EH-Net

Hello !
Someone has read this book ?
http://syngress.com/hacking-and-penetration-testing/Professional-Penetration-Testing/

I'm looking for a book with a lot of exercises for testing the method. In this book there is a DVD with some lessons, and i saw in the summary that we work on our virtual lab.

So if someone can tell me if it's a must buy or not it'll be cool ! Because of the price i'm not sure if i can buy it or not.

thanks !

PART I - Setting Up
Chapter 1: Introduction
Chapter 2: Ethics and Hacking
Chapter 3: Hacking as a Career
Chapter 4: Setting up Your Lab
Chapter 5: Creating and Using PenTest Targets in Your Lab
Chapter 6: Methodologies
Chapter 7: PenTest Metrics
Chapter 8: Management of a PenTest

PART II - Running a PenTest
Chapter 9: Information Gathering
Chapter 10: Vulnerability Identification
Chapter 11: Vulnerability Verification
Chapter 12: Compromising a System and Privilege Escalation
Chapter 13: Maintaining Access
Chapter 14: Covering Your Tracks

PART III - Wrapping Everything Up
Chapter 15: Reporting Results
Chapter 16: Archiving Data
Chapter 17: Cleaning Up Your Lab
Chapter 18: Planning for Your Next PenTest

Appendix A - Acronyms
Appendix B - Definitions

Try the Features tab at the top, then choose book reviews:

http://www.ethicalhacker.net/content/view/277/2/

Don

If you're looking for a book with step by step exercises, try this one as well: http://www.amazon.com/Practical-Hacking-Techniques-Countermeasures-Spivey/dp/0849370574/ref=sr_1_1?ie=UTF8&qid=1318884860&sr=8-1

He's coming out with a 2nd book soon too.

If you're looking for something to practice against, check out WebGoat or DVWA.  Both are intentionally insecure apps.  WebGoat has built in "lessons", and DVWA will give you three difficulty levels.  These will give you a ton of exercises to work on...

(Keep in mind that any machine you run these on instantly becomes vulnerable, take care.)

Thanks I didn't see the review.
Any comments from you about this book ?

The book itself seems mostly about how to managed a pentest project, but the two courses focus on the methodologies and how to put them into practice.

I wouldn't say it's an overly technical book and it's mainly for managerial type people.

If you just want to practice maybe set up your own lab if you want step by step guide to hacking I don't think there is one but there are a few good books that can help you.

there is also this resource that explain how to setup two labs
http://www.securityaegis.com/network-pentest-lab/ (http://www.securityaegis.com/network-pentest-lab/)

The application hackers handbook is most likely the best for web apps.
http://www.amazon.co.uk/Web-Application-Hackers-Handbook-Discovering/dp/1118026470/ref=sr_1_1?ie=UTF8&qid=1318927013&sr=8-1 (http://www.amazon.co.uk/Web-Application-Hackers-Handbook-Discovering/dp/1118026470/ref=sr_1_1?ie=UTF8&qid=1318927013&sr=8-1)

Gray hat hacking is another good one.
http://www.amazon.co.uk/Gray-Hacking-Ethical-Hackers-Handbook/dp/0071742557/ref=sr_1_1?s=books&ie=UTF8&qid=1318927037&sr=1-1 (http://www.amazon.co.uk/Gray-Hacking-Ethical-Hackers-Handbook/dp/0071742557/ref=sr_1_1?s=books&ie=UTF8&qid=1318927037&sr=1-1)

If you really new to security there a book called basic hacking
http://www.amazon.co.uk/Basics-Hacking-Penetration-Testing-Syngress/dp/1597496553/ref=sr_1_1?s=books&ie=UTF8&qid=1318927112&sr=1-1

i already have Gray Hat hacking but it's a lot of theory and not a lot of exercises.
I think in this book we find a little bit of everything but nothing is really explained step by step.

So this is not worth a 1-click from Amazon.  Thanks fellas.  ;D

Well this book is very good but for example the chapter on C and Python is very basic