← Back to Lessons

Rewriting the Truth - Understanding Code as Defense

What is programming?
What do you need to know for this challenge?
  • Variables

Programming is more than writing instructions for a computer; it's a conversation. An honest, precise conversation where every word matters, and like any true conversation, it can be manipulated. It can be interrupted, distorted, altered.

The same happens with the code you defend. When you're part of the Blue Team, you shouldn't just look for malware or strange connections; you must understand what the systems are saying... and also notice when what they say has been modified.

Today, I invite you to read, not just as someone reviewing a text, but as someone listening to a loved one speak strangely... and realizing that something is wrong.

What is programming?

Programming is giving instructions to a machine to do something, but it's not just that. Programming is also about creating logic, solving problems, automating tasks, and, in cybersecurity, understanding the mindset of those who write code with hidden intentions.

Hackers (ethical or not) use programming to:

  • Create exploits or tools
  • Automate attacks or defenses
  • Manipulate files or systems
  • Analyze data
  • Modify running processes

Understanding programming is not optional, it's a must.

Meet Python

Python is an interpreted programming language: simple, straightforward, and powerful. It's loved for its readability, its community, and its versatility, and it's used in:

  • Automation
  • Ethical hacking
  • Forensic analysis
  • Machine Learning
  • Pentesting
  • Cyber defense

And of course... attackers use it too.

What do you need to know for this challenge?

Variables

A variable is like a little box that stores a value.

1password = "defense123"

Functions

Functions are blocks of code that do something specific. You can define them yourself or use the ones that come with Python.

1def generate_password(): 2 return "secure123"

Conditionals

They allow the program to make decisions.

1if password == "correct": 2 print("Access granted") 3else: 4 print("Access denied")

Important: reading existing code

Reading code is not the same as writing it; it's like reading someone else's letter, and if it was tampered with... you must notice what doesn't add up. Some tips:

  • Observe what each line does
  • Pay attention to how variables are used
  • Understand what each function returns
  • Ask yourself: does this make sense?

Blue Team Mindset

Not all attacks are brutal. Some are subtle: a tampered line of code, a variable that seems harmless but changes everything.

Today you don't need to find the attacker. You need to restore the original intent of the script to return the truth to the code. Don't just focus on what's broken; think about what should be working.

Tools you might need

  • A code editor: Visual Studio Code
  • Python installed to run the scripts (python3 file.py)
  • CyberChef for analysis and decoding (a Blue Team gem)

Your mission for today

You will receive two scripts: one that should give you a password, and another that validates that password to reveal something else. But there's a problem... someone tampered with them.

Your job is not to guess, but to read with an analyst's eyes, to think like someone investigating a crime with no witnesses. The code speaks; you just have to listen closely.

Keep this in mind

"To defend is to restore order when everything seems confusing. Today, that order is hidden in a few lines of code. Read them. Understand them. And set them free."

See you at the next level.