• Home
  • About 404TS
  • Contact

404 Tech Support

Where IT Help is Found

  • Articles
    • Code
    • Entertainment
    • Going Green
    • Hardware, Gadgets, and Products
    • Management
    • Network
    • News
    • Operating Systems
    • Security and Privacy
    • Software
    • System Administration
    • Talking Points
    • Tech Solutions
    • Web
    • Webmaster
  • Reviews
  • Media
    • Infographics
    • Videos
  • Tech Events
  • Tools
    • How do I find my IP address?
    • Browser and plugin tests
  • Get a Technical Consultation
You are here: Home / Articles / Reviews / Book Review: Penetration Testing – A Hands-On Introduction to Hacking by Georgia Weidman

Book Review: Penetration Testing – A Hands-On Introduction to Hacking by Georgia Weidman

2014-10-21 by Jason

Penetration Testing – A Hands-On Introduction to Hacking by Georgia Weidman is 528 pages long and was published by No Starch Press in June 2014.

This book is a beginner’s guide to performing penetration tests. Penetration testing is a service provided by security researchers to organizations wishing to evaluate their defenses. Georgia Weidman documents the process from start to finish of how you can evaluate an enterprise and provide useful information in a report to the organization. A pentest would find one or more ways to access valuable information from a company. This could be completed by using an unpatched vulnerability, exploiting a gap in their defenses, or social engineering a means to access the data.

pentesting_cover

Penetration Testing – A Hands-On Introduction to Hacking starts at the beginning and prepares individuals for penetration testing by setting up their own virtual lab to learn and practice the art. It then goes on to teach Kali Linux, the successor to BackTrack Linux, a Linux distribution loaded with pentesting tools, and Metasploit, a framework for penetration testing. Beyond that, the book also covers the process to follow in completing a pentest. That process can be seen in the chapter outlines of the book:

  1.  Setting up your virtual lab
  2. Using Kali Linux
  3. Programming
  4. Using the Metasploit Framework
  5. Information Gathering
  6. Finding vulnerabilities
  7. Capturing traffic
  8. Exploitation
  9. Password attacks
  10. Client-side exploitations
  11. Social engineering
  12. Bypassing antivirus applications
  13. Post exploitation
  14. Web application testing
  15. Wireless attacks
  16. A stack-based buffer overflow in Linux
  17. A stack-based buffer overflow in Windows
  18. Structured exception handler overwrites
  19. Fuzzing, porting exploits, and metasploit modules
  20. Using the smartphone pentest framework

No Starch Press provided a review copy of Penetration Testing to me. I enjoyed reading through the book as it provided quite a detailed amount of information to successfully performing a penetration test using various tools and techniques but still managed to start at the beginner level. The tools used included Nessus, Wireshark, nmap, and many others. Setting up a virtual lab and using Kali Linux and the Metasploit Framework sets individuals up to learn on their own and continue their own education as technology rapidly changes and security continues to evolve and grow in importance.

As an IT professional, this book helped teach the perspective of attackers which then helps one understand the importance of defense-in-depth and investments in various security infrastructure. It could also provide a good start to evaluating your own organization for ways that it might be vulnerable. You might better be able to see weaknesses you can address before somebody else finds them.

Penetration Testing – A Hands-On Introduction to Hacking by Georgia Weidman is available from Amazon in paperback or Kindle format.

Filed Under: Reviews, Security and Privacy

Trending

  • Microsoft October Windows 10 Event announces Creators Update, new Surface Book, new Surface Studio all-in-one
    In Featured, Hardware, Gadgets, and Products, Operating Systems
  • Malwarebytes Anti-Rootkit available in beta
    In Security and Privacy, Software
  • Adobe Releases Updates for Adobe Acrobat and Reader
    In Security and Privacy, Software

Latest Media Posts

Find Out Where To Download SNES ROMs

Find Out Where To Download SNES ROMs

Multifunctional Video Conversion Tools – Wondershare Video Converter

Multifunctional Video Conversion Tools – Wondershare Video Converter

  • Popular
  • Latest
  • Today Week Month All
  • How to ‘Unblock’ multiple files at a time with PowerShell How to 'Unblock' multiple files at a time with PowerShell
  • Increase IIS Private Memory Limit to improve WSUS availability Increase IIS Private Memory Limit to improve WSUS availability
  • SOLVED: “This modification is not allowed because the selection is locked.” SOLVED: "This modification is not allowed because the selection is locked."
  • Configure Outlook to recurring appointments for the last weekday of the month Configure Outlook to recurring appointments for the last weekday of the month
  • Creating and editing views in phpMyAdmin Creating and editing views in phpMyAdmin
  • 3d rendering circuit cloud for cloud computing technology Build and Deploy a Modern Web 3.0 Blockchain App in 2022
  • Telecom Application Development: When to Outsource Telecom Application Development: When to Outsource
  • Printer printing document wirelessly from mobile phone or smartphone wifi connection vector flat cartoon illustration, file air print on fax or ink jet via cellphone bluetooth modern design Why Your Business Needs Online Fax Services In 2022
  • 6 Best Ways to Protect Your Business Account 6 Best Ways to Protect Your Business Account
  • How to download videos from Instagram How to download videos from Instagram
Ajax spinner

Elevator Pitch

404 Tech Support documents solutions to IT problems, shares worthwhile software and websites, and reviews hardware, consumer electronics, and technology-related books.

Subscribe to 404TS articles by email.

Recent Posts

  • Build and Deploy a Modern Web 3.0 Blockchain App in 2022
  • Telecom Application Development: When to Outsource
  • Why Your Business Needs Online Fax Services In 2022

Search

FTC Disclaimer

404TechSupport is an Amazon.com affiliate; when you click on an Amazon link from 404TS, the site gets a cut of the proceeds from whatever you buy. This site also uses Skimlinks for smart monetization of other affiliate links.
Use of this site requires displaying and viewing ads as they are presented.

Copyright © 2022 · Magazine Pro Theme on Genesis Framework · WordPress · Log in