As stated in the title, what is the best language for coding hacker tools? For example, brute forcers, vulnerability scanners, and others.
+3
A:
Any really. Computer security tools are written in many languages.
Low-level tools that need to do networky stuff (e.g. nmap) are usually written in C or C++ as that gives them best access to low level libraries.
Perl is often used for security applications which involve lots of string pattern matching (as that is its conventional area of strength).
MarkR
2009-02-15 13:31:28
+3
A:
To list a few of the most popular tools
- Nmap (the best Security Scanner there is): C++ and Lua
- Nessus (Vulnerability Assessment tool): C++
- Metasploit (Exploitation Framework): Ruby
in answer to your question its really depends on what your doing, if your creating tools for a research project or for some proper other legit reason, C++ is probably the best choice as it has easy integration with lots of pre-existing for crafting packets etc. If your just creating something for the hell of it most of the scrIpt kIddi3 tools are written in perl and batch.
Mark Davidson
2009-02-15 13:49:12
A:
echox
2009-02-15 14:28:13
+1
A:
It's often a combination, and the answer depends on what you want to do. Let me give you an example. To get access to a website as an administrator you might need to use cross-site scripting attacks for which a good understanding of cookies, javascript and HTML parsing is needed.
This might give you access to more settings which aren't so well protected to feed SQL into the database which could give you access to more data.
On gaining passwords you might want to scan computers to see if any of these passwords can be reused in which case a language with good and easy to use string-handling and network libraries would be handy, maybe Perl, or C#.
And finally to get buffer overflow attacks to work, you need to understand how pointers, the memory model and so on for your target machine work, which might really need C or Assembler.
Assembler wouldn't help much with XSS, but Javascript isn't going to help much with buffer overflows.
So I guess to summarise: JavaScript, SQL, CSS, Html (especially parsing and escapes), Perl, C, Assembler, and Windows and Unix system programming will give you a "good" start :-). Or the alternative is just Google "script kiddie".
Nick Fortescue
2009-02-15 15:12:58
A:
Its just C and perl. most security related programes are writtern in c and perl
C library is good veryyy good
zed
2010-05-20 11:02:56
A:
A lot of exploits are written in Python or ruby. The Metasploit exploit framework was originally written in python, it has sense been entirely rewritten in Ruby. Metasploit is by far the largest Ruby project by lines of code.
Rook
2010-07-03 06:51:32
A:
From what I know a little, a combination of C and Assembly Language(TASM to be precise) is the best.
Isaac
2010-08-06 02:31:48
A:
For the security programs the best and essential languages are C , python , perl and assembly
Irfan
2010-08-09 19:00:56