Black Hat Bash cover

Black Hat Bash

Bash Scripting for Hackers and Pentesters
by Dolev Farhi, Nick Aleks
Fall 2024, 336 pp.
Use coupon code PREORDER to get 25% off!

Download Chapter 5: Vulnerability Scanning and Fuzzing

Look Inside!

Black Hat Bash pages 58-59Black Hat Bash pages 124-125Black Hat Bash pages 228-229

Bash is one of the first building blocks that expert penetration testers learn. But every hacker, regardless of experience level, should know their way around a bash shell—its powerful scripting language lets you scale your attacks and write your own tools when others aren’t available. Black Hat Bash will teach you how to harness this essential pentesting skill set through hands-on exercises that use bash scripting to chain commands together, automate critical tasks, craft successful living-off-the-land attacks, and more.

Early chapters cover the bash scripting language’s syntax and help you set up a lab environment to test your newfound bash abilities during all stages of the penetration testing process. You’ll soon be automating reconnaissance tasks, performing OS command injection, parsing tool output to extract important information, and maneuvering a restricted network using bash techniques that make your offensive engagements more efficient. 

This book makes bash easy to learn. And, with its focus on presenting bash in the context of pentesting, you’ll not only learn the language but you’ll also pick up lots of hacking tricks that allow you to use bash right away as your go-to offensive security tool.

Author Bio 

Dolev Farhi is a security engineer and author of Black Hat GraphQL (No Starch Press, 2023). He has extensive experience leading security engineering teams in the fintech and cybersecurity industries and is currently a distinguished security engineer at Palo Alto Networks, where he builds defenses for the largest cybersecurity company in the world. He has provided training for official Linux certification tracks and, in his spare time, enjoys researching vulnerabilities in IoT devices and building open source offensive security tools.

Nick Aleks is a prominent cybersecurity leader whose work has been vital in protecting the financial data of millions of Canadians. He is the Senior Director of Security at Wealthsimple and has served as a patented Distinguished Security Engineer at TD Bank. Aleks is also the Chief Hacking Officer at ASEC.IO, coauthor of Black Hat GraphQL (No Starch Press, 2023), and serves as a Senior Advisory Board Member for the University of Guelph and George Brown’s cybersecurity programs. He specializes in offensive security, penetration testing and has over a decade of experience hacking everything from websites, safes, locks, cars, drones, and even smart buildings.

Table of contents 

Chapter 1: Bash Basics
Chapter 2: Flow Control and Text Processing
Chapter 3: Setting Up a Hacking Lab
Chapter 4: Reconnaissance
Chapter 5: Vulnerability Scanning and Fuzzing

Chapter 6: Gaining a Web Shell
Chapter 7: Reverse Shells
Chapter 8: Local Information Gathering
Chapter 9: Privilege Escalation
Chapter 10: Persistence
Chapter 11: Lateral Movement and Network Probing
Chapter 12: Defensive Evasion and Exfiltration


The chapters in red are included in this Early Access PDF.

Extra Stuff 

A repository of code and errata for this title can be found at Dolev Farhi's GitHub page.