How much python should I learn?

Sorry for the basic question but could someone please explain how much python I should know to be an adequate pen tester?

Ive googled the question and its always the same answer. Enough that you can edit an exploit to work for you but I need an example for this if anyone could give me a decent example?

I have done the majority of codecademy python course and it obviously doesnt cater towards pentesting so could someone please either post an exploit on here or a link and explain what about it I would need to change?

Thanks in advance to anyone who can help me out.

im not an expert nor a professional, so you should learn the basics of any languages, it means conditions, loops, arrays, then functions. after that you can go deeper with the concept of objects and class, methods.
from there, you can learn sockets, requests.
But more important, practice as much as you can, if you have an easy box, instead of using hydra to bruteforce, try to write your own tool.

Okay thanks for the input. So Im pretty good with everything except for classes and sockets right now. Havent got up to that yet.

Would you suggest starting on black hat python and violent python to learn those things?

I only suggest you to practice, just design a server with a login form, and write a bruteforce.

I agree with @peek!

I’d recommend to automate as much as possible when working on a box, even when you could also solve it manually by pasting things into burp or a browser. At the beginning developing a script might take longer than a bunch of manual actions, but it will finally pay off if you did it often enough.

@clarkey3110 - as you asked for a decent example: I think developing a script for Flujab (retired yesterday) is a very good one!

Watch / read for example how @0xdf and @ippsec develop their exploit scripts step by step:

A good way to learn is to do the natas challenges and write a script to solve each challenge. The only way to get better is by doing it.

Or do it on and try your own tools there :slight_smile:

Type your comment> @AgentTiro said:

A good way to learn is to do the natas challenges and write a script to solve each challenge. The only way to get better is by doing it.

yeah very good

Awesome thanks for the input guys! Really appreciate it. Not too sure what you mean by writing scripts to solve the Natas though. How would I write a script to find the password? Would that be "curl | grep password | ??? Something along those lines?

@clarkey3110 said:

Would you suggest starting on black hat python and violent python to learn those things?

In my opinion those two are great books to start with but they are old. That means that the code they contain can be easily improved and brought up to date. Also some attacks are old too but that doesn’t mean they have nothing to teach. Still these books contain a nice amount of information and also teach you how to write useful scripts to achieve your goals. It’s not what those books provide but how they provide it. So in my opinion even if they are old, these books are still worth-reading.

@kekra so ive read through that link… I don’t understand a thing about that. None of those sockets make sense because i’ve never used them. How do I learn ones specific to pentesting?

Do I literally just copy his script and try to understand little bits, then copy other peoples scripts for different things and slowly understand? Or is there a course that will teach me things specific to pentest and explain exactly what each is doing?

@game0ver Do you recommend any up to date books or up to date courses that will give me a good understanding?

What do you guys think of “Learning penetration testing with Python” book?

@clarkey3110 As the other people in this discussion said, I’d try to actively solve a problem (in a pentesting lab) and learn as you go!

Maybe Flujab is then too difficult, and a smaller challenge is better at the beginning. But I think it has several elements that you will often see, like: Sending HTTP requests, setting up a server that waits for replies in a loop, crafting a payload …

Break a problem down into smaller tasks, and build up a script step-by-step. For example, with Flujab you start out with a manual process - you type a SQL string into Burp. You could use a separate e-mail server (using the oneliner ippsec also shows) and read off the e-mail sent. Then that get’s tedious, and and you want to have a command line prompt where you just type the injection string. So you need to learn about how to send requests to a webserver (python requests module). Then you want to integrate that e-mail server better…

Or take @peek’s suggestion for a brute-forcer: Nearly every HTB box requires you to do some kind of fuzzing. Breaking that down into smaller tasks means: You need to learn how to open a file, parse it line by line, then send that input using some protocol. In a first step you would maybe just write a loop that echoes every line in the file. Then you replace the echo with an http request or running a system command (for example). The Hawk machine comes to my mind as a great example - here you had to guess which encryption algorithm was used, so you had to use nested loops - looping through a list of passwords and a list of potential algorithms.

If there is a new concept, for example sending http requests, then take a break and read the python documentation, or tutorials / examples for how to use the requests module.

@kekra thank you mate. Exactly the reply I was hoping for!

@clarkey3110 Books in python and how can be used in cyber-security come out very often. You just have to make a quick search on amazon and you’ll find a lot of books. The thing is that most of them re-implement the same ideas/scripts older books have, just using a newer module or by adding a new feature. That’s why I don’t really buy these books anymore. In my opinion a nice book (like the ones you mentioned) in combination with the amazing python online-documentation does the trick. This will get you up to speed to feeling comfortable programming in python and then you can practice as much as you want. Also since you are interested in security don’t limit yourself to python books only. For example “Hacking: The Art of Exploitation” is a great book (old but great even today), the examples are in c but it teaches some nice concepts. Another thing you can do is read a lot of writeups. This will not only make you familiar with programming but with security concepts and techniques also. Then as others suggested attempt to write your own scripts.

The more you learn the better. Knowledge is power, the question what should you learn.
sockets, networking programming such as intercepting packets, pwn tools for python, sending http/https requests and so on. (ofcourse the basics is very necessary)

Disclaimer: I’m biased. I’m new to security but have significant background in software development and some in data science. In both areas we use python extensively.

That being said, because of my bias when faced with a problem on a box python is usually the first tool I reach for unless there is something that is too easy to ignore. This has made a lot of problems on the boxes I did so far extremely simple (nosql bruteforcing, converting exploits to ipv6 from ipv4, automating getting a logged in session from a webform and submitting a payload, writing an interactive ‘shell’ that is really just SQLi in the background, etc…) so my advice would be to learn the python basics and just challange yourself to write a custom script when a custom problem arise. It will take time but the more it is done, the more value comes out of it.

That’s a pretty piss poor question IMO, because it’ll become obvious if and when you need to learn more. Programming’s not really the #1 thing here, so it’s up to you…

– I’ve moved this from the bottom to here, coz the post is quite long… For what you’re doing it really doesnt matter that much, Python’s that simple you can litterally write the code as you’re reading the manual. Learning C would make you a much more ‘adequate pentester’ as you put it, because you’d actually see what causes security issues and vulnarabilities.

Litterally all a vulnarability is, is a bug, usually because someone cough GNU developers cough can’t be arsed to write it properly, then can’t be arsed to fix it when it gets reported.

As a programmer of 20 years, I do have strong opinions and hopefully nobody’ll take this the wrong way.

If you really want to better yourself, Learn C, if you’re asking what/how/wether or not you should do x or y. It’s small, but it’s complete, it’s still the language pretty much all systems programming is done in, and you’ll learn more in a week about the underlying system than a lifetime writing python…

Python is great for this sort of thing because it’s a) very simple and b) got some great libraries that take no effort to install and use… unfortunately it’s pretty piss poor on performance (using PyPy will help), and personally I hate the fact my system even has python as a dependency, let alone managing another environment (2 with python, as python2 still hasn’t taken the hint) full of libraries and god knows what other command line tool’s being repped on github this week.

I’d recommend against even learning OOP, it’s a concept that originated in functional programming (Lisp if i recall) and it’s got absolutely no place in systems programming.

C is already on your system, the man pages are a brilliant source of information, rather than googling for a tutorial that may have been written by a cretin, the man pages are the last word in documentation on UNIX.


@Anandsoni143 said:


Find something you want to exploit, and use google to figure out how to do it with Python. Keep doing that and you’ll improve.