What do you think?
Rate this book
Rtfm: Red Team Field Manual
The Red Team Field Manual (RTFM) is a no fluff, but thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page. The RTFM contains the basic syntax for commonly used Linux and Windows command line tools, but it also encapsulates unique use cases for powerful tools such as Python and Windows PowerShell. The RTFM will repeatedly save you time looking up the hard to remember Windows nuances such as Windows wmic and dsquery command line tools, key registry values, scheduled tasks syntax, startup locations and Windows scripting. More importantly, it should teach you some new red team techniques.
198 pages, Kindle Edition
First published February 11, 2014
52 people are currently reading
1756 people want to read
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 30 of 35 reviews
April 2, 2016
How come this book is not illegal? It contains so many hacks and tricks on so few pages. This is not a book you read from start to finish. You skim it quickly to get a view of what it contains, and then remember the rationale behind the commands. Then look up the actual command once you need it.
February 20, 2020
This book is essentially a decade's worth of notes from an experienced network security engineer or pen tester. It looks like someone published an evernote notebook. Formatting is inconsistent and at times confusing. There is a fair amount of duplication. Placeholders are inconsistent. There is no descriptive text or explanatory notes. It is a list of commands, and nothing more.
February 28, 2018
Perfect little reference manual when you can't remember certain commands.
October 8, 2018
What's that switch for udb only and grabbing headers in Nmap? What's the Powershell command to up priveliges and check running procs? Ncat in stego for shell? I keep my RTFM right next to my BTFM. RTF RTFM & BTFM! ;-)
April 6, 2015
Useful even with your blue hat on.
Read
January 14, 2026I’m from South Carolina, and on 5 August 2025, $422,000 USD was transferred out of my Ledger Nano X via Ledger Live without my authorization.
I immediately reported the incident to Ledger Live and also engaged BitReclaim Smart Contract Audit Services in San Diego expert blockchain forensic investigators.
Through their investigation, we discovered that my device had been targeted by a DDoS attack and that I had unknowingly clicked on a phishing link. This gave the attackers access to my funds.
I opened a formal recovery case with FORENSIC HACKERS and asked them exactly what information they needed, the cost involved, and the percentage possibility of success for retrieving my assets.
Today, I’m beyond grateful to share that I’ve received 3.87 BTC safely back into my CryptoSwift wallet. This is by far the best thing to have happened to me and my family this August.
For anyone who finds themselves in a similar nightmare time is critical, and working with experienced blockchain forensic professionals like BitReclaim can make all the difference.
Email: forensichackersweb@gmail.com
I immediately reported the incident to Ledger Live and also engaged BitReclaim Smart Contract Audit Services in San Diego expert blockchain forensic investigators.
Through their investigation, we discovered that my device had been targeted by a DDoS attack and that I had unknowingly clicked on a phishing link. This gave the attackers access to my funds.
I opened a formal recovery case with FORENSIC HACKERS and asked them exactly what information they needed, the cost involved, and the percentage possibility of success for retrieving my assets.
Today, I’m beyond grateful to share that I’ve received 3.87 BTC safely back into my CryptoSwift wallet. This is by far the best thing to have happened to me and my family this August.
For anyone who finds themselves in a similar nightmare time is critical, and working with experienced blockchain forensic professionals like BitReclaim can make all the difference.
Email: forensichackersweb@gmail.com
March 24, 2020
A rather unusual book. It's for those that know what they are doing in regards to system administration, programming, and well, other things. Good book to have as a reference should the Internet ever become restricted or not available to the public.
July 17, 2025
ɪ ᴀꜱᴋᴇᴅ ᴛʜɪꜱ ᴛᴇᴀᴍ ᴛᴏ ᴜɴʟᴏᴄᴋ 2 ꜰɪʟᴇꜱ ᴀɴᴅ ᴛʜᴇʏ ᴅɪᴅ ɪᴛ ɪɴ 24 ʜᴏᴜʀꜱ. ᴛʜᴇ ᴏɴʟʏ ɪꜱꜱᴜᴇ ɪ ꜰᴀᴄᴇᴅ ᴡᴀꜱ ᴛʜᴀᴛ ᴛʜᴇʏ ᴅɪᴅ ɴᴏᴛ ᴀᴄᴄᴇᴘᴛ ᴄʜᴇᴄᴋ ᴘᴀʏᴍᴇɴᴛ. ʏᴏᴜ ᴄᴀɴ ꜱᴇɴᴅ ᴊʙᴇᴇ ꜱᴘʏ ᴛᴇᴀᴍ ᴀ ᴅᴍ ᴏɴ ᴇᴍᴀɪʟ ᴄᴏɴʟᴇʏᴊʙᴇᴇꜱᴘʏ606@ɢᴍᴀɪʟ.ᴄᴏᴍ
September 14, 2025
Good read(s), lots of useful commands. Many good moments of "Oh, this command exists, I should use it more often" when I occasionally browse through this book. Unfortunately, I was unable to find any other suitable use case for this field manual.
August 24, 2017
This book lives in my backpack
January 21, 2018
One of our textbook in class. It’s useful when you know what you are doing and looking for. Don’t get deployed in the field without it.
April 3, 2018
Use this book on a daily basis. Has a good foundation for a variety of commands and example syntax, flags and other useful knowledge. Must have for anyone who does this sort of work.
February 16, 2019
Great manual with good.code!
September 21, 2019
Best book ever.
March 16, 2020
Absolutely essential. A classic. Brilliant. A must to have for anyone remotely connected to cybersecurity. Massively recommended!
November 19, 2020
Bit outdated, extremely useful
November 28, 2020
This is a reference manual to help spur your thoughts, and remind yourself of useful commands and switches. Not a how-to guide.
August 9, 2021
Incrível ferramenta para se ter caso trabalhe diariamente em auditoria de sistemas informáticos.
Currently reading
February 13, 2022nothing
Read
April 30, 2022None
June 5, 2022
No a book you read cover to cover but a glorious resource.
January 28, 2026
Muy buenos comandos para Linux, Windows y más.
February 12, 2017
A great general pocket reference for any computer geek.
April 9, 2020
Unimpressed.
As another reviewer stated, it does indeed look like an Evernote dump.
This really is just a list of consolidated syntax/notes for someone who might want to experiment with many CTF (Capture the Flag) type events? I can't imagine a truly seasoned and experienced penetration tester physically carrying around a book like this and using it as a practical reference. No way.
I really didn't get much value out of this book.
If you're reading this review and you are trying to come to a decision point for purchase... if you have an "above average knowledge base" ... I would not recommend. You would be better off using free and more accessible online resources.
As another reviewer stated, it does indeed look like an Evernote dump.
This really is just a list of consolidated syntax/notes for someone who might want to experiment with many CTF (Capture the Flag) type events? I can't imagine a truly seasoned and experienced penetration tester physically carrying around a book like this and using it as a practical reference. No way.
I really didn't get much value out of this book.
If you're reading this review and you are trying to come to a decision point for purchase... if you have an "above average knowledge base" ... I would not recommend. You would be better off using free and more accessible online resources.
April 4, 2014
Incredibly useful, concise book. Essential for Red Teamers. The book is filled with pages and pages of commands, scripts, and tables for a variety of devices, operating systems, and application software.
*nix
Windows
Networking
Tips ans Tricks
Tool Syntax
Web
Databases
Programming
Wireless
References
Each section dives into specific platform information. In other words, the database section contains utilities and scripts for MS-SQL, Oracle, PostGres, and MySQL.
*nix
Windows
Networking
Tips ans Tricks
Tool Syntax
Web
Databases
Programming
Wireless
References
Each section dives into specific platform information. In other words, the database section contains utilities and scripts for MS-SQL, Oracle, PostGres, and MySQL.
June 1, 2017
A must to have reference for red teams
That small book contain the almost every single command I would need in penetration testing
totally recommended
and yet you can have a look at pwnwiki.io :)
That small book contain the almost every single command I would need in penetration testing
totally recommended
and yet you can have a look at pwnwiki.io :)
December 13, 2014
Great reference manual to have on your desk. Far from complete, but not bad at all.
December 13, 2014
Full of really useful stuff
December 25, 2015
Content was taken almost word for word from pwnwiki.io which is shady considering Ben didn't assist with that project
Displaying 1 - 30 of 35 reviews