EH-Net

I have been looking for a book to offer a general framework and pathway for identifying the basic fundamentals of pen testing. Admittedly, the length of the book (180 pages) made me question whether it would be possible to condense the material in a concise enough way to provide optimal value, or if it would prove to be skimming material that was a waste of money and time. I am overly satisfied with the book as it thoroughly explains the foundations of pen testing in a very enjoyable format. The author spent adequate time on all of the chapters, and reminds the reader to be sure to spend time on each of the topics in order to gain a true understanding of the topic. The tools mentioned in the book are vendor agnostic and should be a part of any pen testers arsenal. The SDLC of the pen test framework in this book is broken into four steps: Reconnaissance, Scanning Exploitation, & Maintaining Access. The author breaks down each phase with an explanation as to the importance of each phase, as well as specific tools and examples to use during each phase. He does a good job of emphasizing that penetration testing is more than just exploitation and using automated, script kiddie techniques. He accentuates that the recon & scanning phases provide great value to a pen tester breaking into the industry, explaining that good pen testers do more than push buttons in a pre-built tool. Though constantly overlooked, the final chapter focuses on the importance of customer service and reporting structures. A solid outline is given on how to identify customer needs and explain the remedy for their current findings. I am giving this title a 5-5 stars as it delivers exactly what is expected from the title.

I just have a doubt, I read some other Pen Testing beginners books like:

Hacking: The Art of Exploitation, 2nd Edition
Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition
Counter Hack Reloaded (2nd Edition)

I just want to know that what diffrence does this new book " The Basics of Hacking and Penetration Testing" make from the other books covering almost the same conecepts.

I think the (short) length of it really made it accommodating as well as covering topics in just the right level of depth for a "back to basics" approach.

I think this great book if you are total new to security but if you done a security course I dont think it will help that much

I'm reading through it right now. Splitting my time between it and  2 others. I'm still in the information gathering section and keep thinking how useless this is for what I bought it for. Just that section. Not the book as a whole.

I bought it to get a better idea of what kinds of attacks to use in a CTF, and things to look for. As for the info gathering section, I like the one in Hacking the Next Generation more. But for what the book is supposed to be (to get your feet wet), the section is ok.

I'm also not above admitting that I pulled the book out the other day to help a buddy. we were looking for a contact number for the hosting provider (Dream Host). While the book itself wasn't useful in that, it did give me an idea to do something that helped some. I found a large list of email and contact numbers.

That's exactly what I liked about it. If you want a back to basics, fundamentals book, I think it is perfect. Similar to how I rate movies, if something delivers exactly what I expect, I give it a perfect score. For example, is 300 the best movie of all time? No. But, is 300 exactly what you would want in a movie about Spartans fighting incredible battles and chopping limbs off in slow motion? Yes.

The purpose of the book is to outline the foundation of penetration testing, I think it accomplishes that quite succinctly.

I agree with the good reviews of this book. As a rookie to this security / pentesting game, it was a good book to point me in multiple new directions to expand my knowledge on my own. It was just enough to explain what it's all about without overloading on how. It's a good starting point.

I got this book very recently, I have been reading actively this week and really a good book, especially as jamie pointed, it is good for newbie who needs to understand about security/pen testing has its lifecycle and how informations are obtained.
V