When asked by CRC Press to review a recently released book, Ethical Hacking and Penetration Testing Guide by Rafay Baloch, a closer look was in order before agreeing. The book description reads, “Requiring no prior hacking experience, Ethical Hacking and Penetration Testing Guide supplies a complete introduction to the steps required to complete a penetration test, or ethical hack, from beginning to end. You will learn how to properly utilize and interpret the results of modern-day hacking tools, which are required to complete a penetration test.” A brief review of the Table of Contents and Description from Amazon piqued my interest, so I accepted the request and got to reading.
The book was written to take people with some technical but little to no ‘hacking’ background, and introduce them to tools, techniques and methodology in order to familiarize them with pentesting. As there are quite a few books on the subject, I was a bit skeptical at first, as I’m always looking for something ‘groundbreakingly new’ or with some extra insights that other books may not have. I can say, with certainty, that while this wasn’t an overhaul of other books on the market, it was well organized and contained plenty of good information for a newcomer to get started into their learning.
Shrinking budgets and geographical diversity are pushing educational trends out of the classroom and into online learning opportunities. But, hands-on training and skills evaluation is a trickier problem to solve in that paradigm. Information Security training is no exception. Yet, many students seeking training in Information Security face barriers of entry involving their prior knowledge, and how to get it. Many offerings assume a level of proficiency above what a beginner may have, especially one who has not already worked in Information Security. To add to the beginner’s frustration, most training organizations don’t offer the background learning necessary to get to that level. Enter the eLearnSecurity (eLS) Penetration Testing Student course.
The eLearnSecurity Penetration Testing Student v2 course addresses the need for online, hands-on education for the beginner. The flexible and self-paced, browser-accessible online course teaches basic foundational concepts for students who wish to enter the field of penetration testing while allowing hands-on application through the Hera Student Lab and, optionally, the Coliseum Web Application Testing Framework. The course provides an ordered and appropriately broad basic introduction into foundational concepts for the beginner. While this course alone will not produce a qualified penetration tester, it provides a guided hands-on opportunity to become familiar with some of the basic concepts. It is effective for those who are exploring the possibility of penetration testing as a career path, or for those who simply want to know more about what penetration testers are capable of doing.