.

Professional Penetration Testing

<<

n3r

User avatar

Jr. Member
Jr. Member

Posts: 95

Joined: Wed Sep 28, 2011 1:06 am

Location: paris

Post Mon Oct 17, 2011 3:36 pm

Professional Penetration Testing

Hello !
Someone has read this book ?
http://syngress.com/hacking-and-penetra ... n-Testing/

I'm looking for a book with a lot of exercises for testing the method. In this book there is a DVD with some lessons, and i saw in the summary that we work on our virtual lab.

So if someone can tell me if it's a must buy or not it'll be cool ! Because of the price i'm not sure if i can buy it or not.

thanks !

PART I - Setting Up
Chapter 1: Introduction
Chapter 2: Ethics and Hacking
Chapter 3: Hacking as a Career
Chapter 4: Setting up Your Lab
Chapter 5: Creating and Using PenTest Targets in Your Lab
Chapter 6: Methodologies
Chapter 7: PenTest Metrics
Chapter 8: Management of a PenTest

PART II - Running a PenTest
Chapter 9: Information Gathering
Chapter 10: Vulnerability Identification
Chapter 11: Vulnerability Verification
Chapter 12: Compromising a System and Privilege Escalation
Chapter 13: Maintaining Access
Chapter 14: Covering Your Tracks

PART III - Wrapping Everything Up
Chapter 15: Reporting Results
Chapter 16: Archiving Data
Chapter 17: Cleaning Up Your Lab
Chapter 18: Planning for Your Next PenTest

Appendix A - Acronyms
Appendix B - Definitions
<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Mon Oct 17, 2011 3:38 pm

Re: Professional Penetration Testing

Try the Features tab at the top, then choose book reviews:

http://www.ethicalhacker.net/content/view/277/2/

Don
CISSP, MCSE, CSTA, Security+ SME
<<

p0et

User avatar

Full Member
Full Member

Posts: 197

Joined: Thu Nov 02, 2006 4:38 pm

Location: Victoria, Canada

Post Mon Oct 17, 2011 3:55 pm

Re: Professional Penetration Testing

If you're looking for a book with step by step exercises, try this one as well: http://www.amazon.com/Practical-Hacking ... 860&sr=8-1

He's coming out with a 2nd book soon too.
GCIH, Security+, Network+, A+, MCP, DCSE
<<

rance

User avatar

Full Member
Full Member

Posts: 212

Joined: Thu Jan 03, 2008 5:24 pm

Location: Earth

Post Mon Oct 17, 2011 5:01 pm

Re: Professional Penetration Testing

If you're looking for something to practice against, check out WebGoat or DVWA.  Both are intentionally insecure apps.  WebGoat has built in "lessons", and DVWA will give you three difficulty levels.  These will give you a ton of exercises to work on...

(Keep in mind that any machine you run these on instantly becomes vulnerable, take care.)
Poking at security since 1986.  +++ATH
<<

n3r

User avatar

Jr. Member
Jr. Member

Posts: 95

Joined: Wed Sep 28, 2011 1:06 am

Location: paris

Post Tue Oct 18, 2011 12:42 am

Re: Professional Penetration Testing

Thanks I didn't see the review.
Any comments from you about this book ?
<<

TheXero

User avatar

Full Member
Full Member

Posts: 112

Joined: Tue Dec 07, 2010 12:24 pm

Post Tue Oct 18, 2011 2:25 am

Re: Professional Penetration Testing

The book itself seems mostly about how to managed a pentest project, but the two courses focus on the methodologies and how to put them into practice.

I wouldn't say it's an overly technical book and it's mainly for managerial type people.
<<

millwalll

Post Tue Oct 18, 2011 3:39 am

Re: Professional Penetration Testing

If you just want to practice maybe set up your own lab if you want step by step guide to hacking I don't think there is one but there are a few good books that can help you.

there is also this resource that explain how to setup two labs
http://www.securityaegis.com/network-pentest-lab/

The application hackers handbook is most likely the best for web apps.
http://www.amazon.co.uk/Web-Application-Hackers-Handbook-Discovering/dp/1118026470/ref=sr_1_1?ie=UTF8&qid=1318927013&sr=8-1

Gray hat hacking is another good one.
http://www.amazon.co.uk/Gray-Hacking-Ethical-Hackers-Handbook/dp/0071742557/ref=sr_1_1?s=books&ie=UTF8&qid=1318927037&sr=1-1

If you really new to security there a book called basic hacking
http://www.amazon.co.uk/Basics-Hacking- ... 112&sr=1-1
<<

n3r

User avatar

Jr. Member
Jr. Member

Posts: 95

Joined: Wed Sep 28, 2011 1:06 am

Location: paris

Post Tue Oct 18, 2011 7:43 am

Re: Professional Penetration Testing

i already have Gray Hat hacking but it's a lot of theory and not a lot of exercises.
I think in this book we find a little bit of everything but nothing is really explained step by step.
<<

Darktaurus

User avatar

Full Member
Full Member

Posts: 181

Joined: Thu Sep 03, 2009 8:48 am

Post Tue Oct 18, 2011 7:54 am

Re: Professional Penetration Testing

So this is not worth a 1-click from Amazon.  Thanks fellas.  ;D
OSCE, OSCP, OSWP, CISSP, GPEN

www.agoonie.com
<<

n3r

User avatar

Jr. Member
Jr. Member

Posts: 95

Joined: Wed Sep 28, 2011 1:06 am

Location: paris

Post Tue Oct 18, 2011 8:05 am

Re: Professional Penetration Testing

Well this book is very good but for example the chapter on C and Python is very basic

Return to Book Reviews

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software