
- Scripts – If you can automate something with a script, do it. Life will become easier
- Mods – Perhaps code exists, which you can modify for your use (if you understand it)
- Awareness – If you’re testing an exploit, you should have an idea what it’s going to do before you run it
Variables
In simplest terms, variables are placeholders for data. They can represent different values (numbers, strings, etc.). These make programs way more flexible. Here is an example:
Loops
Probably my favorite structure, loops allow you to repeat an action until some criteria is met. FOR loops and WHILE loops are probably the most common types. These are two simple examples, but they describe how each works:
- FOR every <IP Address> in this <list of IP Addresses> check if port 22 is open
- WHILE <result of ping> is FALSE, keep the <ping> going
And, Or, If, Else if, Else
This logic helps make decisions based on some criteria. Though each has a different purpose, the resulting code depends on the result of the logic being TRUE or FALSE. The logic works much like philosophical logic (here’s to you, Aristotle):
IF your age is less than 18: you cannot buy tobacco you cannot buy alcohol ELSE IF your age is less than 21 AND greater than or equal to 18: you can buy tobacco you cannot buy alcohol ELSE: you can buy tobacco you can buy alcohol
It’s worth remembering some truth table basics here. Unless it’s an “exclusive OR” (save that for another day), the result is TRUE is either side of an OR is true as well as if both sides of the OR are true. Also make note how we can control many different potential outcomes with the IF, ELSE IF, ELSE logic. We can keep adding ELSE IF statements (however after a certain point it’s not the most efficient way).
Arrays/Lists
Arrays/lists allow you to store multiple values in one location. There are a lot of things that can be done with arrays, and most languages have some built-in methods to define and append arrays. For example, the ages of people reading this blog may look like this:

Methods
Methods are specific pieces of code that can be executed on a certain object type. For example, an array may have methods to get an average, return the number of items, or add and remove items. Here’s a Python example of adding the age if a new person reads this blog.

Functions
These are what make programs so flexible. If you have a task that may need to be repeated, write a function to do so. Functions (normally) take some sort of input passed to it, then provide something as a return. Functions can be written for almost anything, and the beauty is if you pass the correct types of data to it, you can reuse that function anywhere. Here’s a Python example of sorting the ages in our list:

Summary
These are the basic building blocks of programs. With this understanding of code, you can write simple scripts/programs to do many different things. My suggestion is to read code with the sole intent of trying to understand its functionality. Read different languages. If you can, get simple programs and modify them.
We hope this blog on coding and programming structures has given you a bit better understanding of this topic. When you can combine the basics of coding with a solid understanding of the command line, you’ll give yourself the ability to automate a lot tasks (including analysis) without having to depend on a graphic user interface (GUI). Coincidentally, leaving the GUI behind is where we’ll pick up next time in our blog series. In the meantime, you can learn more about our cyber security training courses and services.
Matt Kuznia is senior associate at Delta Risk LLC, a Chertoff Group Company that offers managed security services. You can follow him on Twitter for his latest #cyberhandyman tips and tricks. Read more Delta Risk LLC blogs here.