As stated in the title, what is the best language for coding hacker tools? For example, brute forcers, vulnerability scanners, and others.
Any really. Computer security tools are written in many languages.
Low-level tools that need to do networky stuff (e.g. nmap) are usually written in C or C++ as that gives them best access to low level libraries.
Perl is often used for security applications which involve lots of string pattern matching (as that is its conventional area of strength).
To list a few of the most popular tools
- Nmap (the best Security Scanner there is): C++ and Lua
- Nessus (Vulnerability Assessment tool): C++
- Metasploit (Exploitation Framework): Ruby
in answer to your question its really depends on what your doing, if your creating tools for a research project or for some proper other legit reason, C++ is probably the best choice as it has easy integration with lots of pre-existing for crafting packets etc. If your just creating something for the hell of it most of the scrIpt kIddi3 tools are written in perl and batch.
It's often a combination, and the answer depends on what you want to do. Let me give you an example. To get access to a website as an administrator you might need to use cross-site scripting attacks for which a good understanding of cookies, javascript and HTML parsing is needed.
This might give you access to more settings which aren't so well protected to feed SQL into the database which could give you access to more data.
On gaining passwords you might want to scan computers to see if any of these passwords can be reused in which case a language with good and easy to use string-handling and network libraries would be handy, maybe Perl, or C#.
And finally to get buffer overflow attacks to work, you need to understand how pointers, the memory model and so on for your target machine work, which might really need C or Assembler.
Assembler wouldn't help much with XSS, but Javascript isn't going to help much with buffer overflows.
So I guess to summarise: JavaScript, SQL, CSS, Html (especially parsing and escapes), Perl, C, Assembler, and Windows and Unix system programming will give you a "good" start :-). Or the alternative is just Google "script kiddie".
Its just C and perl. most security related programes are writtern in c and perl
C library is good veryyy good
A lot of exploits are written in Python or ruby. The Metasploit exploit framework was originally written in python, it has sense been entirely rewritten in Ruby. Metasploit is by far the largest Ruby project by lines of code.
From what I know a little, a combination of C and Assembly Language(TASM to be precise) is the best.
For the security programs the best and essential languages are C , python , perl and assembly