(as of Nov 26,2021 23:52:01 UTC – Details)
If you hope to outmaneuver threat actors, speed and efficiency need to be key components of your cybersecurity operations. Mastery of the standard command-line interface (CLI) is an invaluable skill in times of crisis because no other software application can match the CLI’s availability, flexibility, and agility. This practical guide shows you how to use the CLI with the bash shell to perform tasks such as data collection and analysis, intrusion detection, reverse engineering, and administration.
Authors Paul Troncone, founder of Digadel Corporation, and Carl Albing, coauthor of bash Cookbook (O’Reilly), provide insight into command-line tools and techniques to help defensive operators collect data, analyze logs, and monitor networks. Penetration testers will learn how to leverage the enormous amount of functionality built into nearly every version of Linux to enable offensive operations.
In four parts, security practitioners, administrators, and students will examine:
- Foundations: Principles of defense and offense, command-line and bash basics, and regular expressions
- Defensive security operations: Data collection and analysis, real-time log monitoring, and malware analysis
- Penetration testing: Script obfuscation and tools for command-line fuzzing and remote access
- Security administration: Users, groups, and permissions; device and software inventory
From the Publisher
From the Preface
In this day and age, the command line is sometimes overlooked. New cybersecurity practitioners may be lured away by tools with flashy graphical interfaces. More-experienced operators may dismiss or underestimate its value. However, the command line provides a wealth of capability and should be part of every practitioner’s toolkit. As an example, the seemingly simple tail command that outputs the last few lines of a specified file is over 2,000 lines of C code. You could create a similar tool using Python or another programming language, but why do so when you can access its capabilities by simply invoking it from the command line?
Additionally, learning how to use the command line for complex tasks gives you a better understanding of the way an operating system functions. The most capable cybersecurity practitioners understand how tools work at a fundamental level, not just how to use them.
Cybersecurity Ops with bash teaches you how to leverage sophisticated Linux commands and the bash shell to enhance your capabilities as a security operator and practitioner. By learning these skills you will be able to rapidly create and prototype complex capabilities with as little as a single line of pipelined commands.
Although the bash shell and the commands we discuss throughout this book originated in the Unix and Linux family of operating systems, they are now ubiquitous. The techniques are easily transferable between Linux, Windows, and macOS environments.
Who This Book Is For
Cybersecurity Ops with bash is written for those who wish to achieve mastery of the command line in the context of computer security. The goal is not to replace existing tools with command-line scripts, but rather to teach you how to use the command line so you can leverage it to augment your existing security capabilities.
Throughout this book, we focus examples on security techniques such as data collection, analysis, and penetration testing. The purpose of these examples is to demonstrate the command line’s capabilities and give you insight into some of the fundamental techniques used by higher-level tools.
This book assumes basic familiarity with cybersecurity, the command-line interface, programming concepts, and the Linux and Windows operating systems. Prior knowledge of bash is useful but not necessarily needed.
This book is not an introduction to programming, although some general concepts are covered in Part I.
Publisher:O’Reilly Media; 1st edition (April 20, 2019)
Item Weight:1 pounds
Dimensions:7 x 0.6 x 9.1 inches