Penetration testing course: 0x02.4.1 What is the best programming language for hacking?






There isn’t a go-to programming language that is considered the best to use, so I’m not going to simply tell you one name, there’s no such secret recipe for developing security tools. It is much wiser instead to make a comparison between the most used programming languages and be ready to some flexibility. Technologies change and so we need to adapt; besides as you learn new things, you have a wider choice than you had before. Don’t be static, allow some dynamism, be willing to learn and improve your skills each and every time you get a chance to do it.






Penetration testing course: 0x02.4 Is programming important for hacking?






Long story short: yes, programming is important for being a good hacker or security professional. I’m sure you already wondered about the importance of programming if you are a beginner and if you are a professional you’ll often  shrug your shoulders when you see this question a lot or hear the answers. It’s a question that has been asked a …






Penetration testing course: 0x02.3.2 Network software – OSI and TCP/IP reference models






The first computer networks were designed with the hardware as the main concern and the software as an afterthought. This strategy no longer works. Network software is now highly structured. In the following sections we examine the software structuring technique in some detail. Protocol Hierarchies To reduce their design complexity, most networks are organized as a stack of layers or …






Penetration testing course: 0x02.3.1 Network hardware






Broadly speaking, there are two types of transmission technology that are in widespread use: broadcast links and point-to-point links. Point-to-point links connect individual pairs of machines. To go from the source to the destination on a network made up of point-to-point links, short messages, called packets in certain contexts, may have to first visit one or more intermediate machines. Often …






Cracking the infosec interview for fun and profit – how not to suck and get $$ hired $$






There are many people with different backgrounds approaching the world of Information Security and trying to land a job in this field:  software developers, sysadmins, network engineers, IT technicians, even people whose formal education and previous job don’t have anything to do with Infosec. Nowadays there aren’t strict requirements in terms of education for being an Information Security Professional, everyone …






Code elements to look for when automating exploit generation






When you test the security of an application (let’s say for finding a buffer overflow vulnerability) you can have a variety of tools at your disposal: Static code analysers: tools that allow the analysis of a program without actually executing it. They can check for Syntax errors, coding implementations that don’t adhere to the standard guidelines, security vulnerabilities. They are prone to a high number of false positive and false negative results. Normally they analyze …






Penetration testing course: 0x02.3 Introduction to Computer Networks






“Humans are social animals” like Aristotle said and as such they need to communicate with each other. At the beginning there was only oral (verbal) and written communication, then thanks to the evolution of electronics and telecommunication systems humans were able to communicate with each other remotely by broadcasting messages via electrical or wireless signals. We’ve seen the introduction of …






Best books, tutorials and courses to learn about exploit development






The best resources for learning exploit development Exploit development is considered to be the climax in the learning path of an ethical hacker or security professional. It is strongly advisable to have mastered the basics before delving into this topic. Exploit development is hard and it’s not something you learn at school or university (usually), not something any of your …






Penetration testing course: 0x02.2 Hexadecimal Numeral System






In the previous article we saw how binary numbers are represented and how to convert from decimal to binary and vice versa, finally how to perform operations like addition, substraction, multiplication, division and bitwise operations between binary numbers. In this lesson we’ll talk about the hexadecimal system and why it is important for computer science in general. DEFINITION In mathematics …






Penetration testing course: 0x02.1 Fundamentals of binary arithmetic






Any information processed by a computer is stored in binary format so it is fundamental that anyone is familiar with this numeral system. DECIMAL SYSTEM When we count we normally use the decimal system (base 10). Ten is the number which is the count of fingers and thumbs on both hands (or toes on the feet). Positional decimal systems include a …