HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 36 guests and 1 member online
 
Advertisement

You are here: Home arrow Featuresarrow Book Reviewsarrow Recomended book for Pen Tester
EH-Net
May 22, 2013, 02:07:29 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: 1 [2] 3 4   Go Down
« previous next »
  Print  
Author Topic: Recomended book for Pen Tester  (Read 45778 times)
0 Members and 1 Guest are viewing this topic.
jaso
Newbie
*
Offline Offline

Posts: 5


View Profile
« Reply #15 on: May 17, 2011, 01:32:28 PM »
I enjoyed the first half of Professional Penetration Testing for its insight into the team/business aspect or pentesting. The second half was good as well.

Hacking Exposed was good. I'm thinking of picking up the wireless book. Its an easy read because its broken down into the different steps of a pen test, and then broken down further into tools/vectors. For someone like me who fits reading in here and there and not in big chunks, I could break it down easily and not have to stop mid thought.

Hacking: Art of Exploitation

Currently reading Reversing: Secrets of Reverse Engineering.
Logged
Agoonie
Full Member
***
Offline Offline

Posts: 176



View Profile WWW
« Reply #16 on: May 17, 2011, 01:40:41 PM »
Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques

I have not had the chance to read it yet but it has been recommended on this site many times.  It seems like a very good read especially if you want to use "uncommon" techniques for pentesting.  I am currently reading Dissecting the Hack and the Web Application Hackers Handbook.  Hopefully I can get to Ninja Hacking before Ghost in the Wires comes out. 

http://www.amazon.com/Ninja-Hacking-Unconventional-Penetration-Techniques/dp/1597495883/ref=sr_1_3?s=books&ie=UTF8&qid=1305656854&sr=1-3
Logged
OSCE, OSCP, OSWP, CISSP, GPEN

www.agoonie.com
millwalll
Guest
« Reply #17 on: May 17, 2011, 03:54:03 PM »
It is a good book I have read it already
Logged
BillV
Hero Member
*****
Offline Offline

Posts: 1892


View Profile WWW
« Reply #18 on: May 17, 2011, 04:57:04 PM »
Quote from: chrisj on May 17, 2011, 01:23:40 PM
How does it compare to the other books that publisher put out? I tried reading their Xen book, but the pages all fell out, and it looked like there was no technical editor for it. I kept sending in errata, for non-working commands, with what they should have been, but never saw the page updated.

Probably on the same level. I picked up a copy when I saw it mentioned in the forums here. I've only read the first 2 chapters so far but the lack of editing (spelling/grammar) is quite apparent. I was hesitant to purchase because I didn't recognize the author names and had a feeling it may turn out this way. I'll provide more feedback on it as I make my way through.
Logged
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« Reply #19 on: May 17, 2011, 10:12:28 PM »
Quote from: Agoonie on May 17, 2011, 01:40:41 PM
Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques

I have not had the chance to read it yet but it has been recommended on this site many times.  It seems like a very good read especially if you want to use "uncommon" techniques for pentesting. 

Glad you're liking it  Cool
Logged
millwalll
Guest
« Reply #20 on: May 18, 2011, 07:38:04 AM »
Quote from: BillV on May 17, 2011, 04:57:04 PM
Quote from: chrisj on May 17, 2011, 01:23:40 PM
How does it compare to the other books that publisher put out? I tried reading their Xen book, but the pages all fell out, and it looked like there was no technical editor for it. I kept sending in errata, for non-working commands, with what they should have been, but never saw the page updated.

Probably on the same level. I picked up a copy when I saw it mentioned in the forums here. I've only read the first 2 chapters so far but the lack of editing (spelling/grammar) is quite apparent. I was hesitant to purchase because I didn't recognize the author names and had a feeling it may turn out this way. I'll provide more feedback on it as I make my way through.

If you were new to pen tester never used BT before then it maybe a good buy. I personally found it very basic lacking any real detail and depth. It covers I would say 65% of the tools in BT4 but just the basic of them so what they are used for and one line command to run them. And it does not even mention wireless tools from what I can remember.

I would say it didn't really teach me anything I could not find out in the man pages or help page of a tool.
Logged
BillV
Hero Member
*****
Offline Offline

Posts: 1892


View Profile WWW
« Reply #21 on: May 18, 2011, 08:03:59 AM »
Yeah, I'd agree with that. I'm only a little further now but the first tool they present has the wrong syntax Undecided
Logged
rabray
Newbie
*
Offline Offline

Posts: 38


View Profile
« Reply #22 on: June 12, 2011, 06:21:23 PM »
Not finished reading ed skoudis counter hack reloaded yet but I would recommend this. A number of core principles discussed in easy to understand manner. Providing info on the important ethical nature of pen testers. Remediation/mitigation strategy, Hoping to see a new edition.

Social engineering the art of human hacking is also an interesting read.

Web app handbook and network security assessment. Both good resources in my view.
Logged
---------------------------------------
CEH, eCPPT, MCT, MCSA, MCDST, A+, Net+

Never been the flamin type.
labamba
Newbie
*
Offline Offline

Posts: 11



View Profile
« Reply #23 on: June 26, 2011, 04:22:12 AM »
I personally recommend Cisco's Penetration Testing and Network Defense. It's a very good catch and Counter Hack Reloaded.
Logged
El33tsamurai
Full Member
***
Offline Offline

Posts: 192


View Profile
« Reply #24 on: June 26, 2011, 08:09:29 AM »
A thing I like to do is go to amazon and type in Pen Testing and every book that comes up I look inside and normally you can read the first chapter, I have found many a book this way.  If you can't read the first chapter on amazon try Google books.
Logged
CCENT, A+, Network+, Security+
n3r
Jr. Member
**
Offline Offline

Posts: 95



View Profile
« Reply #25 on: October 27, 2011, 06:38:07 AM »
As i said in other topics i would like to buy a book about coding and writing exploits. I've a good level on C language and i'm currently learning Python, i have seen two books : The Art of Exploitation and Coding for Penetration testers.
which one should i choose ?
Logged
rance
Full Member
***
Offline Offline

Posts: 212


<censored>


View Profile
« Reply #26 on: October 27, 2011, 09:15:20 AM »
Quote from: n3r on October 27, 2011, 06:38:07 AM
As i said in other topics i would like to buy a book about coding and writing exploits. I've a good level on C language and i'm currently learning Python, i have seen two books : The Art of Exploitation and Coding for Penetration testers.
which one should i choose ?

I'm working through "Coding for Penetration Testers" right now.  Only got it last week, so I haven't read the book in depth yet, however:

Pros: Touches many languages, gives a lot of examples of coding, well, pen test tools, so it gets in to a lot of the socket stuff, remote calls, etc.

Cons: It only *briefly* touches on all the languages.  If you want an in-depth programming guide for a particular language, this isn't it.  If you want to learn the language, I'd probably suggest an O'Reilly book, such as this one: http://shop.oreilly.com/product/9780596158118.do
Logged
Poking at security since 1986.  +++ATH
n3r
Jr. Member
**
Offline Offline

Posts: 95



View Profile
« Reply #27 on: October 27, 2011, 01:28:17 PM »
thanks !
So it's better to learn for example Python from a book like Dive into Python before going to Syngress' one.
And what about Art of exploitation ? As i've learnt C language maybe it's a better option to go for this one.
Logged
Forgotten
Newbie
*
Offline Offline

Posts: 2


View Profile
« Reply #28 on: February 01, 2012, 09:22:16 AM »
As some others have said, there are tons of books that will be helpful.  I really liked The Art of Exploitation and Metasploit: A Penetration Tester's Guide.
Logged
MaXe
Hero Member
*****
Offline Offline

Posts: 669


I've just upgraded myself to a cyborg muahahaa!!1


View Profile WWW
« Reply #29 on: February 01, 2012, 01:59:34 PM »
The Penetration Tester's Open Source Toolkit Third Edition, I think it'll be interesting to read, as I already read version 2 / second edition, so I can't wait to read version 3 that's on its way to me  Smiley
Logged
I'm an InterN0T'er
Pages: 1 [2] 3 4   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.339 seconds with 23 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.