The Hacker Playbook 3
Practical Guide to Penetration Testing — Red Team Edition
Peter Kim's hands-on red-team field manual: assumed-breach scenarios, lateral movement, AV/EDR evasion, and the operational rhythm of a real engagement rather than a checklist of CVEs.
As an Amazon Associate we earn from qualifying purchases. The link above is sponsored.
- Authors
- Peter Kim
- Published
- 2018
- Publisher
- Independently published
- Pages
- 290
- Language
- English
Read this if
Junior-to-mid red teamers and pentesters moving past CTFs into corporate engagements who want a coherent narrative of how an op flows. The strongest part is the assumed-breach mindset — the assumption that you start from a foothold and have to make it count.
Skip this if
Readers expecting 2024-current tradecraft. Cobalt Strike, Sliver, EDR-bypass research, and modern identity attacks (AAD, conditional access, OAuth abuse) have all moved on since 2018. Treat the techniques as concepts, not commands.
Key takeaways
- Assumed breach is the right starting frame for almost any modern engagement; perimeter-to-DA scenarios are increasingly fiction.
- The book's value is the workflow — recon, foothold, escalate, persist, exfil — not the specific tools used to demonstrate it.
- Pair every chapter with a current blog source; the toolchain rotates faster than print can track.
Notes
Best used as a structural map — read each chapter, then look up the 2024-current equivalent of every tool it names. THP2 is more dated; THP4 has been rumored but not shipped. Pair with Red Team Field Manual for the cheat-sheet companion and with the Mandiant / CrowdStrike threat reports for the real-world tradecraft baseline. The audience for this book today is people who haven't yet internalized the operational arc; once you have, you graduate to ATT&CK and primary research.
What to read before
What to read before The Hacker Playbook 3 →Beginner · 2014
Penetration Testing
Georgia Weidman's lab-driven introduction to pentesting, walking the reader from setting up a target environment through scanning, exploitation, post-exploitation, and reporting.
Intermediate · 2025
Metasploit
The second edition of the definitive No Starch guide to the Metasploit Framework, updated by the project's original maintainers and newer contributors for the modern Framework.
Intermediate · 2022
Sécurité informatique - Ethical Hacking
The French-language reference for offensive security: a thick, lab-heavy tour of the attacker's toolkit, maintained across editions by the ACISSI collective under the motto “learn the attack to better defend.”
What to read next
What to read after The Hacker Playbook 3 →Advanced · 2017
Advanced Penetration Testing
A red-teamer's tour of getting into high-security targets without Metasploit, leaning on custom C2, social engineering, and tradecraft. Strong ideas, uneven execution.
Intermediate · 2025
Metasploit
The second edition of the definitive No Starch guide to the Metasploit Framework, updated by the project's original maintainers and newer contributors for the modern Framework.
Intermediate · 2022
Sécurité informatique - Ethical Hacking
The French-language reference for offensive security: a thick, lab-heavy tour of the attacker's toolkit, maintained across editions by the ACISSI collective under the motto “learn the attack to better defend.”
Explore similar books
Alternatives to The Hacker Playbook 3 →Advanced · 2017
Advanced Penetration Testing
A red-teamer's tour of getting into high-security targets without Metasploit, leaning on custom C2, social engineering, and tradecraft. Strong ideas, uneven execution.
Intermediate · 2025
Metasploit
The second edition of the definitive No Starch guide to the Metasploit Framework, updated by the project's original maintainers and newer contributors for the modern Framework.
Intermediate · 2022
Sécurité informatique - Ethical Hacking
The French-language reference for offensive security: a thick, lab-heavy tour of the attacker's toolkit, maintained across editions by the ACISSI collective under the motto “learn the attack to better defend.”