Black Hat Bash
Creative Scripting for Hackers and Pentesters
Nick Aleks and Dolev Farhi on getting offensive work done with the shell: privilege escalation tooling, lateral movement, and pipelining bash with the rest of the toolkit.
As an Amazon Associate we earn from qualifying purchases. The link above is sponsored.
- Authors
- Nick Aleks,Dolev Farhi
- Published
- 2024
- Publisher
- No Starch Press
- Pages
- 344
- Language
- English
Read this if
Pentesters and red teamers who land on a Linux box and need to do offensive work with whatever bash is already there. The book covers privilege escalation, lateral movement, log tampering, and the practical recipes that bash actually shines at.
Skip this if
Beginners with no shell-scripting fluency, or readers who only work on Windows. The book assumes you can write a basic for-loop and an if-conditional; the value is in the offensive idioms.
Key takeaways
- Most offensive bash is data plumbing: enumerate, parse, pivot, exfiltrate. The book's framing makes the workflow explicit instead of magic.
- Living-off-the-land on Linux is a real strategy; bash + awk + sed + curl is often more reliable than dropping a custom binary on a hardened target.
- The chapters on log tampering, persistence via cron / systemd, and privilege escalation chains are the practical core for any operator who finishes a foothold and needs to keep moving.
Notes
Pair with Black Hat Python (Seitz/Arnold) for when Python is appropriate, Linux Basics for Hackers (OccupyTheWeb) for the language fluency, and Practical Linux Forensics (Nikkel) for the defensive counter-perspective. The same authors' Black Hat GraphQL covers their other specialty. The 2024 publication date keeps the book current with modern Linux tooling.
What to read before
What to read before Black Hat Bash →Beginner · 2014
Penetration Testing
Georgia Weidman's lab-driven introduction to pentesting, walking the reader from setting up a target environment through scanning, exploitation, post-exploitation, and reporting.
Intermediate · 2020
Black Hat Go
Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.
Intermediate · 2021
Black Hat Python
Justin Seitz and Tim Arnold's hands-on tour of writing offensive tooling in Python: network sniffers, web scrapers, GitHub-based command-and-control, screen capture, keylogging, and Volatility extensions.
What to read next
What to read after Black Hat Bash →Intermediate · 2020
Black Hat Go
Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.
Intermediate · 2021
Black Hat Python
Justin Seitz and Tim Arnold's hands-on tour of writing offensive tooling in Python: network sniffers, web scrapers, GitHub-based command-and-control, screen capture, keylogging, and Volatility extensions.
Intermediate · 2025
Metasploit
The second edition of the definitive No Starch guide to the Metasploit Framework, updated by the project's original maintainers and newer contributors for the modern Framework.
Explore similar books
Alternatives to Black Hat Bash →Intermediate · 2025
Metasploit
The second edition of the definitive No Starch guide to the Metasploit Framework, updated by the project's original maintainers and newer contributors for the modern Framework.
Intermediate · 2021
Black Hat Python
Justin Seitz and Tim Arnold's hands-on tour of writing offensive tooling in Python: network sniffers, web scrapers, GitHub-based command-and-control, screen capture, keylogging, and Volatility extensions.
Intermediate · 2020
Black Hat Go
Tom Steele, Chris Patten, and Dan Kottmann show how to use Go's networking primitives, concurrency model, and cross-compilation to write offensive tooling that runs almost anywhere.