Preface

The penetration testing technology today is riddled with oversimplified Graphical User Interfaces. Though easy to use, they often offer very little control over the operations they perform and don't offer a very informative experience to their users. Another drawback is that many of these security assessment solutions are only developed to identify and automate exploitation for the most obvious and unobfuscated instances of vulnerabilities. For every other practical instance of a vulnerability, penetration testers need to rely on their own scripts and assessment tools.

The basic skill set of a good penetration tester includes at least rudimentary skills in a scripting or software development languages such as bash scripting, Python, Go, Ruby, and so on. This is so that they can handle the weird and outlier instances of vulnerabilities with their own customized tools and are capable of automating security testing according to their own terms. Firewalls, intrusion detection/prevention systems, and other security monitoring solutions are becoming smarter, and the only way we, as penetration testers, are ever going to beat them is by learning to build our own tools to "weaponize" our command lines.

This book introduces some of the fundamental skills, tips, tricks, and command-line-driven utilities that the best penetration testers from all across the world use to ensure that they have as much control over their testing activities as possible. Anyone interested in introducing themselves to the command line specifically for penetration testing or penetration testing as a whole, will benefit from reading this book.