Python for Cybersecurity 🐍 🛡️

Projects Projects Projects

W J Pearce

Sep 14, 2025

Last Week: Security Project: GitHub Advance Security

Next Week: Python for Cybersecurity

This Week: Q&A 📢

Programming Puts People Off

Why….? Because it’s really hard, like really hard. You often see on Cyber and Cloud roadmaps “Learn Python” like it’s some throw away skill you can learn in an afternoon.
It takes months of repetitive practice to get “comfortable”

If you want to work in Cloud Security, you don’t need to be a developer/programmer. But you do need to understand (and use) the basics of Python.

So what are the basics?

APIs – learn how to send and receive data from services.
Automation – script repetitive tasks to save time.
Offense / Defense – build simple tools for red teaming or defensive monitoring.
File Handling – read, write, and process logs or config files.
Data Structures – understand lists, dictionaries, and JSON.
Error Handling – catch and handle exceptions securely.
Environment Management – work with virtual environments and requirements files.

Two Small Projects

Project 1: API Basics - Your First GET Request

Start with REST APIs and GET requests - the foundation of most cybersecurity integrations. Learn to authenticate using API keys and handle JSON responses.

Tools: Use Postman first to test API calls visually before writing code - it's pretty decent of for understanding request/response structure visually.

Practice with:

PokeAPI: https://pokeapi.co - No auth required, query 100s of different Pokemon.
If small Japanese monsters aren’t your thing, you could also check out…
The Cat API: https://thecatapi.com - Introduces API key authentication with 100s of Cat Photos to fetch

Quick Example:

import requests

# Simple GET request to PokeAPI
response = requests.get("https://pokeapi.co/api/v2/pokemon/pikachu")
if response.status_code == 200:
    data = response.json()
    print(f"Name: {data['name']}, Height: {data['height']}")
else:
    print(f"Error: {response.status_code}")

Try fetching data, parsing JSON responses, and handling errors. Once comfortable, apply these skills to security APIs like VirusTotal or Shodan.

Best Resource: Real Python's API tutorials (https://realpython.com/tutorials/api/) - hands down the single best resource with tons of getting started projects.

This project teaches you the fundamentals you'll use all the time as a Cloud Security Engineer: Calling security tools, fetching threat intelligence, and automating data collection.

Project 2: Log Analysis - Processing Security Logs

Logs pile up everywhere - AWS CloudWatch, /var/log/auth.log, /var/log/syslog - and it's not uncommon for people to ignore these unless something goes wrong. When it does, it can be a nightmare to figure out what actually happened.

A whole industry exists to solve this problem (tools like ELK Stack, Splunk, Datadog), but you can certainly get started with Python to understand the fundamentals.

Quick Example - Who's Been On Your System:

import subprocess
import datetime

# Check who's currently logged in
def get_current_users():
    result = subprocess.run(['who'], capture_output=True, text=True)
    return result.stdout.strip().split('\n')

# Check recent command history
def get_recent_commands(user='root'):
    try:
        with open(f'/home/{user}/.bash_history', 'r') as file:
            commands = file.readlines()
            return commands[-10:]  # Last 10 commands
    except FileNotFoundError:
        return ["History file not found"]

print("Currently logged in:")
for user in get_current_users():
    print(f"- {user}")

print("\nRecent commands:")
for cmd in get_recent_commands():
    print(f"- {cmd.strip()}")

Practice: Parse auth logs for failed logins, track sudo usage, or monitor file access patterns. Simple scripts like this can be lifesavers during incident response.

Hopefully you can start to build up a picture around how Python is incredibly useful for Cybersecurity. I did some YouTube videos around this a few years ago, they are pretty basic but everyone's gotta start somewhere:

WJPearce - Cyber Notes

Enjoyed this? Why not check out my other reads…