Does learning Web Development make you a better Hacker?

I started to learn web development a couple of months ago. At the time when I started, I didn’t start because I wanted to become a better Hacker. I started out of a long-lasting curiosity. Coding always fascinated me, yet I always failed in my previous endeavors to learn to code.

Maybe I choose the wrong language, maybe I started out of the wrong reasons, I can’t tell for sure, but what I can tell is that I wasn’t able to stick with it.

The previous language I failed on where Python and Java. Python was too theoretical for me, I consider myself more of a visual learner (that’s why I prefer video lessons over written lessons as well.) I started Python a few times actually, yet I was never able to stick with it and eventually dropped it again.

As for Java, I don’t know why I even started learning Java. I wanted to build an app on Android, which turned out to be a bad idea. I hated Java. So the result was foreseeable – failure.

After my last try to learn Python, probably a year went by. A friend of mine, who had just absolved his coding boot camp, asked me, why I don’t learn web development? I haven’t thought about this until then, but considering that I am a visual learner, it made sense. I could write some code and get immediate feedback through a website. That sounded tempting, so I gave it a shot.

Becoming a better Hacker was part of my decision

Since I started hacking, most of my knowledge revolved around servers and networks (where I also consider myself a beginner still, at best). I never knew anything about Web Hacking.

So when I was working on a CTF or a Hacking challenge and I would come to a part where web hacking skills were required, I hit a wall. I wanted to change this, so I figured if I learn web development I probably would understand those things better naturally.

Hacking and Web Development are both very time-consuming topics on their own, doing them together takes a lot of dedication.

I also created a side-project in the same instance called Ceodev.io, because Ceos3c helped me a lot when I started with Cybersecurity. I probably wouldn’t be where I am today if I wouldn’t have created Ceos3c and started to teach other people.

How to start Web Development?

I did my fair share of research and after a while decided to go a classical Full-Stack Developer Route. This would enable me to learn everything from the front(end) to back(end). After long research, I decided to go for Colt Steele’s course on Udemy: The Web Developer Bootcamp. Although this course is a bit dated, I still found it to be the best web development course I have done so far.

Colt has a very special way of explaining things that somehow resonates with me. And after finishing this course, I was certainly able to build decent looking websites. In the meanwhile, I worked through other courses, but this is the topic of another article.

So the first thing you need to do is to decide for a stack if you want to go full-stack. After learning all the basics like HTML, CSS, JavaScript, Bootstrap, Node, Express and a couple more technologies, I am now studying React. React is a very popular JavaScript framework for building user interfaces.

I’m not gonna lie, I still struggle with JavaScript a lot, but daily practice makes things better, one step at a time.

I highly recommend spending a lot of time on learning JavaScript basics. If you still don’t fully understand the basics like loops, objects, arrays, conditionals, etc, you will struggle when you get to something like React.

It just so happens that Colt Steele created a brand new course for JavaScript, The New Modern JavaScript Bootcamp (2020). This course is somewhat special because, in this course, Colt Steele collaborates with Stephen Grider. Colt and Stephen are considered one of the best programming instructors on Udemy. If you research courses for learning Web Development, you will stumble over those two names over and over again.

I already bought the course myself and peeked into it, there is a lot of very useful content I can’t wait to dig in. My favorite part of this course is that you will build a Production-Grade Authentication app. Something you will need over and over again.

I list the courses I have gone through, in order, my favorite course is number one.

Web Development & JavaScript

  1. The Web Developer Bootcamp (Colt Steele) – A bit dated but still worth-while! Great explanations.
  2. The Modern JavaScript Bootcamp (Andrew Mead) – Awesome course, very beginner-friendly, LOTS of exercises!
  3. The New Modern JavaScript Bootcamp (Colt Steele + Stephen Grider) – Haven’t gone through, but class A material for sure.

React

  1. The Modern React Bootcamp (Colt Steele) – React, once you are done with the Basics.

So, how does this make me a better Hacker?

The more you know the more you see. I started Web Development about 4 months ago and did almost no Hacking practice within this time at all. I went back to doing CTF’s just a couple of days ago. I immediately recognized the difference when I looked at the source code of websites or code snippets in general. I understood way more than before. I got a lot more clues when looking at code that might be misconfigured.

I believe that the ability to put yourself in the shoes of a developer while running a pentest against an application can give you tremendous advantages in finding vulnerabilities. Learning to code also helps you to better understand logic and how to solve complicated problems, really testing your patience. A skill that is beyond value when you want to become a better Hacker.

Being able to read code also helps you to become a better Hacker, out for obvious reasons. If you learn one programming language, like JavaScript, it is way easier to pick up another language that can be useful for Hacking like Python, Ruby or simple shell scripting to write your own tools and make your workflow easier.

Also, being able to read code of exploits can be extremely helpful. If you do not understand what an exploit does and you just download and run some code on your computer, you put yourself at risk of getting compromised as well.

A lot of folks say “You don’t need to know how to code to become a Hacker! Superhacker XYZ doesn’t know how to code either!“. This phrase used to give me comfort, although, now, I disagree with it to an extent. While I believe you can become somewhat efficient at hacking just using the existing tools, I guarantee you that everyone who is considered a pro knows at least a bit of code and has written his / her own tools.

Coding is fun!

And yes, there is that. Coding is fun once you grasp the basics. There are countless programming challenges out there that will certainly put your gray brain cells to work. Once you start to be able to solve challenges on yourself, the fun begins. I get a similar sensation when solving CTF challenges and getting one step further to compromise a machine or get the oot flag.

Also, if you enjoy being creative, building websites may be a nice contrast to hacking away commands in a terminal. Working with CSS and generally working with UX design can be a lot of fun, at least it is for me. I enjoy designing things and creating something from scratch. I’m very bad at real drawing, so putting something beautiful together on the screen using code is kind of satisfying for me.

Conclusion

This should shed some light on why I think learning Web Development will make you a better Hacker. I believe, everyone should at least try to learn to program once in their life. Yes, it is challenging and it is going to be frustrating, but overcoming such a tremendous challenge can help you to understand what you are capable of if you put your willpower into it. If you want to get started with Cybersecurity and don’t know where to start, my full guide on how to get started with Cybersecurity might be a good starting point!

If you can learn to code, you can probably learn almost anything you put your mind to.

Tell us what you think!

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: