“The Basics of Hacking and Penetration Testing, 2nd Edition, Ethical Hacking and Penetration Testing Made Easy” by Patrick Engebretson covers the essentials. The introduction should not be skipped, because, first and foremost, it conveys that the book is intended for people that are new to pentesting and the hacking scene. It also gives a generic overview of a lot of tools in the book that “might” strongly come in handy even to those not so new to the industry. Additionally, he covers what is needed to follow along in the book, which transforms this work from being just a book into more of a “hands-on” reference guide.
The title by Syngress Publishing is divided into chapters that define each part of the standard methodology that should be used in every pentest. This is important because every good security professional knows that having a methodology or plan of action is the key to making sure that the pentest is successful every time. The “methodology” is covered in the meat of the book which includes Chapters 2 through 7. Most pentesting books have a “What is Pentesting” chapter, so naturally Chapter 1 starts here. The book ends in a great way, because the author covers the most important part of a penetration testing: the report. Now that it is known that the author covers the requisite topics, let’s see how he handles the details of delivering this message.
The Basics of Web Hacking: Tools and Techniques to Attack the Web by Josh Pauli was recently released by Syngress Publishing in July of 2013. Dr. Pauli’s resume includes several academic journals, but this appears to be his first published book. But, do not be dissuaded. As you might expect, this first work shows the love of an eager first-time author who has an obvious passion about the subject matter. Dr. Pauli gives a nod to other topical works in the area of web application penetration testing and offers gracious thanks to his influences in the security community.
In the introduction Dr. Pauli is quick to explain the niche that his contribution to the topic fills within the available body of knowledge. He states that the intent of this book is to provide the fundamentals of web hacking for people who have no previous knowledge of web hacking, and that this book might act as an introduction that prepares people to consume some of the more thorough and advanced books on the subject. Keep reading after the break to see if he succeeded.
As stated in its tagline, Violent Python is A Cookbook for Hackers, Forensic Analysts, Penetration Testers, and Security Engineers. This is a relatively broad scope and demonstrates how Python can be used to automate and assist with tasks across a variety of diverse InfoSec disciplines. However, breadth does not preclude depth in this case; the exercises build up to a fairly advanced level. Violent Python is authored primarily by TJ O’Connor, with Rob Frost contributing a chapter on Web Reconnaissance, and Mark Baggett acting as the Technical Editor. A quick glance at their collective credentials and experience undoubtedly creates high expectations for this title.
For those unfamiliar with cookbook-style resources, the contents are made up of dozens of short, self-contained “recipes.” The objective is not to comprehensively teach Python from the ground-up, but rather present scripts that focus on a specific task. The end result is that the book demonstrates how powerful just a few dozen lines of Python code can be (even the longest of recipes rarely exceed 100 lines). However, while the aim is not to teach Python programming in general, useful tips and tricks will surely be acquired simply by working through the exercises. The recipes were created in a modular fashion, with code reusability in mind, and they can easily be incorporated into larger projects. Let’s take a closer look.
With a title as ambitious as Coding for Penetration Testers, it’s important to set expectations properly at the onset. In this context, coding is synonymous with scripting, and the content primarily focuses on Bash Scripting, Python, PERL, Ruby, PHP, SQL, PowerShell, and scripting related to various scanners such as Nmap and Nessus. Compiled languages such as Assembly, Java, and the C variants are not within the content’s scope.
This Syngress published book by EH-Net Columnists Jason Andress and Ryan Linn strives to remove the mystery surrounding the development of security tools and scripts by presenting dozens of easy-to-follow examples. The ultimate goal is to alleviate the reliance on pre-built security tools and create more versatile and effective penetration testers. With this resource, readers will gain the knowledge to start such a journey that will likely have numerous, “That’s all there is to it!?” epiphanies as they progress through the book.
Michal Zalewski, author of 2005’s highly praised Silence on the Wire, is at it again with “The Tangled Web: A Guide to Securing Modern Web Applications,” an incredible and highly technical book published by No Starch Press. Since the browser is the portal of choice for so many users, its inherent security flaws leave the user at a significant risk. This book details the issues surrounding insecure web browsers and what developers can do to mitigate those risks.
Mr. Zalewski writes about modern web applications which are built within a tangled mess of technologies, developed over time and then slapped together into a confusing monstrosity. This in turn leads to inconsistent operation with all kinds of vulnerabilities at several levels. The author goes into great detail taking apart every level of web applications from HTTP communication to browser and server-side scripts and dissects the subtle security consequences and the corresponding dangers of the unorganized conglomeration of web applications and browser code. The author then goes into how developers can work through the current problems and solve them down the road through new and revised code.
This book begins with the observation that the field of information security seems to be a mature and well-defined discipline, but in reality there is not even a rudimentary framework for understanding and assessing the security of modern software. So let’s dive deeper into the book to see how Mr. Zalewski addresses the issues in an attempt to untangle this mess.
After the break, look for a link to a free download of Chapter 3: “Hypertext Transfer Protocol”
So often as security professionals we hear how bug hunters both black hat and white hat find vulnerabilities and release them to the vendor or use them for monetary gain. We wonder how they actually went about finding these vulnerabilities and what hurdles they had to jump to find them. “A Bug Hunter’s Diary: A Guided Tour Through the Wilds of Software Security” by Tobias Klein focuses on helping different levels of security professionals understand the approaches used to uncover vulnerabilities, testing the vulnerabilities found and finally reporting on those vulnerabilities. It is short and to the point and offers nothing but valuable content with little to no fluff content.
The book was written as though Tobias was writing in a journal as he was progressing through his research of a particular application. Each chapter is a separate journal entry focused on a single application into which he dug and eventually found a vulnerability. He then determined if it was exploitable and in turn released it to either the vendor or to a vulnerability broker. This is a fascinating look into the heart of a sector of the security economy not previously exposed to a wider audience.
After the break, look for a link to a free download of Chapter 2: “Back to the 90s”
It seems like yesterday that I was reviewing Chris Eagle’s book, but in reality it’s been 3 years. So when I had an opportunity to review The IDA Pro Book: The Unofficial Guide To The Worlds Most Popular Disassembler, 2nd Edition, I looked forward to seeing what had changed. And thus a change in the normal extensive EH-Net book review is in order and brevity is the word of the day.
A few things haven’t changed since my last review. I am still not a reverse engineer, although I occasionally use the tools clumsily for Capture The Flag (CTF) exercises. I’m not a professional programmer, although I can program and do so frequently. Although this isn’t material that I suspect I will master in the near future, this is material in which I have an interest. If you have basic programming skills, an interest in learning, and are willing to sit down and spend time with this material, you will definitely benefit from this book.
After the break, look for a link to a free download of Chapter 24: “The IDA Debugger.”