Red Team Engineering: The Art of Building Offensive Tools and Infrastructure
暫譯: 紅隊工程:攻擊工具與基礎設施建設的藝術
Erdmann, Casey
- 出版商: No Starch Press
- 出版日期: 2026-03-24
- 售價: $2,730
- 貴賓價: 9.5 折 $2,593
- 語言: 英文
- 頁數: 352
- 裝訂: Quality Paper - also called trade paper
- ISBN: 1718504268
- ISBN-13: 9781718504264
-
相關分類:
Penetration-test
海外代購書籍(需單獨結帳)
商品描述
Stop Relying on Black Box Tools and Start Building Your Own. Offensive security isn't just about running scripts; it's about implementing engineering solutions. Red Team Engineering will show you how to transition from penetration tester to red team operator--taking you beyond the basics of exploitation to teach you the "how" of professional offensive development and infrastructure engineering. Casey Erdmann, an experienced red team operator, guides you through the complete development life cycle of a modern cyber operation. Using a project-based approach, you'll engineer a complete offensive arsenal as you:
You'll also learn how to:
Whether your goal is to understand the enemy or to level up your penetration testing skills, Red Team Engineering will show you how to build professional-grade hacking tools that get the job done.
- Build full-stack credential harvesting apps with HTML, JavaScript, PHP, and MySQL.
- Create brute-force and password-spraying tools in Python to attack SMB services.
- Use Go to craft custom ransomware with encryption/decryption logic.
- Abandon manual server setups for reproducible, disposable infrastructure.
- Deploy C2 servers, redirectors, and phishing infrastructure on AWS.
You'll also learn how to:
- Tunnel through firewalls with reverse VPNs using OpenVPN and PiVPN.
- Manage fleet configurations at scale with Salt Project.
- Simulate execution of end-to-end scenarios like deploying a physical "dropbox."
Whether your goal is to understand the enemy or to level up your penetration testing skills, Red Team Engineering will show you how to build professional-grade hacking tools that get the job done.
商品描述(中文翻譯)
停止依賴黑箱工具,開始建立自己的工具。
攻擊性安全不僅僅是執行腳本;它是關於實施工程解決方案。紅隊工程將向您展示如何從滲透測試者轉變為紅隊操作員——帶您超越基本的利用技術,教您專業攻擊開發和基礎設施工程的「如何」。 經驗豐富的紅隊操作員Casey Erdmann將引導您完成現代網路操作的完整開發生命週期。通過基於項目的方法,您將工程化一整套攻擊武器,具體包括:- 使用HTML、JavaScript、PHP和MySQL構建全棧憑證收集應用程式。
- 在Python中創建暴力破解和密碼噴灑工具以攻擊SMB服務。
- 使用Go編寫自定義勒索病毒,包含加密/解密邏輯。
- 放棄手動伺服器設置,轉向可重複使用的、一次性基礎設施。
- 在AWS上部署C2伺服器、重定向器和釣魚基礎設施。
您還將學習如何:
- 使用OpenVPN和PiVPN通過反向VPN穿透防火牆。
- 使用Salt Project大規模管理車隊配置。
- 模擬端到端場景的執行,例如部署實體的「Dropbox」。
無論您的目標是了解敵人還是提升您的滲透測試技能,紅隊工程將向您展示如何構建專業級的駭客工具,讓您完成任務。
作者簡介
Casey Erdmann specializes in custom tool development and post-exploitation. A "hacker's hacker," he focuses on finding creative ways to make systems work in unintended ways. Erdmann is the founder of Injection Software and Security, LLC, and the creator of popular online courses as well as tools and exploits used by teams all over the world.
作者簡介(中文翻譯)
Casey Erdmann 專注於自訂工具開發和後期利用。他是一位「駭客中的駭客」,專注於尋找創造性的方法使系統以意想不到的方式運作。Erdmann 是 Injection Software and Security, LLC 的創辦人,也是受全球團隊使用的熱門線上課程、工具和漏洞的創作者。
