Skip to content

Programming Cheatsheets

You know that saying in security? "Programming is the cure for script kiddies." It's true, but here's the thing: it's not just about using tools. You need to understand how they work, tweak them, build your own, and solve problems that nobody's solved before.

These cheatsheets won't teach you everything, though they cover a ton. Think of them as your quick reference guide. When you're a security pro, you'll need to write code fast, read code you've never seen, and build tools that actually work. That's what these are for. And remember, you own your brain.

Here's how to use them:

  • Learning something new? Start with the basics, then skip right to the security stuff when you're ready.
  • Need a quick reminder? Check the table of contents. You'll find exactly what you need in seconds.
  • Building something cool? Jump to the cookbook sections for real world examples you can actually use.
  • Focus on security? Most of these include security specific sections and common vulnerabilities you should know about.

Available Cheatsheets

Core Languages

Systems and Low Level:

  • C The language that literally runs everything. It's low level, you manage memory yourself (yes, that means you can mess things up), and you'll learn about security vulnerabilities the hard way. Once you get C, you'll finally understand how computers actually work under the hood. Check out Reverse Engineering Basics too if you want to see it in action.

  • C++ Think of it as C but with object oriented superpowers. It has templates, the Standard Template Library (STL), and all the modern stuff you wish C had. Use it when you need C's raw power but want nicer abstractions.

  • Rust Memory safety without garbage collection? Sounds impossible, but Rust pulls it off. Perfect for system programming when you care about safety. The borrow checker will drive you crazy at first, but trust me, it'll grow on you.

High Level and Modern:

  • Python This language does everything. Seriously. Scripting, automation, web stuff, data analysis, hacking tools. You name it. Need to get something done yesterday? Python probably has a library for it already.

  • Java It's verbose, sure, but powerful too. Great for enterprise apps, Android development, and the whole JVM ecosystem. The tooling is excellent, which makes up for all those extra lines of code.

  • Go Google built this when they got tired of C++ being too complicated and Python being too slow. Modern systems programming with concurrency baked right in. Simple syntax, fast compilation, perfect for network tools and APIs.

Web Development

  • HTML/CSS The foundation of everything web related. It's markup and styling, simple as that. You might not build websites, but knowing HTML/CSS will make your web app security testing way easier.

  • JavaScript It runs the browser (and Node.js runs it on servers too). It's asynchronous by default, which is cool but also confusing sometimes. Powerful? Absolutely. Quirky? You bet. You'll need to know it if you're doing web security work.

  • TypeScript JavaScript but with types. It catches your mistakes before your code even runs, and it makes big projects actually manageable. Doing serious web development? You'll want TypeScript.

  • PHP Powers a huge chunk of the internet (WordPress, for example). Server side web development at its finest. Want to test web apps? You'll need to understand PHP vulnerabilities.

Scripting and Automation

  • Bash The shell scripting language that powers Linux and macOS. You'll use it for system admin work, automation, parsing logs, and building security tools. If you're typing commands in a terminal, you're probably using bash (or something that acts like it).

  • PowerShell Windows automation done right. It's object oriented, incredibly powerful, and it works cross platform now. Working with Windows? You can't live without PowerShell.

Mobile and Specialized

  • Kotlin Modern Android development, basically. It's way more concise than Java, plays nice with Java code, and Google officially wants you to use it for Android.

  • SQL Talk to databases and get what you need. You'll use it for database security testing, data analysis, and pretty much anything involving databases. Learn it well.

  • Regex Pattern matching superpowers. One of the most useful tools you'll ever learn for processing text, analyzing logs, and extracting data. Spend time on this one. You won't regret it.

Quick Start Guide

Never programmed before? Start with Python. It's friendly, readable, and you'll use it constantly for security work.

Working with web apps? Learn JavaScript first, then figure out how browsers actually work under the hood.

Doing system admin or automation? Bash is essential. Use PowerShell if you're stuck on Windows.

Building tools that need to be fast? Check out Go or C/C++. They're not the easiest, but they're fast.

Doing security testing? Python, Bash, and JavaScript will cover 90% of what you need.