HN Books @HNBooksMonth

The best books of Hacker News.

Hacker News Comments on
Rtfm: Red Team Field Manual

Ben Clark · 3 HN comments
HN Books has aggregated all Hacker News stories and comments that mention "Rtfm: Red Team Field Manual" by Ben Clark.
View on Amazon [↗]
HN Books may receive an affiliate commission when you make purchases on sites after clicking through links on this page.
Amazon Summary
The Red Team Field Manual (RTFM) is a no fluff, but thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page. The RTFM contains the basic syntax for commonly used Linux and Windows command line tools, but it also encapsulates unique use cases for powerful tools such as Python and Windows PowerShell. The RTFM will repeatedly save you time looking up the hard to remember Windows nuances such as Windows wmic and dsquery command line tools, key registry values, scheduled tasks syntax, startup locations and Windows scripting. More importantly, it should teach you some new red team techniques.
HN Books Rankings

Hacker News Stories and Comments

All the comments and stories posted to Hacker News that reference this book.
hmm this content seems pretty dated. If they're looking at internal network enumeration, then it's missing most of the modern tools, if it's looking at external enumeration then it's not great as most of the ports they refer to are unlikely to be exposed externally...

If you want more up to date material in this kind of field, something like the Red Team Field Manual ( or "Advanced penetration testing" could be worth looking at.

yeah, it's a reference, if anything. not a practical "read" per se, but hey A+ for effort.

i get by using 4-5 commands and neovim, it's plenty for my sysadmin needs.

if you want a short 30page read that has most things, there's the red team field manual! i recommend having a copy

amazon link > Rtfm: Red Team Field Manual:

it's a no frills collection of commands grouped under topic/use case. command description is left to the user to lookup using the manpages.

Does anyone actually refer to a "cheatsheet" when they are hacking? Or do they just use Google? It makes me laugh to think someone has some of this stuff printed by their desk for an emergency. For example, "gcc -o exploit exploit.c".

Also, this looks like a ripoff of

I am not a pen tester, but I love paper cheat sheets on my desk. Currently: gdb, emacs, bash, operator precedance in C, register names/use in x86.
As recently as a few years ago I had a VI cheatsheet taped to my cubicle. For quick go-to commands when you're forgetful, things like this can be handy.
I am not a metasploit ninja, my job is mostly in design and defending systems. However, on occasion I'll need to demonstrate a pivot or exploit a common vuln to make a point to a DEV team. I might bust out the cheatsheet because that tool isn't I my muscle memory.
HN Books is an independent project and is not operated by Y Combinator or
~ [email protected]
;laksdfhjdhksalkfj more things ~ Privacy Policy ~
Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui officia deserunt mollit anim id est laborum.