.

Coding for penetration tester:Building better tools and..

<<

easy

Newbie
Newbie

Posts: 15

Joined: Mon Nov 21, 2011 7:51 am

Post Mon Nov 21, 2011 8:11 am

Coding for penetration tester:Building better tools and..

1. Coding for penetration tester
2. A bug hunter's diary

Anyone have read these two book?

Good Book?
Last edited by easy on Mon Nov 21, 2011 8:12 am, edited 1 time in total.
<<

cd1zz

User avatar

Recruiters
Recruiters

Posts: 566

Joined: Sun Oct 03, 2010 9:01 pm

Post Mon Nov 21, 2011 9:16 am

Re: Coding for penetration tester:Building better tools and..

Just picked up Coding for Pentesters, I'll let you know in a few weeks....HD promoted it so it must be good, right ;)
<<

eth3real

User avatar

Sr. Member
Sr. Member

Posts: 309

Joined: Wed Feb 27, 2008 10:35 am

Location: US

Post Mon Nov 21, 2011 9:21 am

Re: Coding for penetration tester:Building better tools and..

I just got Coding for Penetration Testers last week. It will be a while before I really get into it, but I'll let you know.

Just like cd1zz said, I've heard a lot of good things about this book.
Put that in your pipe and grep it!
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Mon Nov 21, 2011 9:26 am

Re: Coding for penetration tester:Building better tools and..

Coding for Penetration Testers is a good read.  I'm on my second pass, now.  (I read through once, just to get a good overview, then a second time for in-depth study.)  I haven't been disappointed by it, yet.
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

n3r

User avatar

Jr. Member
Jr. Member

Posts: 95

Joined: Wed Sep 28, 2011 1:06 am

Location: paris

Post Mon Nov 21, 2011 9:45 am

Re: Coding for penetration tester:Building better tools and..

This book is on my whish list after i finish my Dive into Python
<<

Eleven

User avatar

Full Member
Full Member

Posts: 121

Joined: Thu Nov 10, 2011 6:47 pm

Post Mon Nov 21, 2011 9:59 am

Re: Coding for penetration tester:Building better tools and..

I didn't read it, but looking at the table of contents it seems over half the book is just being used as an intro to various scripting languages.  There are plenty of other books and resources that cover how to program in whatever language, I wish it chose a specific language like Python and explained how to use it for pentesting.
<<

millwalll

Post Mon Nov 21, 2011 1:33 pm

Re: Coding for penetration tester:Building better tools and..

waiting for my copy to come in the post
<<

n3r

User avatar

Jr. Member
Jr. Member

Posts: 95

Joined: Wed Sep 28, 2011 1:06 am

Location: paris

Post Mon Nov 21, 2011 2:40 pm

Re: Coding for penetration tester:Building better tools and..

ok i have ordered Coding for penetration testers today  ;D
<<

secmoose

Newbie
Newbie

Posts: 2

Joined: Mon Nov 21, 2011 11:22 pm

Post Mon Nov 21, 2011 11:59 pm

Re: Coding for penetration tester:Building better tools and..

Eleven writes:
I didn't read it, but looking at the table of contents it seems over half the book is just being used as an intro to various scripting languages.  There are plenty of other books and resources that cover how to program in whatever language, I wish it chose a specific language like Python and explained how to use it for pentesting.

In the interest of full disclosure: I'm Ryan Linn's gf.

I thought the same thing when Ryan was writing it. I actually said almost exactly this, in fact. I said "You know, the world doesn't need yet another intro to <insert scripting language here>. Boring."

Fortunately, in addition to being a respected penetration tester, Ryan is a saint. Not only did he tolerate my (in hindsight) less than supportive feedback, he listened to me and educated me about a few things I didn't know.

So, here's what I learned:

1) While there is some Hello World, it's actually much less prevalent than I thought. Each "intro" is penetration testing focused. The text and the examples pertain specifically to scenarios where you might use them during a pentest. For example, building a port scanner using the language of choice at the end of chapter 1, using scapy to exfiltrate data using icmp in Chapter 2, etc. etc. etc. Even the context builds around examples of things you might find useful during discovery or recon, for example.

2) The book highlights the strengths of each language, noting that there are circumstances where one language is much better than another language at accomplishing a particular task. This got driven home when I tried to do the Ruby examples using my knowledge of Python... This isn't something I could easily gather from online resources specific to one language or another. Python doesn't say "hey, doing this in Python stinks, do it in Ruby, you'll spend less on Xanax and save hundreds of innocent kittens."

3) Having a broad knowledge base is very useful, because flexibility can make you better. Being a pro at Python is great, but if Metasploit breaks, Ruby is how you fix it. And, honestly, there's always something that will take seconds in a restricted shell that would take many minutes to work around with something more complex.

So, even though I have absolutely no interest in the financial success of the book, when I read the finished product, I genuinely felt like Jason and Ryan did a bang up job. And I'm both dreading and looking forward to their next book - whatever the scope.
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Tue Nov 22, 2011 12:45 am

Re: Coding for penetration tester:Building better tools and..

Xanax and hundreds of innocent kittens... there's got to be a book idea in there somewhere
<<

easy

Newbie
Newbie

Posts: 15

Joined: Mon Nov 21, 2011 7:51 am

Post Tue Nov 22, 2011 2:00 am

Re: Coding for penetration tester:Building better tools and..

Thank you guys for reply.
I have got the bug hunter's diary... Just read some pages , seems something interesting.

I heard Coding for penetration tester is good book...

Looking for it
<<

Eleven

User avatar

Full Member
Full Member

Posts: 121

Joined: Thu Nov 10, 2011 6:47 pm

Post Tue Nov 22, 2011 6:27 am

Re: Coding for penetration tester:Building better tools and..

@secmoose, Those are some valid points, thanks for the explanation.
<<

l33t5h@rk

User avatar

Jr. Member
Jr. Member

Posts: 79

Joined: Tue Nov 22, 2011 12:06 am

Post Tue Nov 22, 2011 11:31 am

Re: Coding for penetration tester:Building better tools and..

Eleven wrote:@secmoose, Those are some valid points, thanks for the explanation.


I think it's a nice, brief foray into all the common languages as well. You could stumble upon nice tools by accident this way.
<<

secmoose

Newbie
Newbie

Posts: 2

Joined: Mon Nov 21, 2011 11:22 pm

Post Tue Nov 22, 2011 11:34 pm

Re: Coding for penetration tester:Building better tools and..

@Jason or maybe I just named my shmootalk... Xanax and kittens: saving the security industry...  ;)
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Wed Nov 23, 2011 12:34 am

Re: Coding for penetration tester:Building better tools and..

No kittens were (permanently) harmed during the development of this talk...
Next

Return to Book Reviews

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software