Tailored Cyber Security.

Where to start

This could be you... but with real code

You’ve made the decision to start programming. You’ve even hit up Code Academy and knocked out a whole bunch of their lessons. Now, you’re on your own in a big and scary world. You thought that once you knew how to code there would be endless things to program. However, now you’re sitting there with a project as blank as your computer screen.

First, do you have an integrated development environment or IDE? A solid choice for Windows development is Visual Studio. JetBrains has a pretty awesome Python IDE called PyCharm. Either way, pick your language and pick an IDE. I am also a huge supporter of VIM and a compiler. Now you’re ready to go forth and conquer.

We’re back to that empty project, now with at least an empty IDE. Perhaps you have a few grand ideas or maybe you have no ideas at all. Maybe you’re somewhere in between. Let’s start from the bottom.

I have no ideas. What do I do?

One idea is to recreate something you use all the time. For example, I started a project coding a network mapping tool that would mimic nmap. The tool is known for being very thorough. However, it’s also very loud on the network and quickly identified by network monitoring tools. Thus, I decided to use Python to recreate my own version of nmap. By doing this, I allowed myself to control every byte it sends across the wire. It also gave me a very specific to-do list for my project. My Python programming skill sky-rocketed and now I have my own network mapping tool.

Second idea is to automate something you do all the time. It could be something as simple as repetitious computer maintenance. The example I have was just a simple script but you could easily turn it into a full-fledged program. I wrote a script that would automate disk cleanup, defragmentation, virus scans, windows update, and a few other tasks. Don’t worry about the fact that some of this can be automated  through Windows settings. I had it run every week or so using Windows scheduled tasks. There was also a slew of checks it went through so it wouldn’t blindly run these typically time consuming operations. For example, if my disk was below 10% fragmented it wouldn’t run the defragmentation. You could get pretty creative with this kind of stuff so don’t hold back.

I have a few ideas that are so far beyond what I could dream of doing. What do I do?

This is a common issue for any dreamer. What I’d like to tell you is to keep dreaming. Break your dream down and turn it from a long-term goal to several shorter-term goals. One of my lofty plans is with artificial intelligence (AI). I’d like to leverage Cortana in Windows 10 to perform more advanced tasks at the sound of my voice. I always use metasploit as an example. If you’re unfamiliar with it then I’d check Google for answers. My idea is to say, “Cortana, migrate to explorer” or “Cortana, create a meterpreter payload to call back on TCP to my computer over port 443, then start the listener.” This kind of stuff isn’t too crazy to be honest. As long as I had some API to improve Cortana’s capabilities then I could do all of this. The next level would be to get “her” to alert me of things happening and execute a prescribed action or ask me what to do.

To continue down this road, we need to assume that I’ll have access to Cortana API. First, I’d need to get familiar with Cortana programming by doing some simple things. For example, requesting my tasklist or what PID explorer has might be a good place to start. I could also work on prescribed notifications/actions. For example, alert me if a connection is established on my computer from a specific IP address. The next step would be to kill said connection automatically. Cortana would say something like, “Sir, a connection was established from Bing but I killed it.”

It’s time to get wild. Get out there and get programming! Feel free to toss any of your ideas my way and I’ll do my best to help you out.

Leave a Reply