Is python or ruby good for penetration testing?
I hear python is very good for pentesting. It has got good modules for that. But not a good framework like metasploit.
Is python or ruby good for penetration testing?
I hear python is very good for pentesting. It has got good modules for that. But not a good framework like metasploit.
Any language that has good, easy string handling capabilities is a good match for penetration testing. This is why you see scripting languages as the most used languages in this sort of tasks.
To answer your question, they're just as good.
As far as I'm concerned, Python and Ruby are much of a muchness. When you really get down to it they basically do the same things, it's all down to your preference. Metasploit was written in Ruby, and many fantastic pen tools were written in Python. Perl is also a good choice, and one I use often. It has many useful modules, not to mention CPAN (I recommend to check it out if you haven't already). It's good for socket scripts, manipulating data and renown for it's excellent regexp handling. The other things I like about Perl and Ruby is you can perform a Linux command and trap the output in a variable.
eg:
#!/usr/bin/perl -w
use strict;
my $user = `whoami`;
chomp($user); # usually there's a newline character at the end of the output.
print "You are " . $user . "\n";
I love this functionality. There is a way to do something similar in Python, but it's far more long winded.
Most programs on milw0rm are coded in C - but this is not really a scripting language, and not as easy to write a quick script on the fly, if needed to.
My conclusion is Ruby and Python are fine for pen testing, and generally do the same things - but Perl will always be my favorite :-)
well i think that c is more powerful than both languages, and is better for pen-testing.