Quick Disclaimer:-
I) I do not receive any kind of compensation from anyone or any organization for sharing my experience in his blog.
— -
Self-Intro:
Greetings, Everyone! 🌟
Hi all. The name’s Sharzun. An undergraduate in Electronics Engineering with a passion for Cybersec, namely Penetration Testing. As I mentioned in my previous story of my experience in taking the course, OpenSSL with Cheatsheet by Ed Harmoush from Udemy, I took the course, Python 101 for Hackers by Riley Kidd from TCM Security a couple of weeks ago, and finished it today, on the 12th of Aug 2023. This course is also available in Udemy, but I prefer taking it from TCM Sec, actually.
Python Intro:
Before I talk about the course, let me explain what is Python in the first place. Python is a high-level computer programming language that is usually used for various purposes, from data analysis to web development and many more. Long story short, it's a general-purpose programming language that is easy to understand and script. Many programming newbies learn Python as it is beginner-friendly programming and open source, meaning it is both free and there are many references out there for most of the problems one could face. Since Python is a programming language that is easy to learn and script, not only newcomers, but many hackers depend on this language for both good and bad intentions, like creating an automated bug-hunting tool or creating malware respectively for an instance.
Why Python 101 for Hackers from TCM:
I have already learned the basics of Python during my second year of university out of curiosity, which in the end came in handy in helping my teammates finish any projects that included Python. After all, I developed my final year project, a web crawling and web scraping system for business intelligence using Python (Scrappy & Pandas). Although I have learned the basics and although it is not compulsory, I felt I should understand how to use this scripting knowledge for hacking. So, I wanted to enroll in the course Python 201 for Hackers from TCM Security but unsure of the level of knowledge to learn it. In the pre-requisite of the course, they mentioned that it is an advantage if those who want to take this course, have the knowledge of the lessons from Python 101 for Hacker from the platform. So, I thought, why not? It would be a revision and refreshment of my basic knowledge, and I bought it.
Course Intro:
Python 101 for Hackers by Riley Kidd is an amazing Python introductory course. Although it mentioned ‘for Hackers’, I would recommend the course to anyone who wants to learn this language. Usually, my preference would be to take notes in a physical notebook, but this time I had to use a text file to type down all the tips he gave us during the course as the course is mainly hands-on. His teaching was so good and easy to understand and all the codes from his tutorial gave me a better understanding of the types of comprehension and types of loops.
Let’s dive into the course.
Part I (BASICS):
The course starts with an introduction to Python and lab setup. Once done with that, he taught us the basic lessons that are available in most of the other available courses out there on the Internet, such as variables, strings, numbers, Python comprehensions, and user input. Apart from these, some extra lessons in this basics were the way we can manipulate these data types and comprehension was so different that I assume no one has taught these in their respective courses. I assume that he has included these types of manipulation as the course is mainly for Hackers who want to learn Python. Furthermore, the course also includes the concept of error handling & exception which was a little new to me. I always wanted to learn it but never came to a situation where I had to use it. so, learning that in this course was a plus. And with this, the first part of the course is done.
Part II (ADVANCE):
The sole purpose of this course is for the Hackers. The second part is the part where any hacker could have enrolled in this course. This part extended the Python data types and comprehension, to the next level. We learned about Python package manager and virtual environments in this course. Simply put, the Python package manager (PIP) is for importing packages from many other sources for better performance and optimization. By default, pip installs packages onto a project’s global Python environment resulting in packages being accessible by all projects. The virtual environment on the other acts as the name indicates, a virtual environment that is used to test project scripting so that any installation, uninstallation, instability, or errors would not affect the main environment, also known as the global environment if I'm not mistaken. Some packages we learned in this part were the REQUESTS module for web crawling, the PWNTOOLS module for hacking, and the SYS module provides various functions and variables that are used to manipulate different parts of the Python runtime environment.
Part III (PROJECTS):
The last part is to apply all the knowledge we gained to several projects. The five sample projects we did in this course were SSH Login Bruteforcing, SHA256 Cracking, Web Login Bruteforcing, and exploiting unrestricted & restricted SQL injections. The first 2 courses usually have no issue for students to do, while the next 3 courses might give some scripting knowledge to the students, but could not help them experience the application of the projects as one needs a website to try the scripts. I do not have such a website. Although a simple website can be created using Flask or Django in a couple of hours, it is separate work for a student to learn it, even if he has to just copy available source codes on the Internet. And in the end, he showed us the importance of comments and commenting.
Personal gain:
I was able to understand the concept and application of the data types, comprehensions, and their manipulation in a much better way. Also, I learned something new about error handling and exceptions. Unlike in most of the courses, I applied my lessons to some projects, which let me understand the concept of the contents I learned in a much better way.
Improvements:
These are the issues I faced during the course and everyone might have a different issue based on their knowledge, hardware, and environment.
I) COMMENTS: Comments are very important in a programming language, especially when one is trying to learn the language, let alone a beginner. However, this part was mentioned in the very last part of the course. It is not a big issue as one can always Google how to comment for a specific language, but it would be better if this part was mentioned at the very beginning of the course.
II) PROJECTS: As mentioned previously, the last 3 projects could not be experienced by the students without a simple webpage. So, it could have been better if the instructor or the platform provided us with a simple webpage to try it out.
III) FILES: In the projects, there were several files containing some contents like passwords and usernames that were used to scan using the Python scripts. NONE OF THEM WERE AVAILABLE. I had to create my files containing my passwords and all. It would be better if the files were given to the students to test the scripts they did during the projects.
CONCLUSION:
These are some simple and not-so-serious cons of the course, and they were my issues. So, not a big issue. I am just mentioning them to let others know how the course is structured, that’s all. So, yeah. That was everything I wanted to say. I would recommend this course to ANYONE who wants to learn this language, not only for those who want to become a hacker. After all, learning how to script is not a requirement to be a hacker but an advantage. However, understanding others’ scripts is very important, to both secure and exploit the system. It’s an advantage to take this course from the TCM Security platform itself. However, they have recently moved to a subscription system, in which one has to subscribe for $30 per month to access the course. Maybe one month is enough for one to learn and finish this course, especially if they have some Python knowledge beforehand, as it took me only 3 weeks to complete this course while taking care of our family business. $30 is quite affordable for some, but for those who are living in a 3rd world country, it could be a drag. I was lucky to get this course during their sales last year, and I OWN THIS COURSE to learn. For the new learners, however, they could not do it as the price could be high, and the time could not be enough. In my country, $1 is x4.5 of my country’s currency value.
So, if you can afford it both financially and time-wise, please go through TCM Security. In case you can’t afford it financially, there are many normal Python courses available on the Internet, especially on YouTube. This course, Python for Beginners from FreeCodeCamp is my second Python ‘course’ I used to script in Python. My first course was in my mother tongue, so I am not including that in this story. Once you have mastered the basics, you can choose some simple project ideas from the internet and try applying the knowledge. If you want to OWN the course, you can get this course from Riley Kidds’ UDEMY page. Though I took this course to get the knowledge as a pre-requisite for Python 201 for Hackers, I am going to focus on learning some IT and NETWORKING for a while before going for Python 201. Let’s see how it goes.
For now, it’s time for me to sign off 😉.
Till then, Peace Out! ✌🏼
REFERENCES:
Python 101 for Hackers by Riley Kidd from TCM SECURITY
Python 101 for Hackers by Riley Kidd from UDEMY
Python 201 for Hackers by Riley Kidd from TCM SECURITY
Python 201 for Hackers by Riley Kidd from UDEMY
Python for Beginners by FreeCodeCamp from YouTube
