Shawn Evans

I often compare security professionals to magicians. These are individuals who retain such deep knowledge of protocols, networks, applications, and security that the act of exploiting flaws in well-designed products is magic to the untrained observer. It’s all sleight of hand to a certain degree. This is mostly true for security professionals, but you’re probably in the wrong profession if seeing a reverse shell doesn’t feel a bit like magic. Hollywood has aided in perpetuating this persona. Traditional security professionals (aka “hackers”) are portrayed as being forever engaged in a black and green terminal screen, furiously typing esoteric commands that result in page after page of scrolling binary data.

While these analogies and stereotypes are a stretch, it’s worth acknowledging that some of it is rooted in fact. I entered the field of cybersecurity more than fifteen years ago having never familiarized myself with Linux or Unix systems. I observed colleagues formatting unstructured data with a few Bash commands and then sending that data to an HTTP proxy tool with a few more. It might as well have been magic. Today, hardly a day passes without me extensively utilizing a familiar black and green Bash terminal to carry out penetration assessments with increased effectiveness.

Having a fundamental understanding of Bash basics provides significant ...