C, C++, or Python?
All of them. When one learns C++ they in a way learn C. Python goes one step above C++ in that it has modules like scapy, scrappy, tensorflow, and ansible which makes writing tools, building botnets, and working with large scale datasets a easy task. Python itself even uses C to go faster
But, again core fundamentals are needed. C is what the kernel is written in and therefore has access to bare metal, with a bit of understanding on x86 assembly then reverse engineering malware becomes a fun task. Plus operating at this level one’s able to grok what’s going on at near kernel space instead of python’s user space.
For example; if one was trying to write shellcode they would need to know assembly and C/C++ to find the security vulnerability, then use python as the code for the exploit, C to create the exploit[1], and finally word to write up the CVE Report.
Another example and more real world than anything is doing post processing of malware captured by a honeynet. One absolutely needs to understand C to discover the internals of the malware and be able to shut down the botnet that is attacking the network under one’s watch.
[1]: debasish dot in /2012/04/execute-shellcode-using-python.html