A practical, detection-aware guide to designing and building custom red team tools that survive in modern enterprise environments. Red Team Toolcraft teaches offensive and defensive security professionals how to reason about tooling behavior through the lens of SIEMs, EDRs, and logging pipelines, and how to use that insight to build bespoke tools engineered for evasion rather than convenience.
Modern enterprises are saturated with telemetry. Endpoint agents, centralized logging, behavioral analytics, and automated detections have made off-the-shelf red team tools increasingly brittle and predictable.
Most red team tools fail not because they’re buggy, but because they behave in ways detection systems are designed to notice. Red Team Toolcraft teaches readers how to think, design, and build differently.
Instead of showing how to run popular frameworks, this book focuses on how offensive tools actually behave in monitored environments and why that behavior so often gives them away. The authors walk readers through the foundations of detection-aware tool design, explaining how payload structure, execution flow, and environmental interaction influence visibility across modern detection stacks.
Each chapter centers on modular, adaptable examples that show not just what works, but why it works. Readers learn how small design decisions surface in logs, alerts, and behavioral analytics, and how thoughtful toolcraft can reduce detection while still achieving realistic adversary objectives.
The result is a field-ready reference for red teamers who need to build their own tools when public ones fail, and for detection engineers and threat hunters who want a clearer view of how advanced operators design tooling to evade automated defenses.
"synopsis" may belong to another edition of this title.
Dennis Chow is an experienced practitioner in penetration testing, cloud security, security engineering, and detection engineering. He has supported offensive and defensive cybersecurity teams at Amazon Web Services and consulted for multiple Fortune 500 companies and U.S. government agencies. He holds GIAC Security Expert certification #288 along with GXPN, GREM, and numerous other credentials.
Michael LaSalvia is an information security leader with more than two decades of experience in offensive security, red teaming, and penetration testing. He has built and led advanced adversary simulation and red team programs for global enterprises including Fidelity National Financial, KPMG, Pfizer, and GSK, and holds certifications such as OSCP, GXPN, GCIH, GMOB, and CISSP.
"About this title" may belong to another edition of this title.
Seller: PBShop.store UK, Fairford, GLOS, United Kingdom
PAP. Condition: New. New Book. Shipped from UK. Established seller since 2000. Seller Inventory # DB-9781718505049
Quantity: 2 available
Seller: Grand Eagle Retail, Bensenville, IL, U.S.A.
Paperback. Condition: new. Paperback. If your tooling is public, it's already known.Defenders have studied every public offensive framework. They know Cobalt Strike's beacon patterns, Metasploit's shellcode signatures, and the behavioral fingerprints of every commodity implant. Once it's known, the tool gets burned.As a red teamer, your job is to get in. When defenders know your tools, they know your moves-and you don't get in. Evasion Engineering teaches you to build custom offensive tooling in Go by understanding what modern defenses actually target and building around them.You'll construct network enumerators, C2 implants, lateral movement tools, obfuscated loaders, and covert exfiltration channels. Each chapter then flips the perspective- the same techniques, examined from the detection side. Build the tool. Understand how it gets caught. Build better.Dennis Chow (GIAC Security Expert #288) and Michael LaSalvia bring 36 combined years of experience inside Fortune 500 red team programs. They treat payload development as an engineering discipline- robustness, reusability, and reliability built in from the start, not bolted on after the fact.You'll learn to-Build enumeration tools that don't match known signaturesDevelop C2 implants with custom protocols that bypass network inspectionImplement lateral movement via autonomous worm mechanicsCreate hybrid-packed payloads that defeat AV and EDRExfiltrate data through covert channels under active monitoringMap every technique to its detection surface and validate your resultsIf you've been relying on tools the defender already knows, this book is where that changes.Requires Go 1.21.x and higher and Python 3.x Shipping may be from multiple locations in the US or from the UK, depending on stock availability. Seller Inventory # 9781718505049
Seller: California Books, Miami, FL, U.S.A.
Condition: New. Seller Inventory # I-9781718505049
Seller: THE SAINT BOOKSTORE, Southport, United Kingdom
Paperback / softback. Condition: New. New copy - Usually dispatched within 4 working days. Seller Inventory # B9781718505049
Quantity: 3 available
Seller: Majestic Books, Hounslow, United Kingdom
Condition: New. Seller Inventory # 408698446
Quantity: 3 available
Seller: Revaluation Books, Exeter, United Kingdom
Paperback. Condition: Brand New. 256 pages. 7.13x0.61x9.25 inches. In Stock. Seller Inventory # __1718505043
Quantity: 2 available
Seller: Revaluation Books, Exeter, United Kingdom
Paperback. Condition: Brand New. 256 pages. 7.13x0.61x9.25 inches. In Stock. Seller Inventory # xr1718505043
Quantity: 2 available
Seller: Russell Books, Victoria, BC, Canada
paperback. Condition: New. Special order direct from the distributor. Seller Inventory # ING9781718505049
Quantity: Over 20 available
Seller: Books Puddle, New York, NY, U.S.A.
Condition: New. Seller Inventory # 26405504401
Seller: Rheinberg-Buch Andreas Meier eK, Bergisch Gladbach, Germany
Taschenbuch. Condition: Neu. Neuware -If your tooling is public, it's already known.Defenders have studied every public offensive framework. They know Cobalt Strike's beacon patterns, Metasploit's shellcode signatures, and the behavioral fingerprints of every commodity implant. Once it's known, the tool gets burned.As a red teamer, your job is to get in. When defenders know your tools, they know your movesand you don't get in. Evasion Engineering teaches you to build custom offensive tooling in Go by understanding what modern defenses actually target and building around them. You'll construct network enumerators, C2 implants, lateral movement tools, obfuscated loaders, and covert exfiltration channels. Each chapter then flips the perspective: the same techniques, examined from the detection side. Build the tool. Understand how it gets caught. Build better.Dennis Chow (GIAC Security Expert #288) and Michael LaSalvia bring 36 combined years of experience inside Fortune 500 red team programs. They treat payload development as an engineering discipline: robustness, reusability, and reliability built in from the start, not bolted on after the fact.You'll learn to:- Build enumeration tools that don't match known signatures - Develop C2 implants with custom protocols that bypass network inspection- Implement lateral movement via autonomous worm mechanics- Create hybrid-packed payloads that defeat AV and EDR- Exfiltrate data through covert channels under active monitoring- Map every technique to its detection surface and validate your resultsIf you've been relying on tools the defender already knows, this book is where that changes. Requires Go 1.21.x and higher and Python 3.x 256 pp. Englisch. Seller Inventory # 9781718505049