March 25, 2012 at 3:10 am #7452TrebinParticipant
I am new to infosec and I was going to read Gray Hat Python but a lot of the reviews said the code doesn’t work. I am also studying for the CEH and was looking for a good set of books to read to learn python, understand hacking from a hackers perspective and help with ethical hacking in general. I have access to most of the CEH books so I am not too worried about those. I am really looking for a list or group of must read books for ethical hacking to understand the enemy in 2012.
March 26, 2012 at 2:34 am #46528cd1zzParticipant
Grey Hat Python is a great book, if the code “doesn’t work” they don’t have the desire or aptitude to make it work. If you want to understand “hacking” there are a million books to read. I would start with Counter Hack Reloaded, it will open your eyes. From there, decide what you’re interested in… and report back. This is a lifestyle and commitment, not just a profession 😉
March 26, 2012 at 4:08 pm #46529dynamikParticipant
What is your current skill level with Python, assembly, etc.? If you’re just starting out, writing our own debugger and fuzzing drivers isn’t the best way to learn the basics. Check out Coding for Penetrations for a good introduction into what you’re looking for (I’ll be providing a review shortly): http://syngress.com/hacking-and-penetration-testing/Coding-for-Penetration-Testers/
The O’Reilly Python Cookbook is also good for reviewing examples of functional code.
March 26, 2012 at 5:06 pm #46530unicitydParticipant
You say that you’re new to information security, but you don’t say what your other skills are. The advice that people can give you really depends on the CS/IT background that you already have. If you’re also new to IT, you should start with books on system/network administration and programming. If you’re already an accomplished programmer, Cisco guru, or sysadmin, you can pick a security book that relates to your existing experience and jump right in.
If you’re already strong in networking concepts you might want to grab Network Intrusion Detection by Stephen Northcutt (a little dated, but good), The Tao of Network Security Monitoring by Richard Beijtlich, or Snort IDS and IPS Toolkit by Jay Beale. If your interest is in Cisco, the Hacking Exposed: Cisco book may suit you.
If you have system administration experience, you may want to grab one of the Hacking Exposed volumes or Counter Hack as recommended above (I haven’t read that one).
If you’re interested in application security, check out this reading list by Dino Dai Zovi (one of the top appsec researchers):
March 28, 2012 at 1:02 am #46531TrebinParticipant
I have some experience with networking, working on the ccent now and also have some experience in programming. Python is what they are going to be using at work so that is one of the reasons I picked that one. I have some experience with the sys admin side of things and also with IA and compliance. I will look up some of the books here and use that as a start.
March 30, 2012 at 4:06 am #46532unicitydParticipant
Python is a good language. It’s clean, powerful, and you can develop apps quickly with it. I used to build all of my small or one-shot apps in Perl, but I switched to Python a while back. It’s easier to read/maintain which is particularly important to me since I don’t code on a daily basis anymore.
You should also learn enough C that you can at least read basic code with some proficiency; it will be helpful for solving compilation problems, understanding exploit code, and reading some articles.
As far as understanding the enemy, you should check out the papers from the Honeynet project titled “Know Your Enemy”:
April 2, 2012 at 11:50 am #46533AnonymousParticipant
securitytube has just released a python course so if your still trying to learn maybe of interest
April 4, 2012 at 3:07 am #46534
April 4, 2012 at 11:38 am #46535meshoParticipant
I’ve a different opinion than others!
you should start with more basic Programming/Linux books before digging deeply in InfoSec..
i would suggest the following respectively:
* Practical Guide To Linux
* Advanced Shell Scripting (Free) from the tldp.org
* Learn Python the Hard Way (Free)
* Dive into Python (Free)
* The C Programming Language
* Programming from the groundup (Free)
* PC Assemly (Free)
* Art of Exploitation 2nd edition
* ShellCoder handbook 2nd edition
* Secret of Reverse Engineering
then you may consider to read the Gray Hat Python ;D
April 9, 2012 at 10:38 am #46536magxtopherParticipant
THE BASICS OF HACKING AND PENETRATION TESTING.
ethical hacking and penetration testing made easy.
Plz this book is 100 percent ok for newbie.
I just finish the book and ready to hack and pen test.
- You must be logged in to reply to this topic.