Penetration Testing: A Hands-On Introduction to Hacking
Amazon1 Description
Penetration testers simulate cyber attacks to find security weaknesses in networks, operating systems, and applications. Information security experts worldwide use penetration techniques to evaluate enterprise defenses.
In Penetration Testing, security expert, researcher, and trainer Georgia Weidman introduces you to the core skills and techniques that every pentester needs. Using a virtual machine–based lab that includes Kali Linux and vulnerable operating systems, you’ll run through a series of practical lessons with tools like Wireshark, Nmap, and Burp Suite. As you follow along with the labs and launch attacks, you’ll experience the key stages of an actual assessment—including information gathering, finding exploitable vulnerabilities, gaining access to systems, post exploitation, and more.
Learn how to: –Crack passwords and wireless network keys with brute-forcing and wordlists –Test web applications for vulnerabilities –Use the Metasploit Framework to launch exploits and write your own Metasploit modules –Automate social-engineering attacks –Bypass antivirus software –Turn access to one machine into total control of the enterprise in the post exploitation phase
You’ll even explore writing your own exploits. Then it’s on to mobile hacking—Weidman’s particular area of research—with her tool, the Smartphone Pentest Framework.
With its collection of hands-on lessons that cover key tools and strategies, Penetration Testing is the introduction that every aspiring hacker needs.
Editorial Reviews
Review
“The explanatory subtitle of this book is ‘A Hands-On Introduction to Hacking,’ and it’s exactly what you’ll get. This is the best book for pentesting beginners that I ever had the pleasure of reading.” —Help Net Security
“An excellent resource into the realm of penetration testing.” —Ethical Hacker
“Practical, useful and insightful. How hackers work and how you can use the same methods and tools to guard your systems against attack.” —Sandra Henry-Stocker, IT World
“Weidman’s presentation has much to recommend it to the technical security professional. Definitely a recommended read.” —Richard Austin, IEEE Cipher
“An excellent resource into the realm of penetration testing.” —Xavier Mertins, TrueSec
“A sound introduction to pentesting.” —ACM Computing Reviews
“A great book on infosec, detailing a large sum of computer penetration testing and exploitation.” —Dan Borges, Lockboxx
“A great introduction to finding vulnerabilities in your system penetration testing made accessible, and well illustrated too.” —MagPi Magazine
“This is one of the top books you must read if you are new to penetration testing . . . Not only is the book still relevant to the community, new courses are being created that center around this book. Including a new one taught by Georgia herself! And although Georgia is currently working on a new version, this book is still a must have in any hacker’s collection.” —Davin Jackson, Alpha Cyber Security, Books to Start Your Penetration Testing Journey
“Arguably, one of the best books I have ever read as a beginner. I learned about different domains of security and penetration testing, and the author never slipped from the point and got distracted. Overall, an excellent informational resource, a great introduction to penetration testing.” —Sudo Realm
“Penetration Testing: A Hands-on Introduction to Hacking, by Ms. Georgia Weidman, is one of the best book for to start with and for advancing the career in the field of penetration testing. I personally suggest the learners to start with this as the use of words are very simple which makes learning easy, also the methods are well explained for novice to grasp.” —Kamal Dev, KamalDev.me
“The Bible for IT-based testing.” —Dave, /@CyberOutsider
About the Author
Georgia Weidman is a penetration tester and researcher, as well as the founder of Bulb Security, a security consulting firm. She presents at conferences around the world, including Black Hat, ShmooCon, and DerbyCon, and teaches classes on topics such as penetration testing, mobile hacking, and exploit development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security.
Book Details
Author: Georgia Weidman
Category: Penetration Testing, Computer Networking
Publisher: No Starch Press; 1st edition (June 14, 2014)
Paperback: 528 pages
My Comment
This book is one of the greatest books for newcomers to get their hands dirty with hands-on experiment in the field of hacking, the book is quite old but the core concepts are still the same, many complain that they cannot follow with the book exercises but it is wrong, you need to use google and you shouldn’t complain about not finding book resources if you really want to become a professional hacker, all the book sections except the last part which is about mobile hacking can be done and if you google enough, you can find all the necessary files and programs that are referred to in this book. It is highly recommended and necessary to practice the things that are mentioned in the book for yourself. If you check OSCP certification syllabus, you’ll be amazed that most of them are the topics that are covered and practiced in this book! So it is recommended that you read this book and then some other courses for Privilege Escalation and Buffer Overflows before trying OSCP.