This book is on my whish list after i finish my Dive into Python

I have avira, it's not a bad one. At work they got Symantec, it's not as bad as i thought 

Congrats to all the winners !! You got really nice prizes this month !!

i think he's speaking about challenges on EHnet like in Skillz section like The Nightmare Before Charlie Brown's Christmas

so what do you have when you run the command show exploits ?
and can you look for a particular exploit using the command search ?

i've read it and it's a good book to have an overview of Pentesting. A lot of screenshots help to understand the basics. But the  chapters are very short and no subject is covered in depth. For ewample only 12 pages on nessus/metasploit...
So the beginner will have to go for another book very quickly.

by the way do you use Burp suite or the professionnal version ?

I've not read it but i have the first one which is pretty good. I didn't know a lot of things about web pentest but i have understood a lot with it.
It's better if you have some knowledge with HTTP/SQL/JAVA but the book covers the basic.

Moreover you can use the book with the lab MDSEC if you don't care about the price.

H, you have a nice post here : http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,8043.msg43537/#msg43537

Some people were talking about the different career path.

The more you 'll learn before the more you'll be prepared 

This year is called "year of hackers" beacuse of the number of attack on various site.
You can find a large list of all the attacks made by different groups on the web.

Jan. 4: Anonymous uses distributed denial of service (DDoS) attacks to take down Tunisian government websites.

Jan. 10: Anonymous hacks Irish centre-right party Fine Gael, defacing its website and accusing it of censorship.  Over 2,000 party-member accounts are compromised.

Jan. 18: Members of griefer group Goatse Security are charged by the U.S. Federal Bureau of Investigation for their role in exposing iPad user information.

Jan. 28: British police arrest five alleged members of Anonymous.

Jan. 28: CNET reports that Goatse Security's homepage is defaced by an ex-member.  We reveal that this appears to be a publicity stunt, though for the record a spokesman for the group firmly denies this.

Feb. 3: Anonymous members uses DDoS to take down the websites of the Egyptian government during the revolution against dictator Hosni Mubarak.

Feb. 5-6: HBGary, a security contractor is hacked by Anonymous via SQL injection, social engineering, and other tactics. 68,000 emails are dumped, including ones that implicate that the Bank of America hired HBGary to try to attack Wikileaks.

Feb. 10: Chinese hackers steal information from seven oil companies in an operation dubbed "Night Dragon".

Feb. 10: White paper states that iPhone passwords can be exposed via a jailbreak-driven attack.

Feb. 17: China implicated in "unprecedented" attack on Canadian government servers.

Feb. 24: Ex-soldier hacktivist "The Jester" (th3j35t3r) takes down hate websites of the Westboro Baptist extremist Christian cult.

Feb. 27: Anonymous begins attacks on Koch Industries, Inc., an American manufacturing conglomerate who spent millions lobbying against unions and paid massive campaign contributions towards Wisconsin's "union buster" Governor Scott Walker.

Mar. 1-6: Malware forms a botnet of 260,000 Android phones, Google Inc. (GOOG) offers a tool to remove the offending rootkit.

Mar. 7: Unknown parties make off with $1.2M USD Microsoft Corp. (MSFT) via points scam.

Mar. 14: Anonymous releases grabbed documents indicating that a Bank of America property possibly committed foreclosure fraud.

Mar. 18: Security firm RSA reports that its been hacked.

April 2: Anonymous launches a DDoS attack against Sony Corp. (TYO:6758) in response to litigation against hardware hacker George "GeoHot" Hotz.

April 4: Epsilon Data Management LLC is hacked, revealing millions of users' email and contact information.  Affected companies include US Bank; TiVo, Inc. (TIVO); JPMorgan Chase & Co. (JPM); Verizon Communications, Inc. (VZ); Capital One Financial Corp. (COF); Marriott International, Inc. (MAR); the Ritz-Carlton Hotel Company LLC; Citigroup, Inc. (C); Brookstone, Inc.; McKinsey & Co., Inc.; the Kroger Comp. (KR); Walgreen Comp. (WAG); India's Jet Airways (BOM:632617); Kraft Foods Inc. (KFT); Best Buy Co., Inc. (BBY); Robert Half International Inc. (RHI); and Ameriprise Financial, Inc. (AMP).

April 17-19: PlayStation Network is hacked, 77 million records compromised.  Anonymous is later implicated by Sony in the hack, but most believe that the greater collective was not involved.  Sony Online Entertainment is also breached, 24 million records lost.

April 19: Hacker threatens to breach U.S. wind facility, showing limited access information.  Attack is later ruled harmless.

April 26: Sony announces that the PSN was hacked.

May 2: SOE announces that its customer database was breached.

May 7: Sony sweepstakes site is hacked via a simple Google Search, 2,500 records lost.

May 7: FOX's X-Factor TV show contestant database leaked in SQL injection attack by LulzSec.

May 10: LulzSec leaks FOX's website admin accounts, employee passwords, and a sales database.

May 15: LulzSec leaks a database of UK ATM information, including who owns machines, where they're located, etc.

May 17: Android authentication tokens compromised due to insecure API.

May 20: Sony is found to be hosting a phishing page on its servers, courtesy of hackers.

May 20: Employees at several Apple, Inc. (AAPL) Genius Bar locations report (according to Ars Technica) that 1 in 20 Mac computers is infected with the MacDefender trojan, Apple orders its techs to feign ignorance on the topic.

May 21: Unknown parties steal $1,220 in virtual currency from 128 accounts on a Sony-owned internet services provider (ISP).

May 21: Hacker "k4L0ng666" defaces Sony Music Indonesia website via SQL injection.

May 22: Hacker "b4d_vipera" defaces Sony BMG Greece website, takes 8,500 records via SQL injection.

May 23: LulzSec leaks contents of Sony's Japanese websites (no user records) via an SQL injection attack.

May 24: Sony Canada loses 2,000 some records in an SQL injection attack by Lebanese hacker group Idahc.

May 25: Sony promises affected customers a year of free identity theft protection.

May 29: PBS is hacked by LulzSec after the hackers take issue with its coverage of Wikileaks.  Hackers post fake news stories and deface its page, and wreak havoc on its servers.

May 30: Information from RSA hack is used to penetrate Lockheed Martin Corp. (LMT) servers, Chinese connection is suspected.

June 2: LulzSec uses SQL injection to scoop a reported 1 million records off a Sony Pictures sweepstakes website.  Sony claims the actual number is only 38,000 accounts compromised.

June 2: Sony BMG Netherlands and Belgium have 1 million records exposed via SQL injection from unknown parties.  Records include user names and plaintext passwords.

June 2: Gmail accounts are hacked, Chinese government is fingered, as accounts belonged to Chinese dissidents; advocacy groups.

June 2-3: In a spat over a particular user LulzSec DDoSs popular hacker magazine 2600's IRC chat servers and proxy servers.  The dispute is eventually resolved after members and publication admins have a chat.

June 3: Names, photos, and email addresses of 120 developers lost in a SQL injection attack on Sony Europe database.

June 3: FBI affiliate Infragard is hacked by LulzSec, emails and more released.

June 3: LulzSec warns Japanese game maker Nintendo (TYO:7974) of gaping hole in its online security.

June 5: Anonymous publishes the names, passwords, and email addresses of several prominent Middle Eastern politicians.

June 5: Sony Pictures Russia is breached via SQL injection, user records from several databases are dumped to Pastebin.

June 6: Sony BMG's internal network is mapped by LulzSec in new breach; SCE developer code is also taken.

June 8: SQL injection attack drops yet more records from Sony Music Portugal, Idahc claims responsibility.

June 8: LulzSec hacks "unhackable" webpage from security firm Black & Berg Cybersecurity Consulting, LLC and refuses cash prize, saying they "did it for the lulz."

June 9: Using Low Orbit Ion Cannon (LOIC) DDoS attacks, Anonymous targets Turkey for "censorship".

June 10: LulzSec posts admins records, accounts of government officials purloined from databases of pornographic websites.

June 10: A group calling themselves "Anonymous India" attacks the Indian army website with DDoS attacks.

June 12: LulzSec publishes a thorough network intrusion of Bethesda Softworks and ZeniMax Media that includes source code, network mappings, and more.  Group doesn't publish user information because it says "[W]e actually like this company."

June 12: U.S. Senate servers are hacked by LulzSec, though classified servers are not penetrated.

June 12: Spanish police arrest three alleged members of Anonymous.  Anonymous responds with a DDoS takedown of Spanish police websites.

June 14: "Titanic Takeover Tuesday" is launched by LulzSec.   The group strikes gaming magazine The Escapist, the servers of EVE Online, the site of government contractor software firm Finfisher, servers for Minecraft, and servers for League of Legends, a MMORPG.

June 14: Anonymous targets U.S. Federal Reserve Chairman Ben Bernanke, via a post on their ops site.  It is unclear whether any attacks materialized.

June 14: Turkey arrests 32 alleged members of Anonymous, group vows revenge.

June 14: In a Pastebin posting Anonymous condemns the attacks on the Indian government, saying they were perpetrated by an "imposter".

And the year is not finished....

By the way, i got mine today and it's a very very good card, nothing to compare with my intel bgn on my laptop.

if you want to learn pentesting it's better to buy a wifi card, you will be able to learn more things than with an app in your phone

why don't you buy a wireless card for your PC ? it'll be a better option.

What do you want to do with it ?