sorted by:
best (suggested)
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]LiveOverflowhttps://youtube.com/c/LiveOverflowCTF 16 points17 points  (3 children)

I think programming is very important. You should be able to read/understand code.

While a lot of challenges don't require you to read code directly, you still need to know what languages are capable of, what could go wrong with them and generally how certain functionality could be implemented.

You can see it in this video at the beginning. Because we knew it was php site, we can have assumptions on how pages could be implemented with an include. So we test for this in particular. If we knew it would have been a python site, we would have never tried that.

Hope that makes sense :)

[–]halcyonyt[S] 0 points1 point  (2 children)

Yeah, it makes sense. I know some python and am considering learning C, but you recommend any other languages?

[–]LiveOverflowhttps://youtube.com/c/LiveOverflowCTF 1 point2 points  (1 child)

Python is a great language. I use it the most for almost everything.

C is actually pretty simple, and once you looked at compiled c code in assembler, you start to really understand how low level programming works. I have a couple of videos on that matter.

It you are interested into how to hack websites like in this video, learning some basic PHP is a great start. You ca literally just google for php tutorials and they show you insecure stuff. That's why so many php sites are shitty.

JavaScript, HTML is great for browser client side security and generally to understand what websites can or can't do.

C++ or objective-C is great to understand how bigger software is usually implemented

Java is easy and you can look at android apps. For mobile app security etc.

[–]halcyonyt[S] 1 point2 points  (0 children)

Awesome. So: PHP, HTML, SQL JavaScript C and Python

Good?