5 Programming Languages You Need To Know
Introduction
Programming has been around for quite some time now, and like cyber security, only increasing in popularity and relevance. While there is a lot of programming languages out there, some are more common to see than others.
The great thing about programming is that once you learn one language, learning the next comes easier. That being said, some languages are known for being much more difficult than others, or simply created as a joke or to be hard. These languages are not that useful to learn as they only are made as a joke or challenge.
In this article, five of the prevalent and useful programming languages will be looked at and examined. This will cover a brief history of them, how they are used today, and more.
C
C was created in 1972 by Dennis Ritchie. While it was initially created to build OSs(operating systems), it has expanded and many programs can be built in C now. However OS development and compiler development still remain big features.
GeeksforGeeks says gives this following structure of a C program.
- Header
- main()
- Variable Declartion
- Body
- Return
In this code snippet we can see this structure. First the header files are listed. Then another function is declared, however this could be written after the main method as well, both are correct. Next comes the main method, and inside the main method the body and return statement.
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
int check_password(char *password){
int correct = 0;
char password_buffer[16];
strcpy(password_buffer, password);
if (strcmp(password_buffer, "actualpw") == 0) {
correct = 1;
}
return correct;
}
int main (int argc, char *argv[]) {
if (argc < 2) {
puts("Please enter your password as a command line parameter.");
} else {
if (check_password(argv[1])) {
printf("Password correct.\n");
} else {
printf("Wrong password.\n");
}
}
return 0;
}
//https://github.com/LauraWartschinski/overflow_with_joy
Besides being a base for many programs, OS, and compilers, C actually has inspired and helped along other languages, Java, JavaScript, PHP, C++ and more all been written with C’s syntax in mind. Before the C program is run, it needs to be compiled first, there are different C compilers out there, most commonly gcc which comes with the Linux OS by default on most systems.
C allows to user to manage memory at a very low level, which can be good for advanced usage when controlling memory is important, but daunting for beginners. The use of pointers is also possible in C because of how low level it is.
Because of how level C is, viruses and malware often will use this language to be programmed in. Interacting with the system is possible in C in many ways and viruses can exploit this.
Java
Java was initially developed by James Gosling in 1995, who made the program for interactive television. While Gosling initially created Java at Sun Microsystems, it has since become part of Oracle Corporation.
This is an Object Orient Language(OOL), which Techopedia quotes as
Object-oriented language (OOL) is a high-level computer programming language that implements objects and their associated procedures within the programming context to create software programs.
Object-oriented language uses an object-oriented programming technique that binds related data and functions into an object and encourages reuse of these objects within the same and other programs.
import java.util.Scanner;
public class EvenOdd {
public static void main(String[] args) {
Scanner reader = new Scanner(System.in);
System.out.print("Enter a number: ");
int num = reader.nextInt();
if(num % 2 == 0)
System.out.println(num + " is even");
else
System.out.println(num + " is odd");
}
}
//https://www.programiz.com/java-programming/examples/even-odd
The structure of a java program is very much similar to C. First you specify modules to include, for example the Scanner. Here you could specify other java Classes you have written.
Then you specify the class name, the file name must be the same as the class name. In this example the file would have to be named EvenOdd.java
Next comes the main method, although like C, other methods could come before it. The main method in Java is always public static void main(String[] args). Next comes the main body which contains the program, returning from the main method in java is not necessary. This program simply checks if the number a user gives is even or odd.
Java is used everywhere today. It is used in generic programming, gaming, mobile devices, e-commerce and much much more. It has been and still is very popular.
97% of Enterprise Desktops run Java.
89% of Desktops (or Computers) in the U.S. run Java.
9 Million Java Developers worldwide.
3 billion mobile phones run Java.
100% of Blu-ray Disc Players ship with Java.
125 million TV devices run Java.
WHAT IS JAVA AND WHY IS IT IMPORTANT? – CODE INSTITUTE
Java is not run the same as C, instead it is converted into bytecode. This bytecode is then read by the Java Virtual Machine(JVM). The bytecode is saved as a .class file. When the program is finally run, it is compiled into machine code and read by the machine. Since java uses the JVM, it makes it extremely portable and can run run on nearly any system.
This is a great language to learn for beginners, as it is a high level object oriented language and can teach key concepts such as classes, methods and objects is a good way. While other languages have support for objects such as python, they are not object oriented. Java is so good that my first programming course in university and in high school taught Java.
JavaScript
Firstly, Java and JavaScript have no relationship to each other, in other words, Java and JavaScript are similar like Car and Carpet are similar. JavaScript was created in 1995 by Brandan Eich. Eich worked for Netscape at the time. Netscape was initially involved in the early days of the internet and had it’s own web browser.
JavaScript today is used in web development. Springboard Blog says it is a “primarily a client-side language, meaning it runs on your computer within your browser. However, more recently the introduction of Node.js has allowed JavaScript to also execute code on servers.”
Along with HTML and CSS, JavaScript is used to build dynamic webpages in which there is numerous functionalities. While HTML and CSS can be considered markup languages, JavaScript is a programming language. Scripts are either hosted in separate .js files and hosted in another directory, or used directly on the webpage by using the <script> tag in the HTML. The JavaScript goes in between the starting script tag and ending script tag.
<!DOCTYPE html>
<html>
<body>
<h2>What Can JavaScript Do?</h2>
<p id="demo">JavaScript can hide HTML elements.</p>
<button type="button" onclick="document.getElementById('demo').style.display='none'">Click Me!</button>
</body>
</html>
https://www.w3schools.com/js/tryit.asp?filename=tryjs_intro_hide
Java and JavaScript are similar like Car and Carpet are similar
WHAT’S THE DIFFERENCE BETWEEN JAVASCRIPT AND JAVA? – STACK OVERFLOW
JavaScript is actually run in the browser and does not need compiled like C and Java. This makes it an interpreted language. Technically it is compiled using the Just In Time compiler as each line is about to run, it is compiled.
With JavaScript, learning HTML, CSS and PHP is a good idea, as these are all web technologies. Learning all of these and understanding them will help you understand the others and learn them easier.
PHP
PHP(PHP: Hypertext Preprocessor) was created in 1994 by Rasmus Lerdorf. However the first version available to others was released in 1995. This is an example of scripting language like JavaScript. This means it does not have to be compiled before running it. PHP typically runs on the server side.
Many notable sites use PHP today as well. These include Facebook, WordPress Sites, Wikipedia, Yahoo and many many more.
A PHP file is identified by the .php extension. However it can be included directly in the HTML of a page using <?php>. Typically a PHP file would not be called in the HTML form itself, but called by AJAX using JavaScript. However, it could be done using the <script> tag.
?php
// Include config file
require_once "config.php";
// Define variables and initialize with empty values
$username = $password = $confirm_password = "";
$username_err = $password_err = $confirm_password_err = "";
// Processing form data when form is submitted
if($_SERVER["REQUEST_METHOD"] == "POST"){
// Validate username
if(empty(trim($_POST["username"]))){
$username_err = "Please enter a username.";
} elseif(!preg_match('/^[a-zA-Z0-9_]+$/', trim($_POST["username"]))){
$username_err = "Username can only contain letters, numbers, and underscores.";
} else{
// Prepare a select statement
$sql = "SELECT id FROM users WHERE username = ?";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "s", $param_username);
// Set parameters
$param_username = trim($_POST["username"]);
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
/* store result */
mysqli_stmt_store_result($stmt);
if(mysqli_stmt_num_rows($stmt) == 1){
$username_err = "This username is already taken.";
} else{
$username = trim($_POST["username"]);
}
} else{
echo "Oops! Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Validate password
if(empty(trim($_POST["password"]))){
$password_err = "Please enter a password.";
} elseif(strlen(trim($_POST["password"])) < 6){
$password_err = "Password must have atleast 6 characters.";
} else{
$password = trim($_POST["password"]);
}
// Validate confirm password
if(empty(trim($_POST["confirm_password"]))){
$confirm_password_err = "Please confirm password.";
} else{
$confirm_password = trim($_POST["confirm_password"]);
if(empty($password_err) && ($password != $confirm_password)){
$confirm_password_err = "Password did not match.";
}
}
// Check input errors before inserting in database
if(empty($username_err) && empty($password_err) && empty($confirm_password_err)){
// Prepare an insert statement
$sql = "INSERT INTO users (username, password) VALUES (?, ?)";
if($stmt = mysqli_prepare($link, $sql)){
// Bind variables to the prepared statement as parameters
mysqli_stmt_bind_param($stmt, "ss", $param_username, $param_password);
// Set parameters
$param_username = $username;
$param_password = password_hash($password, PASSWORD_DEFAULT); // Creates a password hash
// Attempt to execute the prepared statement
if(mysqli_stmt_execute($stmt)){
// Redirect to login page
header("location: login.php");
} else{
echo "Oops! Something went wrong. Please try again later.";
}
// Close statement
mysqli_stmt_close($stmt);
}
}
// Close connection
mysqli_close($link);
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Sign Up</title>
<link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.5.2/css/bootstrap.min.css">
<style>
body{ font: 14px sans-serif; }
.wrapper{ width: 360px; padding: 20px; }
</style>
</head>
<body>
<div class="wrapper">
<h2>Sign Up</h2>
<p>Please fill this form to create an account.</p>
<form action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]); ?>" method="post">
<div class="form-group">
<label>Username</label>
<input type="text" name="username" class="form-control <?php echo (!empty($username_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $username; ?>">
<span class="invalid-feedback"><?php echo $username_err; ?></span>
</div>
<div class="form-group">
<label>Password</label>
<input type="password" name="password" class="form-control <?php echo (!empty($password_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $password; ?>">
<span class="invalid-feedback"><?php echo $password_err; ?></span>
</div>
<div class="form-group">
<label>Confirm Password</label>
<input type="password" name="confirm_password" class="form-control <?php echo (!empty($confirm_password_err)) ? 'is-invalid' : ''; ?>" value="<?php echo $confirm_password; ?>">
<span class="invalid-feedback"><?php echo $confirm_password_err; ?></span>
</div>
<div class="form-group">
<input type="submit" class="btn btn-primary" value="Submit">
<input type="reset" class="btn btn-secondary ml-2" value="Reset">
</div>
<p>Already have an account? <a href="login.php">Login here</a>.</p>
</form>
</div>
</body>
</html>
PHP is actually implemented from C, so it’s syntax yet again looks similar to C yet again, like JavaScript and Java. The noteworthy difference between C and Java, and JavaScript and PHP is how a main method is not needed to run the program in the latter. This is because of the compiler, or lack of.
While this language is widely used, there is some debate on the complexity level of it. Some claim it is one of the easiest languages to learn, however a lot claim it is extremely hard. There is evidence for both sides, in fact it seems is quite hard to write “clean” PHP code, as PHP, HTML and JavaScript can all be mixed together. Combine this with the fact PHP has numerous frameworks etc…
So for PHP, make sure to understand JavaScript and HTML as well, as all 3 of these work in conjunction with each other.
Python
First things first, what exactly is Python? Well the official documents say
Python is an interpreted, interactive, object-oriented programming language. It incorporates modules, exceptions, dynamic typing, very high level dynamic data types, and classes. It supports multiple programming paradigms beyond object-oriented programming, such as procedural and functional programming. Python combines remarkable power with very clear syntax. It has interfaces to many system calls and libraries, as well as to various window systems, and is extensible in C or C++. It is also usable as an extension language for applications that need a programmable interface. Finally, Python is portable: it runs on many Unix variants including Linux and macOS, and on Windows.
General Python FAQ — Python 3.9.6 documentation
Python was created in 1991 by Guido van Rossum. However work on the project started in the late 1980s. The name comes from BBC’s TV Show – ‘Monty Python’s Flying Circus’. Today Python is used by millions, individuals, to large companies alike.
Unlike C, Python is an amazing language for beginners. It is a scripting language, so no compilation is needed. It is very high level and easy to understand. These are all reasons why Python is great to start out with.
It can be used for advanced programs too, such as detecting a DDOS attack on a network, or exploiting a vulnerability in a penetration test. Python is a very versatile language and many many things can be and are being done with it. It has many libraries to support this. Machine learning is very popular in Python. Data analysis is another field which Python excels at. Graphs can even be generated from data in Python making this a great choice. The possibilities are quite endless!
import argparse
import datetime
import sys
import pyshark
# TShark is needed
# ArgumentParser Setup
parser = argparse.ArgumentParser(
description="This program Reads a PCAP File And Determines "
"Whether A DOS or DDOS Attack Happened For a Given IP Address and Port \n"
"Detection Via Number of Connections in 1 Minutes and SYN/ACK Without ACK Packets")
parser.add_argument(
"ip",
action="store",
help="Destination IP Address To Test For")
parser.add_argument("file", action="store", help="PCAP File to Read")
parser.add_argument(
'-p',
"--port",
action="store",
dest="port",
type=int,
default=80,
help="Destination Port to Filter For, Default is Port 80(HTTP)")
parser.add_argument(
'-v',
"--verbose",
action="store_true",
dest="verbose",
help="Enable Verbose Output")
parser.add_argument(
'-o',
"--output",
action="store",
dest="output",
help="Output File, Specify No Options For Standard Out")
parser.add_argument(
'-c',
"--connections",
action="store",
dest="connections",
type=int,
default=50,
help="Theshold Limit For Number of Connections Per Minute, Default 50")
parser.add_argument(
'-s',
"--SYNACK",
action="store",
dest="synack",
type=int,
default=50,
help="Theshold Limit For SYN/ACK Packets Without ACK, Default 50")
if len(sys.argv) == 1:
parser.print_help(sys.stderr)
sys.exit()
args = parser.parse_args()
# Opening And Filtering PCAP File
pcap = pyshark.FileCapture(
args.file,
display_filter=f"ip.dst=={args.ip} and tcp.port == {args.port}")
print(f"Opening File: {args.file}")
print(f"Checking For DOS or DDOS Attack on {args.ip}")
if args.verbose:
print(
f"Filtering traffic: Destination IP = {args.ip} : Destination or Source Port = {args.port}")
print(f"TShark Filter : ip.dst=={args.ip} and tcp.port == {args.port}")
pcap.load_packets()
# Initializing Detection Variables and DDOS Flags
syn_ack_count = 0
number_of_connections_in_one_minute = 0
connections_at_detection = 0
too_many_connections = False
SYN_Flood = False
if args.output is not None:
print(f"Writing Packet Data To {args.output}")
f = open(f"{args.output}", "w")
f.write(f"Writing Packet Data To {args.output}")
for packet in pcap:
try:
# Grabbing The Protocol, Source IP And Port, And Destination IP And Port And Printing It
# If It Does Not Exist, Disregard The Packet
protocol = packet.transport_layer
src_addr = packet.ip.src
src_port = packet[packet.transport_layer].srcport
dst_addr = packet.ip.dst
dst_port = packet[packet.transport_layer].dstport
if args.output is not None:
f.write(
f"{protocol} {src_addr}:{src_port} --> {dst_addr}:{dst_port}\n")
else:
print(f"{protocol} {src_addr}:{src_port} --> {dst_addr}:{dst_port}")
except AttributeError as e:
print("AttributeError")
continue
# First Pass Through In The 1 Minute Time, Increment
# number_of_connections_in_one_minute And Grab The Timestamp
if number_of_connections_in_one_minute == 0:
number_of_connections_in_one_minute = number_of_connections_in_one_minute + 1
previous_timestamp = packet.sniff_time
continue
# Grab The Timestamp and Compare
else:
current_timestamp = packet.sniff_time
difference = current_timestamp - previous_timestamp
# If The Difference Is Bigger Than 60 Seconds(1 Minute), Check
# number_of_connections_in_one_minute
if difference.total_seconds() > 60:
# If number_of_connections_in_one_minute Than The Threshold, Set A Flag to True
# To Indicate DDOS Or DOS Attack Via Too Many Connections
if number_of_connections_in_one_minute > args.connections:
connections_at_detection = number_of_connections_in_one_minute
too_many_connections = True
# If number_of_connections_in_one_minute Is Less Than The Threshold, Reset
# number_of_connections_in_one_minute And The Timestamp
else:
number_of_connections_in_one_minute = 0
previous_timestamp = datetime.datetime.utcfromtimestamp(
packet.sniff_time)
# If 1 Minute Has Not Passed, Increment
# number_of_connections_in_one_minute
else:
number_of_connections_in_one_minute = number_of_connections_in_one_minute + 1
# Reload The PCAP File With Different Filters For SYN FLood Detection
pcap.close()
pcap = pyshark.FileCapture(
args.file,
display_filter=f"ip.addr =={args.ip} and tcp.port == {args.port} and (tcp.flags==0x12) and not tcp.analysis.initial_rtt")
pcap.load_packets()
# Printing Verbose Output
print("\n\n\n-----------------------------------------------------")
if args.verbose:
print(
f"Filtering traffic: SYN/ACK and the Initial RTT Exists For {args.ip}:{args.port} - Looking For Half Open Connections")
print(
f"TShark Filter : ip.addr =={args.ip} and tcp.port == {args.port} and (tcp.flags==0x12) and not tcp.analysis.initial_rtt")
if(args.output is not None):
print(f"Writing SYN/ACK packets without ACK to {args.output}")
f.write(f"Writing SYN/ACK packets without ACK to {args.output}\n\n\n")
else:
print("Showing SYN/ACK without ACK")
for packet in pcap:
# Grabbing The Protocol, Source IP And Port, And Destination IP And Port And Printing It
# If It Does Not Exist, Disregard The Packet
try:
protocol = packet.transport_layer
src_addr = packet.ip.src
src_port = packet[packet.transport_layer].srcport
dst_addr = packet.ip.dst
dst_port = packet[packet.transport_layer].dstport
if(args.output is not None):
f.write(
f"{protocol} {src_addr}:{src_port} --> {dst_addr}:{dst_port}\n")
else:
print(f"{protocol} {src_addr}:{src_port} --> {dst_addr}:{dst_port}")
except AttributeError as e:
print("AttributeError")
continue
# Increment syn_ack_count As Each Packet That Was Not Filtered Out Is
# Incomplete
syn_ack_count = syn_ack_count + 1
# If syn_ack_count Is Greater Than The Threshold, Set A Flag To True To Indicate DDOS
# Or DOS Via SYN Flood
if syn_ack_count > args.synack:
SYN_Flood = True
# Check If DDOS or DOS Flags Are Set And Print Detection Plus What Flag
# Triggers
print("\n\n\n-----------------------------------------")
if too_many_connections or SYN_Flood:
print(f"DDOS Attack Detected For {args.ip}:{args.port}")
if args.verbose:
print(
f"Connections in 1 Minute at Detection : {connections_at_detection}")
print(f"SYN/ACK Packets Without ACK : {syn_ack_count}")
if too_many_connections and SYN_Flood:
print("Detection Triggered From Too Many Connections In 1 Minute and Too Many SYN/ACK Packets Without ACK")
elif SYN_Flood:
print("Detection Triggered From Too Many SYN/ACK Packets Without ACK")
else:
print("Detection Triggered From Too Many Connections In 1 Minute")
if args.output is not None:
f.write(f"DDOS Attack Detected For {args.ip}:{args.port}")
if args.verbose:
f.write(
f"Connections in 1 Minute at Detection : {connections_at_detection}")
f.write(f"SYN/ACK Packets Without ACK : {syn_ack_count}")
if too_many_connections and SYN_Flood:
f.write(
"Detection Triggered From Too Many Connections In 1 Minute and Too Many SYN/ACK Packets Without ACK")
elif SYN_Flood:
f.write(
"Detection Triggered From Too Many SYN/ACK Packets Without ACK")
else:
f.write("Detection Triggered From Too Many Connections In 1 Minute")
else:
if(args.output is not None):
f.write(f"No DDOS Attack Detected For {args.ip}:{args.port}")
print(f"No DDOS Attack Detected For {args.ip}:{args.port}")
Unlike the other languages here Python does not use semi-colons, instead it uses spaces to keep track of the end of a line. In addition all the indentation levels must be kept equal. This means you won’t have to keep track of a missing semi-colon, however a spacing issue is very easy to make too.
Notable Mentions
While they did not make this list for an explanation, other languages do exist which are very useful to learn. So here are 5 more languages to look into
- Go
- Swift
- SQL
- Perl
- Rust
Conclusion
In all, programming is a huge field and only expanding. Now is a perfect time to dive into the world of programming. These 5 languages can be your starting point on your journey into code, or serve as a reference point to which one you will learn next!
Java and Python serve as excellent starting languages for beginners as they are high level and deal with memory automatically. JavaScript and PHP may not be starting languages, but if you are interested in web development, they are crucial to know.
Finally there is C, while is it not as friendly as the others, the power of it cannot be disputed. Allowing you to manage memory and work with the system is needed sometimes, and C is the language to do so.
