// Comparison
Black Hat Bash vs Hacking: Which Should You Read?
Two cybersecurity books on Offensive, compared honestly: who each is for, what each does best, and which to read first.
Creative Scripting for Hackers and Pentesters
Nick Aleks, Dolev Farhi
Nick Aleks and Dolev Farhi on getting offensive work done with the shell: privilege escalation tooling, lateral movement, and pipelining bash with the rest of the toolkit.
Un labo virtuel pour auditer et mettre en place des contre-mesures
Franck Ebel, Jérôme Hennecart
A hands-on French guide to building a virtual lab (Proxmox) and using it to audit application, web and system flaws — then implement countermeasures.
Read this if
Skip this if
Key takeaways
- Most offensive bash is data plumbing: enumerate, parse, pivot, exfiltrate. The book's framing makes the workflow explicit instead of magic.
- Living-off-the-land on Linux is a real strategy; bash + awk + sed + curl is often more reliable than dropping a custom binary on a hardened target.
- The chapters on log tampering, persistence via cron / systemd, and privilege escalation chains are the practical core for any operator who finishes a foothold and needs to keep moving.
- A practical French guide to building your own vulnerability lab and auditing it end to end.
- Covers application, web and system flaws with the matching countermeasures — attack and defence together.
- From 2013: the method holds, but expect to modernise the specific tools and lab stack.
How they compare
We rate Black Hat Bash higher (4/5 against 3/5 for Hacking). For most readers, that means Black Hat Bash is the primary pick and Hacking is a useful follow-up.
Both books target intermediate-level readers, so the choice is about topic, not difficulty.
Black Hat Bash and Hacking both cover Offensive, Tooling, so reading them in sequence reinforces the same material from different angles.