Five Scripting Skills Every Security Technician Should Have

Scripting and an understanding of scripting languages are critical skills for infosec folks. Not only do they lend themselves to understanding threats and attacker tools, but in many cases they make it possible for automation to assist the infosec practitioner in performing many of their duties and can help them be more effective in environments where large quantities of data must be analyzed against common issues or have similar functions performed repeatedly.

In my opinion, here is a quick summary of the top 5 scripting skills infosec folks should have or pursue.

1. Shell scripting or batch file programming – These skills are essential for the day to day work of an infosec technician. Such programming often increases the effectiveness of work tasks and brings greater quality to things like data analysis, basic reporting and other essential functions.

2. PERL – Perl is just plain critical. It is THE language of performing complex analysis of data, automating many security focused tasks and even doing socket-based network and application work. Perl is easy to learn, simple enough to manage and powerful enough to automate complex tasks. If you need a swiss army knife programming language, Perl will rise to the challenge.

3. Javascript – This language is essential to understanding modern web mechanisms and attacks. Basic knowledge of Javascript will take practitioners far into the web-application realm and can be leveraged to gain knowledge of AJAX, SOAP and deeper web architectures. While it can also be used for some simple forms of web-based assistance or aggregation, it may not be an overwhelming aid to your productivity like other languages, but in order to have even basic web-application skills, it is simply a must.

4. Python – Python is the quick hack choice for doing network and socket-based tool prototyping. Its rich and simple socket controls make it a clear choice for pen-testers and other developers of “quick and dirty” code. It makes a fantastic alternate choice for Perl folks, and can be used to do some effective data parsing as well. The syntax seems to be even easier than Perl and many folks become proficient in it more quickly than Perl.

5. Ruby – Ruby is the Perl of the future. It is a fantastic prototyping language and of course, it powers Rails, which makes it a growing giant in Web 2.0. Ruby and Ruby on Rails (RoR) can be leveraged by security folks to quickly create demonstration sites, to establish honeypot sites and even to create web-based tools quickly to share with others in their organization. In addition, Ruby alone can be used to automate large amounts of data processing, create custom reports and can be just as useful and powerful as Perl. Depending on how the future of Ruby shakes out, it might even surpass Perl in the future as the critical language for doing real work, so it makes sense to add it to your repertoire.

There you have it. Take the time to learn the basics of these scripting languages and then look for places in your daily work to apply automation. As your skills grow, likely your capabilities to automate much of the manual work you do will grow as well. Who knows, you might just automate yourself back into having free time again. Not to worry though, that would just give you even more time to concentrate on your scripting skills!

This entry was posted in General InfoSec by Brent Huston. Bookmark the permalink.

About Brent Huston

I am the CEO of MicroSolved, Inc. and a security evangelist. I have spent the last 20+ years working to make the Internet safer for everyone on a global scale. I believe the Internet has the capability to contribute to the next great leap for mankind, and I want to help make that happen!

Leave a Reply