Programming background

Before we proceed further in this chapter, I have to address the topic of your programming background in detail to help and guide you in the right direction as regards programming languages. I was a programmer for around 10 years before I turned into a full-time cyber-security expert. I can tell you that the experience that I acquired during my programming career greatly helped me in becoming successful in the field of application security. After all, how can you give an expert advice if you've never developed a web application in your life?

Programming languages are divided into categories, and and they share a lot of similarities (more than you can imagine). Later in this chapter, I will show you the coding security checks (for web applications), but without referring to a specific one, because the checklist can be applied to any web application programming language.

Here's what you need to know about the most popular programming languages, and about the category to which they belong (again, these are the popular ones, not all of them):

  • Web application development: Java, C#, .NET, and PHP
  • Drivers and hardware: C, C++, and assembly language
  • Reverse engineering: Assembly language
  • Database: Structured Query LanguageSQL
  • Scripting languages: Python, Perl, and Ruby

Do you really need to learn all these languages? Yes, kind of, but let me make your life easier and simplify the task for you. First, start by learning a scripting language. In the upcoming chapters, you will encounter a special chapter that teaches you about Python. This language will help you a lot in automating your penetration testing activities, and at the same time it will help you to learn the basics of programming. Next, you will, need to learn at least one of three languages: Java, C#, .NET, or PHP. You also have to practice your use of them by developing web applications yourself. While you're learning web application programming, you will also learn SQL because you will interact with the database, so that's two birds with one stone. Assembly language is a special low-level language, but if you learn it, you will gain many more programming skills. As an application security professional, you will almost never have to deal with drivers/hardware or malware reverse engineering, so you can exclude these categories altogether.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.222.240.21