.

Recomended book for Pen Tester

<<

Capotao

User avatar

Newbie
Newbie

Posts: 2

Joined: Wed Aug 08, 2012 6:01 pm

Post Wed Aug 08, 2012 6:12 pm

Re: Recomended book for Pen Tester

I'd recommend this book: The Basics of Hacking and Penetration Testing, by Syngress.

It's start from the basics, explaning the process of a pentest, goes through linux usage and the most used tools to scan and exploit systems.

http://www.amazon.com/The-Basics-Hackin ... pd_sim_b_1

Its a very good book to begginers, but if you are already familiar with the basics concepts, I'd recommend: Advanced Penetration Testing for Highly-Secured Environments, Packt Publishing.

http://www.amazon.com/Advanced-Penetrat ... enetration

What is great in this book are the  advanced techniques and the labs setups. It teachs you to build up labs with layers of firewalls and systems to make your exploitation harder.
Push me, and then just touch me, 'till I can get my SATISFACTION!
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Thu Aug 09, 2012 1:20 am

Re: Recomended book for Pen Tester

wooohooo!! I already bought those books but the first one is awsome
ICS Academy Network Security Certified
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Thu Aug 09, 2012 3:52 am

Re: Recomended book for Pen Tester

Not read the second one has anyone read it ? is it any good ?
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Thu Aug 09, 2012 12:53 pm

Re: Recomended book for Pen Tester

Jamie.R wrote:Not read the second one has anyone read it ? is it any good ?

i havent read the second one but i think the first one is better
ICS Academy Network Security Certified
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Thu Aug 09, 2012 3:13 pm

Re: Recomended book for Pen Tester

I read the first one and felt was ok a great read for a beginner.
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

S3curityM0nkey

User avatar

Jr. Member
Jr. Member

Posts: 89

Joined: Mon May 16, 2011 6:47 pm

Post Thu Aug 09, 2012 6:22 pm

Re: Recomended book for Pen Tester

Advanced Penetration Testing for Highly-Secured Environments is a great read... +1
<<

cyber.spirit

User avatar

Sr. Member
Sr. Member

Posts: 356

Joined: Sun Feb 26, 2012 8:07 am

Location: in your heart!

Post Thu Aug 09, 2012 7:21 pm

Re: Recomended book for Pen Tester

im not saying that the second one is bad ofcourse is great too but the first one is awsome
ICS Academy Network Security Certified
<<

shadowzero

User avatar

Full Member
Full Member

Posts: 120

Joined: Sat Jun 02, 2012 10:03 pm

Post Thu Aug 09, 2012 8:18 pm

Re: Recomended book for Pen Tester

I've flipped through Advanced Penetration Testing for Highly-Secured Environments. I have some mixed feelings about it. Some things in the book aren't what I'd consider "advanced" (starting an ftp server, basic nmap scans, snmp scans, selecting a text editor (???)). Yet there are some gems in there, like setting up your own virtual lab, and bypassing IDSs and firewalls. Other things it barely touches upon (buffer overflow refresher - but never really goes into detail). There's a section on fuzzing, but only covers basic fuzzing.

Maybe it's just me, but when I see "Advanced" I expect something like this: http://www.inguardians.com/research/doc ... ecrets.pdf
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Fri Aug 10, 2012 4:55 am

Re: Recomended book for Pen Tester

hmm I find most books follow the same sort of thing and cover the same topics.
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

Catalyst256

User avatar

Newbie
Newbie

Posts: 23

Joined: Thu Dec 22, 2011 11:05 am

Post Fri Aug 10, 2012 8:45 am

Re: Recomended book for Pen Tester

I've only been focusing on learning more about security since the beginning of the year and I have a bit of a different view on books.

I own a few different security books, grey hat hacking, hacking exposed and they are pretty much similar in content (which you would expect), but it depends on your skill level and the way you learn.

In all honestly I only use books as a reference point rather than reading through the whole thing, and forgetting most of it. The book depends on what you want/need to learn, for the myself I wrote a training plan over a year covering different tools and methods and then find the books (and don't forget Google) to learn those particular areas. I throw in a healthy dose of lab work (built various VM's) to push home what I've read and learnt.

Pen Testing usually follows a set pattern in terms of what you need to do:

scan, enumerated, exploit etc etc

From that you can work out the areas you need to learn about and then find books/pdf's/google material to progress. Otherwise you might end up reading books about subjects you don't need or only just cover a subject that is really important.

But then that's the just the way I learn best, like I said everyone is different and there are a lot of good books available.

I've just created a new wish list of Security books. Check it out here.

http://www.amazon.co.uk/registry/wishlist/1INPZOXT8TJY3

Adam
@catalyst256

Security+ OSCP VCP CCA
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Fri Aug 10, 2012 2:57 pm

Re: Recomended book for Pen Tester

Cool there are some good books on that list anyone else have good recommendation
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
<<

LT72884

User avatar

Jr. Member
Jr. Member

Posts: 99

Joined: Thu Oct 15, 2009 3:11 pm

Location: Utah

Post Fri Aug 10, 2012 3:41 pm

Re: Recomended book for Pen Tester

Capotao wrote:http://www.amazon.com/Advanced-Penetrat ... enetration

What is great in this book are the  advanced techniques and the labs setups. It teachs you to build up labs with layers of firewalls and systems to make your exploitation harder.


Question about VB and VMplayer. Chapter 8 of the advanced pen test book is avialable for free to the public. They use VB and the auther mentions that backtrack is on vlan1 and ubuntu is on vlan2. Now is the terminology of vlan in virtual box the same as it is in cisco? or is that they way virtualbox lables virtual network adapters? If it is an actual vlan, then is there a way to do that in vmplayer?

thanks guys
<<

Capotao

User avatar

Newbie
Newbie

Posts: 2

Joined: Wed Aug 08, 2012 6:01 pm

Post Fri Aug 10, 2012 6:26 pm

Re: Recomended book for Pen Tester

LT72884 wrote:
Capotao wrote:http://www.amazon.com/Advanced-Penetrat ... enetration

What is great in this book are the  advanced techniques and the labs setups. It teachs you to build up labs with layers of firewalls and systems to make your exploitation harder.


Question about VB and VMplayer. Chapter 8 of the advanced pen test book is avialable for free to the public. They use VB and the auther mentions that backtrack is on vlan1 and ubuntu is on vlan2. Now is the terminology of vlan in virtual box the same as it is in cisco? or is that they way virtualbox lables virtual network adapters? If it is an actual vlan, then is there a way to do that in vmplayer?

thanks guys



Actually, VLAN is a terminology used not only by Cisco. I reckon that is used by the networking area in general. The idea would be exactly what you have in mind when thinking about Cisco’s configurations to setup VLANs (one switch divided into 2 LANs).

I’m not sure about it if you can do it in VMPlayer, since I use Workstation.
Push me, and then just touch me, 'till I can get my SATISFACTION!
<<

LT72884

User avatar

Jr. Member
Jr. Member

Posts: 99

Joined: Thu Oct 15, 2009 3:11 pm

Location: Utah

Post Sat Aug 11, 2012 2:42 am

Re: Recomended book for Pen Tester

o cool. yeah vlan is used in hp switches, juniper and basically any managed switch. haha. i did a little bit more digging and in the book, he just calls it vlan1 and vlan2 as the name of the network in VB because pfsense firewall apparently uses vlans as the way to seperate networks. sorta like how other firewalls had color coded names. red(public)green(private lan)orange(dmz)blue(wifi) pfsense just uses vlans. pretty much same thing.

so in vb the name is just vlan1 and vlan2 in the settings. its not actually creating vlans. haha. in vmplayer, its different. im actually learning tons right now. my lab is lookin awesome. i have a firewall between bt5 and de-ice lvl 1. this way i cn see how a fw is working. gonna install snort on it next.

took me like 4 hours to figure out what the book was trying to do. haha. since i dont use vb i had to make sure it was not actual vlans, but rather just names of the network cards. he later changes them to wlan1 and wlan2 or wan1 and wan2. haha.

thanks guys.

here is the link to the free chapter in case you want to read i.its 40$ from the same site if you want to buy it

http://packtlib.packtpub.com/library/9781849517744

http://www.packtpub.com/sites/default/f ... mpaign=pdf
Last edited by LT72884 on Sat Aug 11, 2012 2:48 am, edited 1 time in total.
<<

Jamie.R

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Mon Aug 06, 2012 9:57 am

Location: UK

Post Sat Aug 11, 2012 2:33 pm

Re: Recomended book for Pen Tester

Thanks will find it useful need to have a  read of it
| OSWP | eCPPT Silver and Gold | eWPT |

I'm an InterN0T'er
PreviousNext

Return to Book Reviews

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software