[Article]-Book Review: Metasploit – The Penetration Tester`s Guide



User avatar


Posts: 4270

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Apr 25, 2012 1:55 pm

[Article]-Book Review: Metasploit – The Penetration Tester`s Guide

This has been in the works for a while (as you've probably noticed it's been listed as coming soon in our monthly newsletter for a while), so I'm happy to be able to bring it to you. I think you'll find it informative and useful as more than just a book review. As always, Mr. Oquendo (AKA sil) brings his vast experience to everything he writes.

Let us know what you think of the book and the review itself.

Permanent link: [Article]-Book Review: Metasploit – The Penetration Tester`s Guide


Review by J. Oquendo

“Metasploit – The Penetration Tester's Guide” by David Kennedy, Jim O’Gorman, Devon Kearns, and Mati Aharoni is perhaps the most enjoyable book I have come across regarding the uses and functionality of Metasploit. There were so many concepts it refreshed me on, many functions I didn’t know existed and other functions I did not correctly understand even with my years of using Metasploit. Let’s take an in-depth look into this stellar publication by No Starch Press.

Initially I skipped through the first chapter of the book, “The Absolute Basics of Penetration Testing.” However, I went back to the chapter as I had already been in and out of reading the methodologies laid out by the Penetration Testing Execution Standard (PTES). This chapter actually made sense after the fact, since my approach was that of the technical one: Show me the meat of this book. Not everyone who uses Metasploit (and other tools like it) has a concise understanding of penetration testing, and many will assume that aiming Metasploit at an address constitutes a penetration test. The chapter is clear, summarized and offers much food for thought outside of Metasploit and into the realm of penetration testing.

After the break, look for a link to a free download of Chapter 8: "Exploitation Using Client-Side Attacks"




Posts: 1134

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Wed Apr 25, 2012 2:18 pm

Re: [Article]-Book Review: Metasploit – The Penetration Tester`s Guide

Nice review. I actually picked this up a few days ago and have had a difficult time putting it down. I'm halfway through chapter 7, and I think your review is spot-on. It's a great book for Metasploit, and it does a fair job of covering ancillary topics from a high level.
The day you stop learning is the day you start becoming obsolete.


User avatar

Hero Member
Hero Member

Posts: 551

Joined: Thu Mar 20, 2008 8:01 am

Location: ::1

Post Wed Apr 25, 2012 2:46 pm

Re: [Article]-Book Review: Metasploit – The Penetration Tester`s Guide

I enjoyed the read. Right now though, I'm studying Cisco 352-001 stuff and have about 8-12 books on design stuff (MPLS, QoS, Security, etcetcetc)). I'm also going back and forth with Managed Code Rootkits and Introduction to Eletronic Warfare Systems 2nd edition. I think I may step back for the summer though as I am starting to feel overwhelmed with work, teaching, learning, life as a whole. May need a quick break

Return to Book Reviews

Who is online

Users browsing this forum: No registered users and 0 guests

Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software