Home - Algorithms
The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy (Syngress Basics Series)
Price: $29.95
& 2-Day * Free Nationwide Shipping! (* details)
Availability: Usually ship in 24 hours if sold by Amazon.com
Product Details
| Binding: | Kindle Edition |
|---|---|
| EAN: | |
| Label: | Syngress |
| Feature: | |
| Publisher: | Syngress |
| Studio: | Syngress |
Editorial Reviews
The Basics of Hacking and Penetration Testing serves as an introduction to the steps required to complete a penetration test or perform an ethical hack. You learn how to properly utilize and interpret the results of modern day hacking tools; which are required to complete a penetration test. Tool coverage will include, Backtrack Linux, Google, Whois, Nmap, Nessus, Metasploit, Netcat, Netbus, and more. A simple and clean explanation of how to utilize these tools will allow you to gain a solid understanding of each of the four phases and prepare them to take on more in-depth texts and topics. This book includes the use of a single example (pen test target) all the way through the book which allows you to clearly see how the tools and phases relate.
- Each chapter contains hands-on examples teach you how to interpret the results and utilize those results in later phases
- Written by an author who has practical experience as a Penetration Tester and who has taught “Introduction to Penetration Testing” for 5 years
- Utilizes Backtrack Linux distribution and the “core” tools required to complete a penetration test
Customer Reviews
Jose A. Campo "SQL D @ 2011-10-10 A delicious sip of network security and PEN test
Very easy to read, very fun and interesting! I'm more into databases but the way everything integrates now in the current IT world, I realized that I need to get a better understanding of how to protect my database servers (or provide additional value to my Projects), network or at least, being able to discuss about security with my network team without feeling lost. This books is about how to protect yourself from the very "nasty" and "wild" Internet world we all are living in. It will change your false sense of security at work or home, trust me! Even though this is not an in-depth volume about PEN testing tools or techniques, this book delivers what is promised on the cover and much more!
All chapters are very coherent, meticously structured and nicely integrated between each other thanks to the PEN test process it follows. There are even suggestions about how to test all the examples in a secure and practical way. Of course, a virtual lab using any of the virtualization technologies is highly advised. The author suggests VMware, I used Parallels, but there are several free tools out there including Virtual PC or VirtualBox, both are free as well.
The book uses Metasploit framework/software for its examples but makes strong emphasize on concepts rather than tools, which it is very good in my opinion because whatever is being taught can be later extrapolated using other tools. PEN test is more a process than mere scripts and tools. I also like the fact that you don't need a very strong knowledge on networking, cryptography or C++ in order to understand this book. Instead It relies on easy vocabulary with lot of examples and screen-shoots that help almost anyone who is new into this field (a basic knowledge of Linux won't hurt though, that made it easy for me to understand some commands)
-- Additional bibliography --
Once you're done with this one I recommend these two books: Metasploit: The Penetration Tester's Guide, by David Kennedy and Nmap Cookbook: The Fat-free Guide to Network Scanning. The 1st one expands a bit more on the Metasploit software and its components, which are briefly explained on the Syngress book. The Nmap cookbook, talks about nmap scanning tool and different switches you can use when working on the scanning phase; nmap cookbook is not a theory book, but visual examples of how to use the tool depending of the target or desired goal
All chapters are very coherent, meticously structured and nicely integrated between each other thanks to the PEN test process it follows. There are even suggestions about how to test all the examples in a secure and practical way. Of course, a virtual lab using any of the virtualization technologies is highly advised. The author suggests VMware, I used Parallels, but there are several free tools out there including Virtual PC or VirtualBox, both are free as well.
The book uses Metasploit framework/software for its examples but makes strong emphasize on concepts rather than tools, which it is very good in my opinion because whatever is being taught can be later extrapolated using other tools. PEN test is more a process than mere scripts and tools. I also like the fact that you don't need a very strong knowledge on networking, cryptography or C++ in order to understand this book. Instead It relies on easy vocabulary with lot of examples and screen-shoots that help almost anyone who is new into this field (a basic knowledge of Linux won't hurt though, that made it easy for me to understand some commands)
-- Additional bibliography --
Once you're done with this one I recommend these two books: Metasploit: The Penetration Tester's Guide, by David Kennedy and Nmap Cookbook: The Fat-free Guide to Network Scanning. The 1st one expands a bit more on the Metasploit software and its components, which are briefly explained on the Syngress book. The Nmap cookbook, talks about nmap scanning tool and different switches you can use when working on the scanning phase; nmap cookbook is not a theory book, but visual examples of how to use the tool depending of the target or desired goal
Charles W. Hayes @ 2011-09-03 Great book
What can I say, this is a great book for the beginning to intermediate pen tester. It never hurts to learn new techniques or see how someone else approaches doing something to gain new insights you can use in the future.
psimoes @ 2011-09-18 Good introductory book giving the right path for ethical hacking
Very good book, giving a nice basic introduction to the world of Ethical Hacking. There are out there many good and extensible hacking books, but most of them don't have the "glue" between the various tools and techniques. This book, beyond being technically not to deep, have that "glue", giving the reader a good understanding of the path to follow for being a ethical hacker/pen tester. Finally, chapter 7, gives the a reader a basic overview in how to conduct the writing of the final penetration test report, useful for the professional pen tester. A must have for who want's to follow the ethical hacking path and don't have the knowledge to absorb the more technically extensible books, being those the next level.
Mikey Psycho @ 2011-09-05 Great taste for potential pen testers
I'm not finished with the book, but I felt it necessary to express my opinion. The reason I gave it 4 starts instead of 5 is because I feel to the book is too short and definitely has the ability to expand in certain areas. The writing is not too technical, easy to follow, and the author gives plenty of examples to help you follow what he is doing. That's great, but you only get about a page or page and a half on each type of software you can use for pen testing. Yes while there are books out there for specific types of software, I believe it is impractical to read everything given the huge amount of security software out there. That is why I would like to have seen a little bit more, a page or two extra on each program for example, from this book since it did a great job in the limited time that it had (only 150 pages of material). Anyway, I look forward to more (articles and books) from this author.
Orbital @ 2011-11-29 Great little book
Picked this up through B&N since I have an Educator Discount card (20% off), though after seeing the price here on Amazon, I wish I would of gotten it here. Amazon's prices are cheaper even with my discount. ANYHOW...
This is a great book. I read some of the reviews on different sites for this book and decided that I might as well pick it up. Boy, am I glad I did. It breaks everything down into laymens terms so it's easier to understand. Book is divided into a couple different main sections which helps tremendously when searching for a particular tool or procedure. Just a reminder, this book is designed for a beginner as it tries to hold your hand as you read. You do need to know a bit about computers to understand it as some of the terms might throw some people off, but what would one expect, this is a hacking book.
Not the best review, but I'm at work and can't write much. If you're interested in pen testing and want to see what it entails or just want to expand your knowledge of computers, then get this book. No, you won't be able to pass a Security+ or the CEH exams reading it, but it helps you understand things a lot clearer when studying for those tests if you're curious or are going in that direction.
This is a great book. I read some of the reviews on different sites for this book and decided that I might as well pick it up. Boy, am I glad I did. It breaks everything down into laymens terms so it's easier to understand. Book is divided into a couple different main sections which helps tremendously when searching for a particular tool or procedure. Just a reminder, this book is designed for a beginner as it tries to hold your hand as you read. You do need to know a bit about computers to understand it as some of the terms might throw some people off, but what would one expect, this is a hacking book.
Not the best review, but I'm at work and can't write much. If you're interested in pen testing and want to see what it entails or just want to expand your knowledge of computers, then get this book. No, you won't be able to pass a Security+ or the CEH exams reading it, but it helps you understand things a lot clearer when studying for those tests if you're curious or are going in that direction.
A. Quesenberry @ 2012-01-04 Needs to spend more time on the basics, but otherwise, great!
"The Basics of Hacking and Penetration Testing" is a great treatise on hacking and how to plan a successful penetration test, and a successful hack. It focuses on using tools in the Backtrack distribution of Linux, and divides a penetration test into recon, scanning, exploitation, web-based exploitation, maintaining access, and wrapping up the pentest with a tidy report. Each step but the last gives you three or four different approaches with different tools in the Backtrack framework. I think the whole book would have been perfect if it spent a small amount of time analyzing the code used to perform each task, or by giving a small program to perform each task, such as a custom port scanning tool or a custom exploit payload. This is the main thing that separates a script kiddie from a true hacker. I loved the book, though. It gives you a great place to start honing skills that will serve useful in the information age.
Nelson Santiago "NSV @ 2011-12-21 A must have
For those of you wanting to learn the Pen-Testing basics in structured and well organized way, look no further. This book is a must have. Big kudos and thank you to Dr. P. Engebretson for a job well done.
Luke Donoho @ 2011-12-16 Fantastic Foundational Outline for Pen Testing
I have been looking for a book to offer a general framework and pathway for identifying the basic fundamentals of pen testing. Admittedly, the length of the book (180 pages) made me question whether it would be possible to condense the material in a concise enough way to provide optimal value, or if it would prove to be skimming material that was a waste of money and time. I am overly satisfied with the book as it thoroughly explains the foundations of pen testing in a very enjoyable format. The author spent adequate time on all of the chapters, and reminds the reader to be sure to spend time on each of the topics in order to gain a true understanding of the topic. The tools mentioned in the book are vendor agnostic and should be a part of any pen testers arsenal. The SDLC of the pen test framework in this book is broken into four steps: Reconnaissance, Scanning Exploitation, & Maintaining Access. The author breaks down each phase with an explanation as to the importance of each phase, as well as specific tools and examples to use during each phase. He does a good job of emphasizing that penetration testing is more than just exploitation and using automated, script kiddie techniques. He accentuates that the recon & scanning phases provide great value to a pen tester breaking into the industry, explaining that good pen testers do more than push buttons in a pre-built tool. Though constantly overlooked, the final chapter focuses on the importance of customer service and reporting structures. A solid outline is given on how to identify customer needs and explain the remedy for their current findings. I am giving this title a 5-5 stars as it delivers exactly what is expected from the title.
Share your thoughts with other customers
Create your own review
Create your own review