Cyber Shelf

// Comparison

Black Hat Bash vs Penetration Testing: Which Should You Read?

Two cybersecurity books on Offensive, compared honestly: who each is for, what each does best, and which to read first.

Intermediate
4/52024
Black Hat Bash

Creative Scripting for Hackers and Pentesters

Nick Aleks, Dolev Farhi

Nick Aleks and Dolev Farhi on getting offensive work done with the shell: privilege escalation tooling, lateral movement, and pipelining bash with the rest of the toolkit.

Beginner
4/52014
Penetration Testing

A Hands-On Introduction to Hacking

Georgia Weidman

Georgia Weidman's lab-driven introduction to pentesting, walking the reader from setting up a target environment through scanning, exploitation, post-exploitation, and reporting.

Read this if

Pentesters and red teamers who land on a Linux box and need to do offensive work with whatever bash is already there. The book covers privilege escalation, lateral movement, log tampering, and the practical recipes that bash actually shines at.
Beginners who want a single hands-on intro that walks them through a complete pentest workflow: lab setup, recon, exploitation, post-exploitation, reporting. Still the friendliest entry point in print.

Skip this if

Beginners with no shell-scripting fluency, or readers who only work on Windows. The book assumes you can write a basic for-loop and an if-conditional; the value is in the offensive idioms.
Readers who already work in offensive security or want current-decade tooling specifics. The edition is dated against modern Active Directory tradecraft and EDR realities; the workflow is timeless, the tools are not.

Key takeaways

  • Most offensive bash is data plumbing: enumerate, parse, pivot, exfiltrate. The book's framing makes the workflow explicit instead of magic.
  • Living-off-the-land on Linux is a real strategy; bash + awk + sed + curl is often more reliable than dropping a custom binary on a hardened target.
  • The chapters on log tampering, persistence via cron / systemd, and privilege escalation chains are the practical core for any operator who finishes a foothold and needs to keep moving.
  • A complete pentest is a small number of repeated motions (recon, find foothold, escalate, pivot, document); Weidman teaches the rhythm before the tooling.
  • Lab setup is half the learning; running through the book's Metasploitable-and-Windows-VM lab is what builds the muscle memory the OSCP later assumes.
  • Reporting matters as much as exploitation; the book is one of the few intro texts that takes the deliverable seriously.

How they compare

Black Hat Bash and Penetration Testing are both rated 4/5 in our catalog. Pick by topic preference and reading style rather than by rating.

Black Hat Bash is pitched at intermediate level. Penetration Testing is pitched at beginner level. Read the easier one first if you're not yet comfortable with the topic.

Black Hat Bash and Penetration Testing both cover Offensive, Tooling, so reading them in sequence reinforces the same material from different angles.

Keep reading

Black Hat Bash

Alternatives to Black Hat BashWhat to read after Black Hat Bash

Penetration Testing

Alternatives to Penetration TestingWhat to read after Penetration Testing

Related topics

OffensiveTooling