Ethical Hacking and Penetration Testing Guide ISBN-10: 1482231611 In-Depth Book Review

ISBN-10: 1482231611 | Ethical Hacking and Penetration Testing Guide Book Review

Author: Rafay Baloch
Genre: Ethical Penetration Testing
Format: Hardcopy and Ebook
Maximum Price (Kindle): Rs 2, 987.67 | ~ $20.10
Maximum Paperback Price : Rs 3,807.00 | ~ $51.10

Informative Details:

  • ISBN-10: 1482231611
  • ISBN-13: 978-1482231618
  • Product Dimensions: 3.2 x 17.8 x 24.8 cm
  • Publisher: Auerbach Publications
  • Press: CRC Press

eth1eth2

Summary

I received both hardcopy and the softcopy of this ebook/paperpack by a seasoned bug hunter, a well established penetration tester and my colleague ‘Abdul Rafay Baloch‘, a guy of pure consensual security research approach with a deep interest in both network and application security. Since, the guide took a breath away for newbies in security scene and began pirating the copies already; lesser is known about the original paperback which finds it’s way to more content and due appreciated for a year of work and efforts put to this book. It wouldn’t be for this man, the information security community could feel less 1% pride off it’s rich domain, where hundreds of ventures are already investing their money into and is a next-generation industrial vision for millions. Security by itself is a subject! Rafay begins his amazing coverage of overall penetration test in a single guide with the following.

The more information you have about the target, the more is the chance of successful exploitation.

Being a submissive application security specialist myself, the irony of a penetration tester is not left withdrawn from the very first beginning of the book. Most amateur testers certainly is driven by money into bug hunting and this exactly is why the book contains a lot of coverage into application security skill-set one might need in order to accomplish him/her with easy money via making the most out of this book. The leftovers are pure network security, wireless security, windows exploit development and an in-general approach to vulnerability assessment which would be needed prior to a methodological penetration test. A lot of efforts are put together to make this amazing steal-away guide for the amateur seasoned bug hunters who could definitely benefit with a vast support of pictorial images and test cases. I would take a stop here and let the readers first decide with the at-a-glance overview of the “Ethical Hacking and Penetration Testing Guide“.

  • Information Gathering Techniques
  • Scanning
  • Vulnerability Assessment
  • Sniffing the Network
  • Network Exploitation
  • Client Side Exploitation
  • Post-Exploitation
  • Web Application Penetration Testing
  • Windows Exploit Development
  • Wireless Hacking

Brief Content Overview

Keeping the context of the readers clear and precise to the point, I would begin with each topic and maintain a streamlined summary version of each of the topics covered in the book. This would not only let the reader decide but would also place and prove the factual grounds wherein the author has put a good amount of before-hand research with dedication.

  1. Information Gathering Techniques: This is exactly where the book begins and most expert penetration testers will agree this has to be the point of the entire goal during the vulnerability assessment, let alone penetration tester which has to come after a great VA. To have a good penetration test done, there must be a approach driven VA and to achieve a great VA, there has to be massive data collection. Call it data mining, enumeration, or gathering information; the book starts a great deal here with Active Information Gathering Techniques and Passive Information Gathering Techniques. Right from the information gathering process, which has a great amount of in-depth into different techniques used, the book maintains the focus of “why information gathering is the most crucial asset of any given targeted penetration test; be it white-box or a black-box, the latter will find it’s bliss around for information security amateurs“.book1The book also tries to generalize the techniques used around with the Linux Operating System and uses Back|Track 5 as base. This would not only let the readers get the overview concept of enumeration process but would also drive the reader into deep-dive to the best known Operating System for Penetration Testing, sponsored by Offensive Security. Each tool for enumeration counts and is a one-step ahead to success of the given professional penetration test task for the Red Team.
  2. Scanning: Along with the first step which is Enumeration, the author mentions Scanning in brief. For any vulnerability assessment, a set of tools are used for quick deduction. Leaving aside maintaining and creation of own scrips which is originally done by many penetration testers , most of these scripts which had to be written from the scratch earlier have already been compiled into penetration testing operating system distributions for easier access and usage.book2Examples have been set across the Scanning section which has majority of essential scanning assets covered using the BackTrack Operating system (by now, this might just be obsolete, since Linux Kali is the new formal penetration testing distribution, but either way might work).
  3. Vulnerability Assessment: Rather than any set tools or technical details, vulnerability assessment is a methodological and chronological assessment sheet for a client which a penetration tester must be handing out either on a periodical basis or at one-time as per the contract. There is no set standard evaluation criteria, but the book describes the assessment methodology is a very generalized form. Other methodologies include PCI DSS 2.0, OWASP, OSSTMM, NIST, PTES, and other commercialized methodological approaches which could either be acquired as a needed asset for a licensed penetration tester or would be client-specific “need” asset in the penetration tests. Because none of these advanced levels of a pure methodological based specific vulnerability assessment does not fit among the beginners routine task and where the book has keep it’s focus on a generalized penetration testing covering all aspects, the author seemed to have chosen the pathway of a neutralized reporting standards and assessment methodology. This could be both weak and strong point in itself. The readers perspective is needed here.
  4. Network Sniffing and Network Exploitation: The author himself being a network security addict has driven the section into compulsive study for his readers onto adventures in network exploitation but not before Rafay has described network sniffing which has a basic outline to every plain text traffic that goes inbound and outbound from a device. From DNS Zone transfers to Mail server lookup’s, everything fits at the right place and with the tools to which the reader would need to practically put himself in a penetration test.
  5. Client Side Exploitation: Rafay’s experience on his recent en-devours and achievements unlocked with Bug Bounty gives the reader with a thorough concept of why client side exploitation could be so important. The book¬† has an enormous section for Client side exploitation right from Cross Site Scripting attacks to using them with the BeeF framework.¬† The commitment put across the work is worth reading and the web application section could be a full of hands on fun with profit for the readers (see Bug Hunting). I wouldn’t spoil the fun but this is a very hands-on section for beginners who had been wondering where to start from. Good luck hunting bugs.
  6. Exploitation: Windows Exploit Development and Post-Exploitation topics have been covered in the book with a beginners perspective in mind. This has benefits since not all the advanced topics could be delivered straight-away to the amateurs. The author has maintained this balance and has delivered his material to focus on how to begin with windows exploitation and literally what steps could be used by an attacker after he has had compromised a system. Owning the box and maintaining accesses are a vast topic; and Rafay has done a good survey beforehand what would be required for the readers in order to win their mind discussing amazing core concepts which will be required throughout the practical scenarios.
  7. Wireless Hacking: WEP and WPA breaking are some of the many concepts one would be required to start hacking live into wireless traffic. That been said, the author takes an in-depth analysis of wireless traffic and then takes his experiences with tools, different scripts and overall maintains the perfect delivery of the subject. Again, BackTrack distribution is very obsessively used throughout the book and this would benefit the readers.

Additionally; the book also covers the different aspects of programming prior to exploitation and penetration testing. The book has an intermediate coverage of using the BackTrack distribution (Linux based distribution, currently: Kali Linux). PDF exploitation is an added section which has a vast coverage of PDF exploitation and how one could mail a person to let him look at the PDF and ultimately get a shell via the Metasploit Framework (meterpreter session). The use of step-on-step approach makes it very comfortable for the readers to go along the book and reproduce the same steps in his/her system provided all the steps were followed exactly as the author had described in this book.

Protips

  • The Book is amazingly priced and has a vast content.
  • The Book has been a great benefit to previous buyers.
  • The Book primary focus is on beginners and equally beneficial to bug-hunters.
  • The Book is self-paced and dedicated across different streams of exploitation – app, network, system; name it!
  • The Books has a huge web application hacking section for beneficiaries discussed above.
  • The Book could be used as a reference guide for new comers to Information Security.
  • The Book is well-drafted, the author is not native English; but every steps are clear and methodological.

Rating

  • For Content, I would rate it 8/10
  • For Grammar, I would rate it 6/10
  • For Technicality, I would rate it 9/10
  • For Deliverance of the subject, I would rate it 8/10

Overall Rating: 8/10 as per the subject, material delivered, proof-reading, self-pacing and technicality on the subject covered. The rating depends from personal opinion perspective and the readers choice in the subject.

Recommendation

This conclusive section covers any preliminary core concepts you would require to get into this book for a hands-on experience (which I cannot think of since the amazing book delivered it all initially on its own) and recommendation which personally I think is opinion based and technical driven. Apart from the grammar/literature used; the book has successfully been able to deliver the following:

  • Methodological Vulnerability Assessment
  • Technical Insights of Penetration Testing
  • Live Test case scenarios on Application Section
  • The ‘why’ and ‘how’ concepts for each section

The reasons above are enough to get anyone hooked into the book and follow it’s methodological approach in solving things which are meant to be practically self-tested over and over again to overcome the level of fear a beginner might had been previously confronted to. The prior advantage is, the author takes his dedication and passion level to the next level in drafting the book and it has been witnessed by the level of efforts he has had to put when developing the material itself. I would add a suggestion level for this book for your easy references in the category discussed below if one believes that should be the unbiased recommendation for everyone alike.

Beginner

I recommend it highly for the amateurs and the beginners who had been fantastical about ‘hacking’ and had never centralized thyself into the world of penetration testing and vulnerability assessments. For him, the only word ‘hack’ makes him go null. For them; the readers with a hope, I can soothsay this book would be a priority read for you during the free-time, or even at the bed-time when your fantastical world could go raw-jaw drop in-front of that LED screen of yours.

Intermediate

I still would recommend the book, since being an intermediate always has la scope for learning and improving your skills. Might be sharpening your skills around the web application section would make you familiar with core concepts of bug hunting for profit if you were not doing it right already? or, if you are neutral on everything and had to make a choice on system hacking, web hacking or pick up on network intrusion? This book could readily be a perfect opportunity for you to step up a level, and go through the diverse sections it has for you.

Advanced

Hook this up as a reference material only if you have students, corporate employee’s if you have had to deliver them core concepts onto diversified security in and around your circle. This book could be a source for their guidance into the first step of exploitation if you did not had the time to invest in order to pick the perfect reference. This book is for you, if you had to recommend someone with a bare Windows box running on his/her Laptop and he/she never realizes (but has an interest into hacking {that is what they call it, or should we call it vulnerability assessments for the sake of ethics, maybe?}) what are the technical aspects of getting into a security career and how he/she would be readily stepping forward in step-on-step approach.

I thank you for reading the review on Ethical Hacking and Penetration Testing Guide ISBN-10: 1482231611 which has been a buzz for now and a quite interesting to deliver a review on someone who has made through his efforts right across the desk and delivered them in a good fashion. The security community wouldn’t be so far as it’s now, if it wasn’t for people like Abdul Rafay Baloch who have been contributing their time and investing their focus in different digital security research in the midst of forest daylight through the trees. I hope this post has delivered unbiased review and would put my efforts across to make things higher quality once I have freespace.

Advertisements