Writing your own scripts: a great way to practice

 In the world of Hacking, and even IT, being able to write your own scripts is arguably an essential tool to have. Whether it's bash, powershell, python, etc. knowing even one language enough to write scripts is something you should definitely take time to learn. 

So, you might ask what is the point of making these scripts if there are multiple scripts that are already made? There are plenty of script writers who are much better... but there are a few reasons! 

One: Practicing with different languages.

Although most languages are the same at the basic level writing scripts is a way to get a good and quick understanding of different languages. Programmed something in bash? Try Python. Did it in powershell? Try Go. This exposes you to different languages even if the concept is the same. The idea is getting a good understanding, not practicality. You don't need to write super long programs to get an initial grasp of a language! 

Two: Customization

Arguably customization is probably the most advantageous thing about writing your own scripts. You are able to write something that you yourself have control over, and can expand on it. For instance on my github I have a script I wrote from the TCM practical hacking course. I can expand on it with how much ever I want, and add to it. 

Three: A little more discrete

Google, bing, networks, etc. all already know about nmap, gobuster, among others. Writing your own scripts allow you to be a little more discrete as applications are less likely to flag your content... immediately. ;) 

At the end of the day writing your own scripts is always good practice. Even if there are a multitude of better scripts there are many good reasons to write your own scripts and in general knowing how to write these scripts is essential if you want to excel at your IT/Cybersecurity career. 

Want to write your first script? My suggestion is writing a simple recon script in bash, Python, or a language of your choice. 

https://null-byte.wonderhowto.com/how-to/write-your-own-bash-script-automate-recon-0302808/  this null byte link is a great way to do a quick script for some web recon. 

Thanks for reading, Happy Hacking! :) 

XO, BlackCatt

Comments

Post a Comment

Popular posts from this blog

DEFCON 32: My review as a first time attendee.

 Since the first time I heard about DEFCON (2018, probably before) I have wanted to attend. Due to time and mainly money, I haven't been able to up until now. Thankfully, my job (thank you very much!) paid for most everything an I was able to go this year. I am going to talk about my experience there and some tips for next year if you decide to (hopefully) go! Let's start with the location. I hadn't been to the previous DEFCONs so I didn't know what it was like but this year it was held in the west wing part of the Las Vegas Convention Center. This location is right by multiple hotels (mine was about 10-15 min walk which wasn't too bad), and close to the strip. This center is huge and we were *just* in the west wing part of it. What I enjoyed most about this honestly was the central location. I can imagine walking across multiple hotels would get a bit tiresome. Everything was relatively close and about a 5 minute walk, or 30 second escalator ride. There were... A L
Read more

Post SOTB and Happy New Year :)

Image
 If you missed out on SOTB that really stinks, but also I understand. Shell on the Border happened during new years and man was it an amazing experience. I couldn't attend the speaker part but the ctf was fun. It was at an arcade that had major Mr. Robot vibes. A truly different and awesome experience in the unlikely city of Fort Smith, Arkansas. Want to make a huge shout out Shyft, MoonKaptain, Fie, FractumSeraph, Allee, Fort Smith Arcade, and HackNWA (if I forgot you I am sorry it's not on purpose). All of y'all made this an amazing experience and the work we put it in was definitely seen. I am proud to be apart of FS2600 and I am grateful for the opportunity to be able to help, and to even do some of my first challenges.  I wanted to go over my challenges that I did, just 3, for those that are curious. First of all this being my first time making CTF challenges there were some mistakes on my part. I had made these challenges with a huge assumption of prerequisite knowled
Read more

Vulnerability Spotlight: Type confusion

What is type confusion exactly? And how can it be used to exploit programs? According to the CWE (Common Weakness Enumeration) "Type confusion is when: the program allocates or initializes a resource such as a pointer, object, or variable using one type, but it later accesses that resource using a type that is incompatible with the original type. When the program accesses the resource using an incompatible type, this could trigger logical errors because the resource does not have expected properties. In languages without memory safety, such as C and C++, type confusion can lead to out-of-bounds memory access." C and C++ are common examples used because these languages do not have type checking. This allows attackers to potentially exploit type confusion within C/C++ programs, which can lead to code execution. Of course C and C++ are not the only examples, languages with dynamic typing generally (like Perl) have this issue. C++ has 3 main Cast
Read more