’t all have to use this. But, any security list would be incomplete without talking about Reverse Engineering. There are some pretty awesome tools to help with RE, like IDA and Ghidra, but some assembly is still required. Forgive the pun, and look at assembly language if you’re interested in malware and RE.
Yeah, I said it. Ruby. Now fight me. Some of the biggest security tools are written in Ruby (ever used metasploit?), and for good reason: it’s a lot like Python, super easy to use and has a ton of community support. Not to mention, there’s some pretty cool overlap between security and app development if you ever want a side gig. This last spot was a hard one to fill, so let me talk about some that didn’t make the list.
- Golang/Go: A powerful language that compiles to a stable, super fast executable that is cross-platform compatible. Tools like GoPhish are written in Go.
- C (not C++): The tried and true standard. I almost put this in the list for RE, because knowing C will for sure boost your prowess with RE and malware.
Ethical hacker and IoT security specialist.