Open in app

Sign in

Write

Sign in

How many programming languages should I learn for bug bounty hunting? (Day-4)

Sk Selim
4 min readAug 6, 2022

--

Hello guys, it’s Selim back here with another interesting article. In our previous article we learn what is the importance of computer networking in bug bounty hunting and how we can learn it, here is the 👉 link. Alright this is the 4th part (day-4) of our article check out our previous articles to get more clarity.

Photo by Kevin Ku on Unsplash

Basic Overview

What is Programming Language?
In simple terms, a programming language is a set of rules, commands and instructions that we give to a computer to perform a specific task.

Programming languages are needed to automate repetitive tasks, In the recon phase to scaling, mapping and understanding deeply your target you need to learn some web programming languages like- HTML(with little CSS), JavaScript, Bash, Python, PHP, ASP.NET, SQL etc. But to become a bug bounty hunter you don’t need developer-level knowledge of your target application, my suggestion would be if you are an absolute beginner don’t think I’ll wait for learning some programming then I’ll do bug bounty hunting trust me it’s a wrong approach! start as soon as possible, if you have a passion to do it if you love learning, exploring and researching like me 🤗.

Disclaimer !!!

All the programming languages are chosen for this article from web bug bounty hunting or web penetration testing perspective, it might differ if you are doing other kind of pen testing like- android app, desktop app, blockchain-based application etc.

HTML (with little CSS)

The HTML (HyperText Markup Language) is the standard markup language for documents designed to be displayed in a web browser. Basically, you can say this the skeleton of a website that’s why this the must learn languages for web bug bounty hunting and it’s very easy to learn language, so if you are complete beginner and you don’t have any previous coding experience start with this (try to learn a little CSS with HTML).

JavaScript

JavaScript is a dynamic programming language that’s used for web, android and games development, and lots more. If I explain it from web development perspective you can say this is the brain of a web application, it add some logic and dynamic functionality on application. Many types of injection vulnerability are connected to it that’s why I recommend to learn this language.

Bash

Bash Scripting is a powerful scripting language for Unix-Linux systems, to learn this language you have to have basic Linux knowledge, read my day-2 (Linux) article to get the basics idea about it. You can use this language to automate repeated tasks in system administration, development, penetration testing and bug bounty hunting domains. You if are a complete beginner you can skip this language for now.

Python

Python is like a sigma person in between so many programming languages, specially for cyber security even it’s my second favourite language after JavaScript. Python is a high-level, general-purpose language, meaning it can be used to create a variety of different tasks or programs.

PHP

PHP is an open-source server-side scripting language that many developers use for web and back-end development. It is used to manage dynamic content, databases, session tracking, even build entire complex application such as e-commerce, social media and streaming sites. You don’t need to do mastery on it, but learning this language (basics) would be very beneficial for you, for understanding and exploiting back-end related attack.

SQL

SQL stands for Structured Query Language, it’s a standard language for storing, manipulating and retrieving data in databases. To understand application data communication, how application back-end work, how database work with a application, how SQL injection work this language would be so beneficial for you.

Others

There are so many other languages like- ASP.NET, JAVA, Rubi etc, try to learn the basics syntax and fundamental level knowledge of these languages trust me it will give you 10x boost in bug bounty and applications security career. You don’t need to be a developer but as a security professional it’s required to read and review the source code of an application to fix a security vulnerability you have to be able to think like a malicious hacker, you have to think out of the box, you have to observed all stuff very deeply.

Learning Resources
Books-

  • HTML & CSS: Design and Build Web Sites
  • Eloquent JavaScript
  • PHP and MySQL Web Development
  • Programming Python: Powerful Object-Oriented Programming
  • Mastering Bash: A Step-by-Step Guide to working with Bash Programming and Shell Scripting

Website-

Youtube Channels-

That’s all guys, please feel free to inform me in the comment section if I did any kind of mistakes here in this article, I will be happy to learn from you🤗, okay I’ll come back with another interesting content about bug bounty hunting, till then keep learning, keep growing and take care of your health, love you all❤️

Bug Bounty
Programming
Ethical Hacking
Cybersecurity

--

--

Sk Selim

Written by Sk Selim

163 Followers

I'm Sk Selim, 23, a software developer, cybersecurity researcher, and hobbyist writer.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams