This book is a collection of ideas, tricks and skills that could be useful for Hackers. It’s a unique extraction reference, summarizes a lot of research and experience in order to achieve your w00t in shortest and smartest way. Rubyfu is where you’ll find plug-n-hack code, Rubyfu is a book to use not to read, it’s where ruby goes evil.
Who should read this book?
Ideally, Hackers!; Those who have enough experience to hack our world and have at leastbasics in Ruby programming language. To get the best benefits of the book, open Rubyfu.net and pin its browser tab; Use irb/pry as interpreter to run the code or run it as script; Enhance the code to fit your needs and yeah, tweet the code and its output to @Rubyfu to share it with our awesome community.
Organization of the book
Module 0x0 | Introduction
Module 0x0 is just a smooth start for you, whether you’re a reader, writer, hacker or someone came to say hi. In this module you’ll find a great start for you as a contributor, where all kinds of contributions are welcome starting from proofreading ending to topic writing.
Module 0x1 | Basic Ruby Kung Fu
Module 0x1 is an awesome collection of the most commonly needed String manipulation, extraction and conversion. Dealing with real cases that you might face during your hack. Dealing with encoding and data conversion could be trivial or complex topic and here we don’t care, we’ll solve it.
Module 0x2 | System Kung Fu
Module 0x2 digs more in system hacking, where the system command, file manipulation, cryptography and generating the common hashes are needed. Getting bind and reverse shell with really simple ways requires skill you need no doubt. Almost all Linux systems are shipped-up with ruby and if it doesn’t?, no problem we’ll get rid of it.
Module 0x3 | Network Kung Fu
Module 0x3 dives deeper in the network sockets, protocols, packet manipulation, more service enumeration ways and gives us more hacky and awesome code to get the job done. Working with network protocols need a deeper knowledge of how these protocols work in order to exchange understandable data and yeah, we’ll figure it out right here.
Module 0x4 | Web Kung Fu
Module 0x4 web is the most common place to share information, however, it’s a more delicious place to hack. Dealing with web known with its uniqueness for dealing with many and many technologies in one page only. Here we’ll know how to deal with GET, POST requests, web services, databases, APIs and manipulating the browser to make it our soldier.
Module 0x5 | Exploitation Kung Fu
Module 0x5 whatsoever the vulnerability was, remote (FTP, IMAP, SMTP, etc.) or local (file format, local system) you’ll need to know how to build fuzzers and skeleton exploit for that. If you get there you’ll need a simple, clean and stable way to build your exploit. Here you’ll know how to build your fuzzer, exploit and porting your exploit to Metasploit and how to write your own Metasploit modules too.
Module 0x6 | Forensic Kung Fu
Module 0x6 whoever you’re, good or bad guy you’ll need forensic skills in your hack and/or investigation. Here you’ll learn more how to deal with registry extracting browsers’ information and much more.