| Penetration Tester's Open Source Toolkit | 
| Authors: Charl Van Der Walt, Hd Moore, Roelof Temmingh, Haroon Meer, Johnny Long, Chris Hurley, James Foster
Publisher: Syngress
Category: Book
List Price: $59.95
Buy New: $40.00
You Save: $19.95 (33%)
Buy New/Used from $40.00
Avg. Customer Rating:   (11 reviews)
Sales Rank: 537937
Format: Illustrated
Languages: English (Original Language), English (Unknown), English (Published)
Media: Paperback
Edition: 1
Number Of Items: 1
Pages: 750
Shipping Weight (lbs): 2.3
Dimensions (in): 8.9 x 7 x 2.1
ISBN: 1597490210
Dewey Decimal Number: 005.8
UPC: 792502902103
EAN: 9781597490214
ASIN: 1597490210
Publication Date: December 23, 2005
Release Date: June 1, 2005
Availability: Usually ships in 1-2 business days
|
| Similar Items:
|
| Editorial Reviews:
Product Description
This is the first fully integrated Penetration Testing book and bootable Linux CD containing the Auditor Security Collection which includes over 300 of the most effective and commonly used open source attack and penetration testing tools. This powerful tool kit and authoritative reference is written by the security industry's foremost penetration testers including HD Moore, Jay Beale, and SensePost. This unique package provides you with a completely portable and bootable Linux attack distribution and authoritative reference to the toolset included and the required methodology. Penetration testing a network requires a delicate balance of art and science. A penetration tester must be creative enough to think outside of the box to determine all possible attack vector into his own network, and also be expert in using the literally hundreds of tools required to execute the plan and meticulously document their results. This book provides both the art and the science. The authors of the book are expert penetration testers who have developed many of the leading pen testing tools; such as the Metasploit framework. The authors allow the reader inside their heads to unravel the mysteries of thins like identifying targets, enumerating hosts, application fingerprinting, cracking passwords, and attacking exposed vulnerabilities. Along the way, the authors provide an invaluable reference to the hundreds of hijacking tools; sniffers; scanners; Web application; and vulnerability assessment tools from the bootable-Linux CD including the Metasploit Framework; ettercap, dsniff, Ethereal, Nmap, Paketto, Scanrand, Hydra, Paros, Nessus, and many more.
|
| Customer Reviews: Read 6 more reviews...
 Great book August 23, 2007
Great starter book into Pen Testing. Big book with lots of information. Great book to read to prepare to start your CEH or CISSP studies.
good introduction February 22, 2007
If you live and breathe IT security, this books is for you. I would like to somewhat disagree with some of the earlier reviewers. I don't think this book was intended to be "the one and only" penetration toolkit manual. However, what it does do - it introduces one to the world of penetration testing providing enough information and examples on a wide variety of tools. A lot of great subjects are covered, such as reconnaissance, enumeration, scanning, web application testing, wireless penetration and more. It's a very insightful read, even for those who are just researching in the area of security. It will open your eyes on many aspects of information security. The CD itself is a good resource, but you may need to update some applications by now. Nessus signatures do get updated regularly.
 Solid Penetration Testing Book February 6, 2007
At around 700 pages in size, the 'Penetration Tester's Open Source Toolkit' by Johnny Long is a solid reference material which is a nice pickup for anyone that is concerned with this subject matter. As with all Syngress books, you aren't buying these for the highest quality paper or design, but rather the material within. This is a solid book that most users should find helpful in their jobs.
**** RECOMMENDED
Excellent reference. January 22, 2007
If you are going to do any work in the Information Assurance world you will want to add this book to your shelf and keep it handy. The authors of this book know the topics and present information clearly.
Each chapter is a stand-alone lesson, and all chapters build on each other to create a big-picture of exploiting any network and reporting results. The CD that comes with the book gives you excellent tools to start or fill out your library. Some are getting dated as of this writing, but all are still solid tools that you can update once you've learned them.
I highly recommend this book!
Good review of currently available software September 25, 2006
Title: Penetration Tester's Open Source Toolkit
Author: Johnny Long, Aaron Bayles, James Foster, Chris Hurley, Mike Petruzzi Noam Rathaus, Mark Wolfgang
Publisher: Syngress Publishing, Inc.
800 Hingham Street
Rockland, MA 02370
Copyright: 2006
ISBN: 1597490210
Pages: 678 plus appendix and index
This book not only covers what tools are available for penetration testing but also details how to use them to effectively test the system. Some of the tools, such as whois and ping, will be very familiar to the Linux user and most power users of other operating systems. Other tools are less familiar but very powerful and a real insight into what can be done to gather information on a system before attempting to penetrate it. Part of what makes this book really interesting is the way the authors approach this subject. They don't walk the reader through all the details of a handful of tools but instead they take a task-oriented approach. For example they go first through enumerating and scanning a system, then testing databases, web server testing, web application testing, wireless penetration and network devices. They then end this section with information about writing open source security tools. Chapter 8 starts a section on the Open Source vulnerability scanner Nessus. It automatically finds many problems in the system by trying to penetrate it using various scripts. The results are captured and the generated reports detail the information it was able to obtain. This is a very powerful testing product and one of the most common ones you will find in the marketplace.
The authors detail how to set up a Nessus client and server, scan the system and understand the results. Although almost three hundred pages are dedicated to Nessus it is a very powerful and highly configurable program that can consume a full book by itself to use its full potential. Penetration Tester's Open Source Toolkit is highly recommended, insightful, and very interesting to read and experiment with.
|
|
|
