• Snowming, a Chinese tourist, is a popular tourist destination
  • The Hacker Playbook 3

Read and download PDF

disclaimer

@snowming is translating this book purely for learning purposes and personal interest. I undertake not to use this translation for any financial gain of any kind. And resolutely refuse to let anyone else profit from it.

This translation is for reference only, not for commercial use. Snowming reserves the right of authorship and other rights in this translation.

The translator shall have nothing to do with the use of this translation for any infringement or violation of the intellectual property protection Law. The translator firmly opposes such behavior.

In the spirit of open source, translators welcome all reposts based on learning and research purposes, but any reposts must indicate the source.

The translator’s words

This is The third edition of The Hacker Playbook, which is also known as The Red Team edition. Because the book is written from the perspective of red and blue against red team in China.

First of all, I’m sorry, because my translation may not be particularly good. First of all, THE whole book was translated by me alone in three weeks, because I am about to graduate from master’s degree, so IT is impossible for me to spend too much time on it. Moreover, this book is highly professional and is not a popular science reading. And the translator’s professional level is limited, so maybe the understanding of this book is also limited by my professional level. However, the translator has done his best to translate this book with the utmost sincerity. The effect I seek is to complete the connection between the author of this book and the Chinese reader. Based on this goal, my translation principles are as follows:

  1. For each sentence, I did not simply translate it into Chinese on the level of meaning, but translated it according to my own understanding. I have a point: in that case, what’s the difference from Google Translate? Therefore, I will understand each sentence of the author on the basis of the meaning of the word, refer to relevant materials, and combine the meaning of the word, sentence and professional knowledge background to translate. So you can see that I’ve posted some supplementary material here and there. I hope my translation will keep the author’s original intention and be more in line with the Chinese. If there was any confusion, I discussed it with a few friends in the security industry who were more experienced than I was. After all, I was so young that it would be my fault if MY superficial understanding misled readers. For each sentence, I will only post it if I make myself readable.
  2. Because Chinese and English are indeed different, not every English sentence can be expressed in the same way in Chinese, and inevitably there are some strange translations. In this case, I would search the Internet based on keywords and refer to translations such as Microsoft’s Chinese documents, preferably following their translation conventions. Because there is no doubt that professional Microsoft documentation engineers are better than I am.
  3. I clicked all the links in the translation by myself. Although I couldn’t access some of the English PDF links I got, I tried my best to restore the author’s original intention and found the correct links through Internet search. I will also add a note for other outdated links. It must be noted here that, in fact, some links have been broken constantly, and many of them have been broken in the last three weeks of my translation until I have finalized it today. I can only post the most recent links.
  4. Some technical terms are reserved for English usage, because this book is not a popular science book after all. A lot of security professionals around me, they don’t refer to payload as an attack payload. So in this book, the payload is used except for the first time you encounter the attack payload. Similar terms include Beacon, POC, AD, etc.
  5. Some tools keep their options in English. If translated into Chinese, the option may not be available to readers, making it inconvenient and self-defeating.
  6. I think, therefore I am confused. There are also many blind spots in the book that I can’t read and don’t quite understand. I looked it up as I read it, but THEN I thought, why not share what I found that I thought was good? That’s where those [translator’s notes] in my translation come from. Since I use this translation as a book + notebook, there are many links because I have to read it myself. If you don’t watch it, ignore it. And, since this is a Chinese translation, the reference materials I share are mainly Chinese materials. English link is I think especially good articles will be attached.
  7. I got the English PDF version, there are some problems in the code. Take this line from the original code in the bookPython SharpShooter. Py - interactive. but-It should be--. There are many such errors in this book. Therefore, according to the translator’s experience:-If you can’t get away, the reader can substitute for---Let’s try it. Maybe we can get it through. If you can’t run again, you can search on the Internet.
  8. PDF version, if used[]Bracketed links are not accessible, please observe the URL and delete as appropriate], generally can access.

Read the advice

  1. Start with a general understanding of what each chapter is about. For example:
  • Chapter 1 Environment Construction
  • Chapter II Information Collection
  • Chapter 3 Web Vulnerability exploitation
  • Chapter four Horizontal mobility of Intranet and permission promotion
  • . Having this simple catalog in mind will help you finish the book with an idea of the red Team workflow.
  1. Make a quick list of all the tools mentioned in this book that you think are good, based on their purpose. I think you can use this article to build a collection of tools for different stages of penetration testing

  2. This book is a foreign language book after all, and some tools are not suitable for the domestic environment. It’s your choice.

Some thoughts on this book

Technology moves so fast that some of the tools in this book may be outdated. We don’t have to follow the book blindly, we can combine some of our own thinking.

Chapter 7, for example, might be a little out of date. But the recompilation of MSF in Chapter 7 is all about:

  1. Eliminate MSF traffic fingerprint as much as possible;
  2. [Improved] Enhanced static immunity of MSF payload
  3. Add custom functionality (interaction with C2, dynamic execution, traffic optimization).

If you think about this, it’s a lot easier to see and understand how it works. At present, the secondary development of attack framework is basically doing so, the idea is the same, but the way of implementation is different, but all changes are the same, we can still get some enlightenment from the secondary development ideas in the book.

And the author of this book makes a point that I think is very interesting. The Red team’s technology, he says, is based on the repeated cycles of the OSI seven layers. The authors even add an eighth layer of social engineering attacks. If you finish reading this book, you’ll see that, yes, there are physical-layer, transport-layer tools available at…… All the way to social engineering attacks. The authors argue that when all defenses are close to perfect, we can still use an eighth level, social engineering attack to infiltrate. And as new technologies grow larger and more complex, some of the old vulnerabilities emerge. Traditional methods of attack will find new life.

That’s probably why we read books like this. It is better to teach people to fish than to give them fish. Some tool viruses will be reversed and signed by security vendors soon after they come out. But if we learn how to slay the dragon, then we can cope with all change without changing. I learned a lot from the author’s guidance in this book. The author not only goes further, but also tells us why programming ability is important for security personnel and why we need to understand the underlying…… I’m sure if you read carefully, you’ll get as much out of it as I did.

On error handling in translation

Inevitably, there are still many problems in the translation of this book, so you can actively raise issues to me, including the full and half corners of punctuation marks. Thanks in advance.

In addition, error corrections will be updated in real time on the UPDATE page of the warehouse.

Special thanks to

In the process of translating this book, I also gained friendship. For a word we can discuss for a long time, such peers, let me deeply feel that I did not choose the wrong direction. Thanks to the following friends for proofreading support:

  • Mr. Aso
  • Anonymous jack
  • Victor Zhu
  • thrush
  • leitbogioro

Thanks also to the following friends who are willing to discuss the book with me:

  • thrush
  • Mr. Aso
  • Anonymous jack
  • googu0

We would like to express our sincere thanks for your help.

agreement

CC BY – NC – SA 4.0

What’s More

Welcome to join 360 enterprise Security Advanced attack and Defense Department!