Python scripting: A tool you need to learn and use for cybersecurity
While many cybercriminals look to exploit new programming languages, one of the go-to tools cybersecurity experts and ethical hackers turn to is Python — a 30-year-old open-source language that is known for its functionality and ease of use. It is one of the most widely used programming languages in the tech industry.
“Python is fairly intuitive and easy to pick up — you can understand what’s going on without a ton of background knowledge,” said Infosec Skills author and cybersecurity expert Howard Poston. He recently released the Advanced Python Scripting for Cybersecurity learning path, which provides advanced skills for both offensive and defensive cybersecurity practitioners. He also has several other learning paths available, including Python for Cybersecurity.
Python is a valuable tool for system administrators for managing servers and logging and testing Web applications because simple words in plain English are used, making it easy to understand. It also has a large collection of libraries that make automation faster and easier. Poston explained that his learning path demonstrates how the advanced functionality in Python packages can be applied to automate multi-stage attack chains and defensive operations.
Why learn Python for cybersecurity?
Poston says that since so much of modern business is conducted by or with computers and software programs, it is vital to understand how Python works and how it can be used in cybersecurity.
“The advantage of Python for cybersecurity is if you need to automate something or do something quickly, Python is really easy to use, there are pre-written components that you can import or libraries you can import and it's fast,” he said. “Say I want to be able to encrypt data. Well, I can import this library that does all the encryption stuff. Python for cybersecurity is designed to make that, 'you need something quick' possible.”
Each of the six courses in Poston's new learning path contains real-life examples of tactics and techniques from the MITRE ATT&CK® Matrix for Enterprise — and how to counter these attacks. The Advanced Python Scripting for Cybersecurity learning path includes:
- Introduction to advanced Python for cybersecurity: Introduces Python and discusses the required environment, the MITRE ATT&CK and Shield frameworks, and outlines the structure of the course.
- Performing reconnaissance: Demonstrates the use of Python to automate the process of performing reconnaissance on a target environment.
- Gaining initial access: Demonstrates how Python can be used to automate a password-guessing attack to gain initial access to a target environment.
- Establishing command-and-control (C2): Demonstrates the use of Python to establish command-and-control channels between a target environment and the attacker's infrastructure.
- Finding credentials: Demonstrates the use of Python to collect information on a system, including both user credentials and other sensitive data.
- Defensive Python: Demonstrates the use of Python for network analytics to detect and hijack suspicious connections.
Each course builds to the next step using real-world scenarios, demonstrating how the automation Python can provide is helpful in cybersecurity.
“Python in general could be used for a lot of different roles. One example could be a digital forensics investigator could automate things for collecting information from a compromised machine to learn what's going on and then be able to address the attack,” he said.
Mastering "soft skills" is as important as learning software
Poston also says that in addition to technical skills, it is critical for anyone in cybersecurity to master so-called "soft skills" of communicating well with others. It’s something he weaves into the courses and demonstrates through his teaching style.
“If you're a penetration tester and you've undergone an engagement and done this really cool thing, it doesn't help if the client doesn't understand what you just did and how to fix it,” said Poston. “You failed at your job if you can’t effectively communicate what the problem is and how to fix it.”
Poston says learning to be a clear communicator is especially important in entry-level roles and will help anyone advance in their IT career, especially when it comes to cybersecurity.
“If I was hiring someone, I would be much more interested in finding someone who was genuinely passionate about learning more and sharing what they know than someone who has the technical chops, but they hate talking to people and they think they know everything.”
FREE role-guided training plans
Who is Python for?
Howard's new learning path was created specifically for current and aspiring IT and security professionals who are looking to improve their skills or transition their careers into new roles. It is perfect for a variety of roles, from penetration testers to SOC analysts, said Poston.
For those new to Python, Poston recommends checking out his introductory courses first before trying the advanced learning path. Check out his Python for Cybersecurity learning path for more details.
About Howard Poston
Howard Poston is a cybersecurity researcher with a background in blockchain, cryptography and malware analysis. He has a master’s degree in Cyber Operations from the Air Force Institute of Technology and two years of experience in cybersecurity research and development at Sandia National Labs. He currently works as a freelance consultant providing training and content creation for cyber and blockchain security.
Sources
- Expert instruction
- Hands-on labs
- Unlimited access
In this Series
- Python scripting: A tool you need to learn and use for cybersecurity
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity