October 17, 2011 at 8:36 pm #6919
Someone has read this book ?
I’m looking for a book with a lot of exercises for testing the method. In this book there is a DVD with some lessons, and i saw in the summary that we work on our virtual lab.
So if someone can tell me if it’s a must buy or not it’ll be cool ! Because of the price i’m not sure if i can buy it or not.
PART I – Setting Up
Chapter 1: Introduction
Chapter 2: Ethics and Hacking
Chapter 3: Hacking as a Career
Chapter 4: Setting up Your Lab
Chapter 5: Creating and Using PenTest Targets in Your Lab
Chapter 6: Methodologies
Chapter 7: PenTest Metrics
Chapter 8: Management of a PenTest
PART II – Running a PenTest
Chapter 9: Information Gathering
Chapter 10: Vulnerability Identification
Chapter 11: Vulnerability Verification
Chapter 12: Compromising a System and Privilege Escalation
Chapter 13: Maintaining Access
Chapter 14: Covering Your Tracks
PART III – Wrapping Everything Up
Chapter 15: Reporting Results
Chapter 16: Archiving Data
Chapter 17: Cleaning Up Your Lab
Chapter 18: Planning for Your Next PenTest
Appendix A – Acronyms
Appendix B – Definitions
October 17, 2011 at 8:38 pm #42958
October 17, 2011 at 8:55 pm #42959p0etParticipant
If you’re looking for a book with step by step exercises, try this one as well: http://www.amazon.com/Practical-Hacking-Techniques-Countermeasures-Spivey/dp/0849370574/ref=sr_1_1?ie=UTF8&qid=1318884860&sr=8-1
He’s coming out with a 2nd book soon too.
October 17, 2011 at 10:01 pm #42960ranceParticipant
If you’re looking for something to practice against, check out WebGoat or DVWA. Both are intentionally insecure apps. WebGoat has built in “lessons”, and DVWA will give you three difficulty levels. These will give you a ton of exercises to work on…
(Keep in mind that any machine you run these on instantly becomes vulnerable, take care.)
October 18, 2011 at 5:42 am #42961
Thanks I didn’t see the review.
Any comments from you about this book ?
October 18, 2011 at 7:25 am #42962TheXeroParticipant
The book itself seems mostly about how to managed a pentest project, but the two courses focus on the methodologies and how to put them into practice.
I wouldn’t say it’s an overly technical book and it’s mainly for managerial type people.
October 18, 2011 at 8:39 am #42963AnonymousParticipant
If you just want to practice maybe set up your own lab if you want step by step guide to hacking I don’t think there is one but there are a few good books that can help you.
there is also this resource that explain how to setup two labs
The application hackers handbook is most likely the best for web apps.
Gray hat hacking is another good one.
If you really new to security there a book called basic hacking
October 18, 2011 at 12:43 pm #42964
i already have Gray Hat hacking but it’s a lot of theory and not a lot of exercises.
I think in this book we find a little bit of everything but nothing is really explained step by step.
October 18, 2011 at 12:54 pm #42965DarktaurusParticipant
So this is not worth a 1-click from Amazon. Thanks fellas. ;D
October 18, 2011 at 1:05 pm #42966
Well this book is very good but for example the chapter on C and Python is very basic
- You must be logged in to reply to this topic.