Monday, August 13, 2012

Book review: The Basics of hacking and penetration testing

    This story, of the book review anyway, began in the class Inside and out of the Social-engineer Toolkit (SET) by David Kennedy. I decided to attend this class when my boss discovered money in our budget that had to be spent before the end of the state fiscal year. 
     A surprise student in the class was Kevin Mitnick. During a break, Kevin began to chide Dave Kennedy about the fact that his book, Ghost in the Wires, supplanted Dave's Metaploit book as the Amazon bestseller. Dave's response was to point out that another book beat his out on another bestseller's list on the Amazon site. Lo and behold, the author of this book, Patrick Engebretson, was sitting next to Kevin Mitnick! Never one to pass up an opportunity to support a good ribbing, I immediately purchased to book, The basics of hacking and penetration testing: Ethical hacking and penetration testing made easy.
     I am glad I did. Engebretson does an outstanding job of laying out, in an easy to read way, a complete guide for those interested in breaking into pen testing. This book begins by introducing the concept of "zero entry hacking." Much like a zero entry pool, that gradually slopes from dry land to deep depths, the ZEH concept allows anyone to pick up this book and begin work. 
     Engebretson follows the ZEH concept with a quick differentiation of blackhat vs. whitehat. He focuses on three key concepts that separate the two and clears the air for the reader. Next, he introduces the reader to some of the most important tools a pentester will ever use, BackTrack Linux and a good lab.
     Finally, Engebretson introduces a simple 4 step methodology that summarizes what pen testing is all about. He spends the rest of the book detailing his simple methodology in a concise and comprehensive manner.
     I recommend anyone breaking into the pentesting world buy this book before they start. In addition, even though this book title begins with "The Basics of," I recommend it for even the seasoned pentester. 
     Good luck Patrick! May you sell plenty of books! At least enough to allow you to buy some cool toys.

No comments:

Post a Comment