CSY103 Week 01 Beginner

Programming accelerates everything else in security:

Programming Fundamentals

Track your progress through this week's content

Opening Framing: Beyond Point-and-Click Security

In CSY101, you learned security principles. In CSY102, you explored how operating systems enforce those principles. Now we ask: how do security professionals actually do security work at scale?

The answer is programming. Security professionals who can't program are limited to using tools others built. Security professionals who can program build their own tools, automate their workflows, understand attacks at a deeper level, and can respond to novel threats that no existing tool handles.

This isn't about becoming a software developer. It's about becoming a more effective defender. A SOC analyst who can write a Python script to parse logs is 10x more effective than one who can't. A penetration tester who can modify exploits understands them better than one who just runs them.

Key insight: Programming is a force multiplier for security work. Every hour you invest in learning to code pays dividends across your entire career.

1) The Security Case for Programming

Why do security professionals need to code? Consider these real scenarios:

  • Log Analysis: Your SIEM missed something. You need to search through 10GB of logs for a specific pattern. A script does this in minutes; manual searching takes days.
  • Automation: You need to check 500 servers for a specific vulnerability. A script checks all 500 while you sleep; manual checking takes weeks.
  • Tool Customization: An existing tool almost does what you need but not quite. With programming skills, you modify it or build something better.
  • Malware Analysis: Understanding what malware does requires reading code. The malware author programmed it; you need to understand programming to reverse it.
  • Incident Response: During an incident, you need to quickly extract IOCs from memory dumps, correlate events, and automate containment. Scripts make this possible.

Key insight: Programming isn't optional for serious security work—it's foundational. The question isn't whether to learn; it's how quickly you can become proficient.

2) Python: The Security Professional's Language

We'll use Python throughout this course. Why Python specifically?

  • Readability: Python code reads almost like English. This makes learning easier and code more maintainable.
  • Ecosystem: Thousands of security-focused libraries exist—for network analysis, cryptography, web scraping, forensics, and more.
  • Industry Standard: Most security tools are written in Python or have Python bindings. Metasploit modules, SIEM integrations, threat intelligence platforms—all use Python.
  • Rapid Prototyping: You can go from idea to working script in minutes. During incidents, speed matters.
  • Cross-Platform: Python runs on Linux, Windows, and macOS without modification. Your scripts work everywhere.

Python isn't the only language security professionals use. You'll encounter Bash scripting, PowerShell, JavaScript, and possibly C/C++ for low-level work. But Python is the best starting point and the most versatile.

Key insight: Learning Python opens doors to virtually every area of cybersecurity. It's the "Swiss Army knife" of security programming.

3) Your First Python Concepts

Let's understand the basic building blocks before we write code:

Scripts vs. Programs: A script is a text file containing instructions that Python executes line by line. Unlike compiled programs, you can read and modify scripts directly. This makes them perfect for security work where you often need to tweak and adapt quickly.

The Interpreter: Python is an "interpreted" language. When you run a Python script, the Python interpreter reads your code and executes it immediately. No compilation step needed. This enables rapid iteration.

Syntax: Every language has grammar rules. Python's syntax is strict about indentation (spaces matter!) but forgiving in other ways. We'll learn the rules as we go.

The "Hello World" Tradition: Every programming journey starts with a simple program that outputs "Hello World." Ours will be security-themed: 

print("Hello, Security World!")
print("Your first line of defense starts with code.")

Key insight: Python scripts are just text files with a .py extension. There's no magic—just instructions the computer follows exactly as written.

4) The Development Environment

To write Python code, you need:

  • Python Installed: The Python interpreter that runs your code. We'll use Python 3.x (never Python 2, which is obsolete).
  • A Text Editor or IDE: Where you write your code. VS Code is recommended—it's free, powerful, and has excellent Python support.
  • A Terminal: Where you run your scripts. On Linux/macOS, use the built-in terminal. On Windows, use PowerShell or Command Prompt.

The Workflow:

  1. Write code in your editor and save as script_name.py
  2. Open terminal and navigate to the file's location
  3. Run with python3 script_name.py (or python script_name.py on Windows)
  4. See output, fix errors, repeat

Key insight: Your development environment is your workshop. Invest time setting it up properly—syntax highlighting, linting, and a comfortable terminal make coding much more pleasant.

5) Thinking Like a Programmer

Programming is less about memorizing syntax and more about developing a problem-solving mindset:

Decomposition: Break big problems into smaller ones. "Analyze this log file" becomes: open file → read lines → check each line for pattern → collect matches → output results.

Precision: Computers do exactly what you tell them—nothing more, nothing less. If your script doesn't work, the bug is in your instructions, not in the computer's interpretation.

Iteration: Your first version won't be perfect. Write something that works, then improve it. This is especially true in security where you often start with a rough script during an incident and refine it later.

Reading Before Writing: You'll read far more code than you write. Understanding existing scripts, tools, and malware requires reading comprehension. Practice reading code as much as writing it.

Key insight: The programmer's mindset—decomposition, precision, iteration—applies to all security work, not just coding. Learning to program trains your brain for systematic problem-solving.

Real-World Context: Programming in Security Careers

Programming appears across all cybersecurity domains:

SOC Analyst: The 2020 SolarWinds attack was detected partly through custom scripts analyzing unusual network traffic patterns. Analysts who could write detection scripts found indicators others missed.

Penetration Testing: Tools like Metasploit are written in Ruby, but most custom exploits and automation scripts use Python. The PTES (Penetration Testing Execution Standard) explicitly lists scripting as a core skill.

Malware Analysis: Python tools like YARA, Volatility, and radare2 scripting are standard in malware analysis workflows. Understanding the malware requires understanding code.

MITRE ATT&CK Reference: Technique T1059.006 (Command and Scripting Interpreter: Python) documents how attackers use Python for execution. Defenders must understand what attackers use.

Key insight: Every security role benefits from programming. The depth varies— a GRC analyst needs less coding than a malware reverse engineer—but the foundation is universal.

Guided Lab: Your First Security Script

Let's write a script that does something security-relevant: counting lines in a log file. This simple task demonstrates the core workflow.

Step 1: Verify Python Installation

Open your terminal and run:

# Linux/macOS
python3 --version

# Windows
python --version

You should see something like Python 3.10.x or higher.

Step 2: Create Your First Script

Create a file called hello_security.py with this content:

# My first security script
# This demonstrates basic Python output

print("=== Security Script Starting ===")
print("Hello, Security World!")
print("This script was written by a future security professional.")
print("=== Script Complete ===")

Step 3: Run the Script

# Navigate to where you saved the file
cd /path/to/your/script

# Run it
python3 hello_security.py

Step 4: Reflection (mandatory)

  1. What does each print() statement do?
  2. What do the lines starting with # represent?
  3. What happens if you misspell print as prnt?
  4. How might you modify this script to print your name?

Week 1 Outcome Check

By the end of this week, you should be able to:

Next week: Variables, Types, and Data—where we learn to store and manipulate the information our scripts work with.

📚 Building on Prior Knowledge

Programming accelerates everything else in security:

🎯 Hands-On Labs (Free & Essential)

Start coding and build confidence before moving to reading resources.

🎮 TryHackMe: Python Basics

What you'll do: Write simple scripts, use variables, and run Python from the terminal.
Why it matters: Every security automation task starts with a working Python setup.
Time estimate: 1.5-2 hours

Start TryHackMe Python Basics →

🔐 HackTheBox Academy: Python Basics

What you'll do: Follow structured lessons on Python fundamentals and scripting workflow.
Why it matters: HTB Academy reinforces consistent coding habits and tooling.
Time estimate: 2-3 hours

Start HTB Python Basics →

🏁 PicoCTF Practice: General Skills (Python)

What you'll do: Solve beginner challenges that require small Python scripts.
Why it matters: CTF-style tasks build practical coding confidence.
Time estimate: 1-2 hours

Start PicoCTF General Skills →

💡 Lab Tip: Keep your first scripts in a dedicated folder so you can reuse them later.

🛡️ Secure Coding Foundations

Secure code starts with habits. Even beginner scripts should treat input as untrusted and handle errors deliberately. 

Secure coding habits (from day 1):
- Validate and sanitize all input
- Avoid eval() and unsafe execution
- Fail safely with explicit error handling
- Use least-privilege files and permissions

📚 Building on CSY101 Week-13: Threat model user input and misuse cases before you code.

Resources

Complete the required resources to build your foundation.

Lab: Environment Setup and First Script

Goal: Set up your Python development environment and write your first security-themed script.

Choose ONE path (Linux or Windows). Both are valid.

Linux Path

  1. Verify Python 3 is installed: python3 --version
  2. Install VS Code or use your preferred editor
  3. Create a directory for this course: mkdir ~/csy103-labs
  4. Create hello_security.py with the guided lab content
  5. Run it and capture the output
  6. Modify the script to also print the current date (hint: search "python print current date")

Windows Path

  1. Download and install Python from python.org (check "Add to PATH")
  2. Verify installation: python --version in PowerShell
  3. Install VS Code
  4. Create a folder C:\csy103-labs
  5. Create hello_security.py with the guided lab content
  6. Run it and capture the output
  7. Modify the script to also print the current date

Deliverable (submit):

Checkpoint Questions

  1. Name three security tasks that benefit from programming skills.
  2. Why is Python particularly well-suited for security work?
  3. What is the difference between a script and a compiled program?
  4. What does the print() function do in Python?
  5. Explain "decomposition" as a programming concept.
  6. How does MITRE ATT&CK document adversary use of Python (T1059.006)?

Weekly Reflection

Reflection Prompt (200-300 words):

This week introduced programming as a fundamental skill for cybersecurity professionals. You learned that security work at scale requires automation, and that Python is the industry-standard language for security scripting.

Reflect on these questions:

A strong reflection will connect programming to your personal security interests, honestly assess your starting point, and demonstrate understanding of why this skill matters for your career goals.

Verified Resources & Videos

Week 1 establishes the "why" of security programming. From Week 2 onward, we focus on the "how"—building your Python skills one concept at a time, always connected to security applications.

← Back to Unit Overview Next: Week 02 →

Week 01 Quiz

Test your understanding of the weekly concepts.

Format: 10 multiple-choice questions. Passing score: 70%. Time: Untimed.

Take Quiz