April 27, 2014 · reflection

Reflection of my Programming Skills as a Security Researcher

I've been programming for a good three years now, and I only recently realised a few things which have really taught me that programming isn't something acquired over time, but rather something acquired through the effort you put into semantically correct and understandable code.

1. I've always rushed to push code

Unlike most conventional programmers, I started programming because I needed to. I was heavily involved in infosec and knew that I could only further my hobby, interests and job, if I started programming and understanding what I was actually attacking / breaking into. Not only that, at the time I was heavily involved in the exploitation of web applications - and I wanted to automate as much as I could.

I started with Python. It was great, I was able to expand my scopes ridiculously. Progressing from the time that I made an automated Coldfusion exploitation kit, to now where I make scripts on the go to aid my research and projects.

My high life in Python was definitely when I picked up the CherryPy framework and delved deep into all aspects of web development, from design/templating, secure architecture, user experience and databases. Not only did I understand the joys of being a developer, I understood the potential of being one too - where there was no such thing as being limited.

2. I've never taken great pride in code itself, but rather its outcome

Yup. That's another problem. Every time I find myself programming, I usually am not fussed by how my code looks or how correct it is semantically. This is wrong and moreso, it is selfish. Because I don't maintain code as much as I am supposed to, others struggle to come to terms with it and ultimately it isn't as great as it could have been.

3. Working with other programmers is hard

Just recently, I've had to work with programmers which have much more programming experience than myself. When reflecting upon their code and back to mine, I wish that the above two points were non-existant - however, sadly, they aren't. My programming buddies (brogrammers) have excellent style and ettiquite when programming, which I am very envious about.

4. Solution?

I need to start taking care of the code I produce, take my time and always imagine that there are people looking at it and inspecting what it does. Perhaps, remembering some advice and rants from my programming friends will keep me in line.

Since I have realised how terrible my programming has become for others over the past few months - I've taken the initiative and path to cleaner and more elegant code.

You can view some of my newer snippets of code @ GitHub.

Comments powered by Disqus