Question

You should now have a solid background to help you understand most of the vulnerabilities we will cover. Before you set up your hacking tools, I recommend that you learn to program. Programming skills are helpful, because hunting for bugs involves many repetitive tasks, and by learning a programming language such as Python or shell scripting, you can automate these tasks to save yourself a lot of time.

现在，您应该具备扎实的背景知识，能帮助您理解我们将要涵盖的大部分漏洞。在您设置黑客工具之前，我建议您先学习编程。编程技能非常有帮助，因为寻找漏洞涉及到许多重复性的任务，通过学习 Python 或 shell 脚本等编程语言，您可以自动化这些任务，节省大量时间。

You should also learn to read JavaScript, the language with which most sites are written. Reading the JavaScript of a site can teach you about how it works, giving you a fast track to finding bugs. Many top hackers say that their secret sauce is that they read JavaScript and search for hidden endpoints, insecure programming logic, and secret keys. I’ve also found many vulnerabilities by reading JavaScript source code.

你也应当学习阅读 JavaScript，因为大多数网站都是用它编写的。阅读一个网站的 JavaScript 可以让你了解它的工作方式，从而帮助你更快地发现漏洞。许多顶尖的黑客表示，他们的秘密武器就是阅读 JavaScript 并搜索隐藏的端点、不安全的编程逻辑和秘密密钥。我也通过阅读 JavaScript 源代码发现了许多漏洞。

Codecademy is a good resource for learning how to program. If you prefer to read a book instead, Learn Python the Hard Way by Zed Shaw (Addison-Wesley Professional, 2013) is a great way to learn Python. And reading Eloquent JavaScript , Third Edition, by Marijn Haverbeke (No Starch Press, 2019) is one of the best ways to master JavaScript.

Codecademy 是学习编程的好资源。如果你更喜欢阅读书籍，Zed Shaw 的《笨办法学 Python》(Addison-Wesley Professional，2013) 是学习 Python 的绝佳方式。而阅读 Marijn Haverbeke 的《JavaScript 精解》第三版(No Starch Press，2019) 是掌握 JavaScript 的最佳方式之一。