May 11, 2021

Is knowing programming necessary for Hacking?

Home Forums Is knowing programming necessary for Hacking?

This topic contains 1 reply, has 2 voices, and was last updated by  [deleted] 2 weeks, 4 days ago.

  • Author
  • #386322


    I love cyber security, learning about data breaches and all that stuff. But I was just wondering if I need to learn how to program to become a hacker?

  • #386326


    It’s not absolutely necessary, Adrian Lamo had no programming experience and Kevin Mitnick had/has very minor programming knowledge, however it definitely helps. Knowing how a car works makes it far easier to fix something when it breaks, but you don’t need to be a mechanic to do an oil change or change a tire.

  • #386327


    You need to be able to read code and maybe modify a script here and there. I had an 8 years career in penetration testing and I can code shit! But I can read and modify

  • #386328


    No, programming knowledge is not required for many things which could be called “hacking.” For example, many data breaches, as you mentioned, can be carried out by people with no programming knowledge.

    Take the Equifax breach: attackers exploited a vulnerability in Apache Struts2, where the exploit code had been public for months. Anyone could have pointed the code at Equifax and executed it and gotten in without understanding how the code works.

    Another example: phishing. Phishing and malware delivered via email are two of the most common attack techniques which succeed against even the most hardened organizations every day. There are many markets online where you can buy phishing kits and malware, and services you can pay to send malware and phishing emails for you. This means that anyone can get out of bed one day and decide to hack an F500 company, and actually succeed to some degree by the end of the week — all without actually understanding anything about programming.

    In the infosec world, people who use existing tools to do damage without understanding how or why the tools work are referred to as “script kiddies,” a derogatory term meant to point out that they can only follow a script somebody else has prepared for them.

    There are also areas of infosec on the “good” side which don’t require programming knowledge, such as policy making and compliance. In compliance, you’d have a list of requirements and you’d analyze a company’s network to make sure certain things are configured a certain way, and that they are or aren’t doing this or that. For example, someone in Compliance might have analyzed the Equifax network and presented Equifax with a report saying “Applications use up-to-date software: no” which Equifax would have promptly ignored.

    But if you want to be a hacking “rock star,” one of the people who can allegedly hack into anything on a Saturday night because they feel like it, you will need to acquire programming knowledge eventually.

  • #386329



  • #386330


    Is it necessary? Technically, no.

    But we have a name for people like that: script kiddies.

    You need to know how what you’re doing works, you can’t just watch it work. You’re gonna want to know programming too, because it helps the concepts come together.

  • #386323



  • #386324


    Learn Python or GO and get this out of your way for once and for all. It takes just a few weeks anyway.

  • #386325



    And the sooner you start the sooner you’re ready to hack the way you want to. The sooner you start the sooner you understand why and how programming is so important to hacking.

You must be logged in to reply to this topic.