June 22, 2014, 4:47 PM — Just recently published by no starch press, Penetration Testing: A Hands-On Introduction to Hacking can give you a solid -- practical, useful and insightful -- understanding of how hackers work and how you can use the same methods and tools to guard your systems against attack. But you have to take the "hands-on" part of this title very seriously. If you want to become a skilled security professional with penetration testing and hacking expertise, you will need to spend some time following the suggestions recommended on the 500 or so pages of this book. This involves setting up a lab, installing a particular Linux OS plus some additional tools and getting some significant experience working with the key tools of the trade.
The good news is that this book will show you how to do this step by step.
If you're new to this area, penetration testing involves looking for known (known by the security community) weaknesses in systems and detecting them. Taken a step further, it can also mean exploiting those weaknesses to learn exactly what secrets your systems might divulge if compromised and how difficult or easy it might be to topple their defenses. When you are able to determine that one or more or your systems are vulnerable to a certain type of attack, you can then take steps to patch the holes or turn off services that might be making you vulnerable to attack.
A quick glance at the table of contents below should demonstrate how much material is covered. This book starts with the basics -- an introduction to some of the key tools -- and walks you through many stages of learning the tools and how to use them. It covers a lot of territory -- all the way to the possibility of developing your own exploits and learning how to conduct mobile hacking.
One of the first things that hit me while reviewing this book is how easy it is to follow. While the intricate art of penetration testing and hacking in general might seem mysterious and complicated, the author provides very clear explicit instructions on how to set up your own hacking lab, using mostly virtual systems, and installing a series of tools both to use in penetration testing and to introduce vulnerabilities so that you can practice finding them.
Early on, she introduces Kali Linux which, following in the footsteps of BackTrack, installs with a hefty set of hacking tools. The book then walks you through the process of installing other tools that you will need to ready yourself for a series of insightful exercises.
You can read each chapter and get a lot of understanding of how the tools work, but you really need to DO what is described to get the full benefit of what the author intends to teach you.
no starch press