Campbell Steve / Кэмпбелл Стив - Bash Shell Scripting for Pentesters / Сценарии оболочки Bash для пентестеров [2024, PDF/EPUB, ENG]

Примеры страниц (скриншоты)

Оглавление

Preface xv
Part 1: Getting Started with Bash Shell Scripting
1
Bash Command-Line and Its Hacking Environment 3
Technical requirements 3
Introduction to Bash 4
Lab setup 7
Virtual machines 7
Docker containers 8
Live USB 9
Cloud-based systems 10
Vulnerable lab targets 10
Configuring your hacker shell 12
Customizing the Bash prompt 13
Setting up essential pentesting tools 14
Update the package manager 14
Install ProjectDiscovery tools 15
Install NetExec 16
Summary 17
2
File and Directory Management 19
Technical requirements 19
Working with files and directories 19
Directory navigation
and manipulation 22
Filesystem design and hierarchy 22
Filesystem navigation commands 27
File permissions and ownership 29
Ownership and groups 29
Special permissions – SUID and SGID 32
Linking files – hard links
and symlinks 33
Summary 34
3
Variables, Conditionals, Loops, and Arrays 35
Technical requirements 35
Introducing variables 36
Declaring variables 36
Accessing variables 37
Environment variables 38
A review of variables 40
Branching with conditional
statements 41
The if statement 42
Adding else 42
The power of elif 43
Beyond simple comparisons 43
Combining conditions 47
Case statements 48
Repeating with loops 49
The for loop 49
The while loop 51
The until loop 53
Select – interactive menus made easy 54
Advanced usage – nested loops 55
Using break and continue 56
Using arrays for data containers 57
Looping through arrays 58
Summary 60
4
Regular Expressions 61
Technical requirements 61
The basics of regex 62
Using character classes 66
Flags – modifying your search 66
Applying basic regex examples 67
Advanced regex patterns
and techniques 68
Practical example – extracting
data using regex 68
Utilizing alternations 69
Demonstrating practical applications 70
Matching IP addresses with grep 72
Using handy grep flags 73
Redacting IP addresses 74
Regex tips and best practices 77
Summary 77
5
Functions and Script Organization 79
Introduction to Bash functions 80
Code reuse 80
Modularity 81
Encapsulation 81
Testability 81
Performance 82
Defining and calling a function 82
Passing arguments to functions 84
Handling a variable number of arguments 85
Default values for arguments 86
The scope and lifetime
of variables in functions 87
Global variables 88
Local variables 89
Variable lifetime 89
Modifying global variables inside functions 90
Advanced function techniques 92
Function return values 92
Recursive functions 94
Importing functions 95
Functions versus aliases 96
Summary 98
6
Bash Networking 99
Technical requirements 99
Networking basics with Bash 100
Understanding IP addresses
and subnets (IPv4) 100
Understanding IP addresses
and subnets (IPv6) 102
Configuring network interfaces
using Bash commands 104
Troubleshooting network
connectivity with Bash tools 105
Scripting network enumeration 109
Network exploitation 112
Network service exploitation 112
Network traffic analysis 115
Capturing and analyzing network traffic 116
Interpreting packet captures 120
Summary 122
7
Parallel Processing 123
Understanding parallel processing
in Bash 123
Implementing basic
parallel execution 125
Advanced parallel processing
with xargs and GNU parallel 127
Introducing xargs for robust
parallel processing 127
Using GNU parallel for enhanced control 129
Comparing xargs and parallel 135
Achieving parallelism using screen 135
Practical applications
and best practices 136
Practical applications of Bash parallel
processing 137
Best practices for parallel execution in Bash 140
Summary 141
Part 2: Bash Scripting for Pentesting
8
Reconnaissance and Information Gathering 145
Technical requirements 146
Introducing reconnaissance
with Bash 146
Formatting usernames
and email addresses 147
Using Bash for DNS enumeration 151
Expanding the scope using Bash 152
Automating subdomain enumeration
with Bash 156
Using Bash to identify
web applications 162
Using Bash for certificate enumeration 163
Using Bash to format vulnerability
scan targets 168
Summary 170
9
Web Application Pentesting with Bash 171
Technical requirements 172
Automating HTTP requests in Bash 172
Analyzing web application
security with Bash 182
ProjectDiscovery 182
Running command-line scans with ZAP 185
Learning advanced data
manipulation techniques 187
Summary 192
10
Network and Infrastructure Pentesting with Bash 193
Technical requirements 193
Fundamentals of network
pentesting with Bash 195
Core methodologies in network pentesting 195
Setting up the pentest environment 196
Using tmux for persistent sessions 197
Basic network scanning with Nmap 198
Fast network scanning with Masscan 200
Processing scan results with Bash 201
Conclusion 202
Advanced network scanning
techniques in Bash 202
Enumerating network services
and protocols using Bash 205
Infrastructure vulnerability
assessment with Bash 208
Enumerating network hosts with NetExec 208
Automating vulnerability
scanning with Greenbone 210
Summary 217
11
Privilege Escalation in the Bash Shell 219
Technical requirements 220
Understanding privilege escalation
in Unix/Linux systems 220
Enumeration techniques
for privilege escalation 221
Initial access 222
System information gathering 225
Exploiting SUID and SGID
binaries with Bash 233
Leveraging misconfigured
services and scheduled tasks 239
Summary 241
12
Persistence and Pivoting 243
Technical requirements 243
The fundamentals of persistence
with Bash 245
Creating a new user in Bash 245
Backdooring the Bash shell 246
Creating backdoor cron jobs 247
Backdooring system files for persistence 249
Backdooring with SSH authorized keys 252
Learning advanced persistence
techniques 253
The basics of network pivoting
with Bash 255
Mastering advanced pivoting
and lateral movement 257
Dynamic chain pivoting 257
DNS tunneling 261
Cleanup and covering tracks 262
Summary 266
13
Pentest Reporting with Bash 267
Technical requirements 267
Automating data collection
for reporting with Bash 268
Identifying key data points 268
Parsing and cleaning raw data using Bash 270
Storing and managing pentest
data with SQLite 280
Integrating Bash with
reporting tools 285
Summary 288
Part 3: Advanced Applications of Bash Scripting
for Pentesting
14
Evasion and Obfuscation 291
Technical requirements 292
Enumerating the environment
for AV and EDR 292
Basic obfuscation techniques
in Bash 295
Advanced evasion tactics
using Bash 297
Automating evasion script
generation in Bash 301
Summary 309
15
Interfacing with Artificial Intelligence 311
Technical requirements 312
Ethical and practical considerations
of AI in pentesting 313
The basics of AI in pentesting 314
Basic terminology and definitions of ML
and AI 314
Creating a foundation for successful
AI use in pentesting 317
Redefining the system prompt 317
Enhancing vulnerability
identification with AI 321
AI-assisted decision-making in
pentesting 328
Testing the Pentest Hero AI agent 329
Summary 333
16
DevSecOps for Pentesters 335
Technical requirements 335
Introduction to DevSecOps for
pentesters 336
Understanding the intersection of DevOps
and security 336
Common use cases for Bash in security
automation 337
Configuring the CI/CD pipeline
with Bash 338
Initial setup and error handling 339
Logging functions 339
Error handler and initialization 340
System checks 341
Development tools installation 341
Security tools installation 342
GitLab CI/CD setup 343
Workspace creation 343
Crafting security-focused Bash
scripts for DevSecOps 344
Creating the scan script 344
Creating vulnerable artifacts 352
Integrating real-time security
monitoring with Bash 358
Automating custom Kali Linux
builds for pentesting 361
Summary 365
Index 367
Other Books You May Enjoy 378