The Cyber Plumber's Handbook

The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss.

Want to up your penetration testing skills and reach the dark corners of networks? Wish you knew how attackers pivot and move within networks? Are you maximizing the capabilities within SSH?

This book is packed with practical and real world examples of SSH tunneling and port redirection in multiple realistic scenarios. It walks you through the basics of SSH tunneling (both local and remote port forwards), SOCKS proxies, port redirection, and how to utilize them with other tools like proxychains, nmap, Metasploit, and web browsers.

Advanced topics included SSHing through 4 jump boxes, throwing exploits through SSH tunnels, scanning assets using proxychains and Metasploit's Meterpreter, browsing the Internet through a SOCKS proxy, utilizing proxychains and nmap to scan targets, and leveraging Metasploit's Meterpreter portfwd command. For the complete list of topics covered, check out the table of contents.

The book is a PDF packed with 80 pages of examples, code snippets, and figures to transform you into a Cyber Plumber! The book is available to download immediately after purchasing. Lastly, as part of giving back to the information technology community, this book is 75% off for students with an educational/student email address!

Purchase!$19.99 Student Discount!


Download a free sample of The Cyber Plumber's Handbook or check out the complete table of contents!


Penetration Test Team Lead

This is now required reading for every pen tester on our team. The book builds on each topic beautifully and is presented in a logical and comprehensive manner. A must for pen testers!

SOC Analyst

This book helped me understand how attackers pivot and move laterally within networks. We identified the abuse of the "netsh" technique within our network because of this book!

Red Team Manager

Utilized some of the techniques to build realistic purple teaming scenarios to improve our company's defenses.

OSCP Student

Could not have reached the "admin" network in the OSCP (Offensive Security Certified Professional) labs without this!


There is a 75% discount for students with an educational/student email address! Simply send an email to and you'll receive a discount code to purchase it for 75% off.


Brennon Thomas has 15 years of experience in information security, spanning computer network exploitation, penetration testing, exploit development, hunt, and software development. Brennon worked for the Air Force, in both active duty and civilian roles, and currently works for Rackspace as a Cyber Vulnerability Analyst, in which he open sourced Scantron, a distributed nmap scanning platform. He founded Opsdisk LLC, a cyber security solutions company, currently developing PhishBarrel, a phishing prevention platform. In his diminishing spare time, he conducts host-based vulnerability assessments using the Synack bug bounty platform in enterprise-level IT networks.

He received his BS in Electrical Engineering from Rensselaer Polytechnic Institute, MS in Computer Security from the Air Force Institute of Technology, and earned his OSCP from the University of #TryHarder.

Refund Policy

No refunds. If you have a question about what content is in the book, please check out the Table of Contents or contact us.