| | |  | Computer Security | Home » » Professional Penetration Testing: Volume 1: Creating and Learning in a Hacking Lab | | | | | | | Product Promotions: | | | | | Description: | | Save yourself some money! This complete classroom-in-a-book on penetration testing provides material that can cost upwards of $1,000 for a fraction of the price! Thomas Wilhelm has delivered pen testing training to countless security professionals and now through the pages of this book you can benefit from his years of experience as a professional penetration tester and educator. After reading this book you will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios. Penetration testing is the act of testing a network to find security vulnerabilities before they are exploited by phishers, digital piracy groups, and countless other organized or individual malicious hackers. The material presented will be useful to beginners all the way through to advanced practitioners. -
Find out how to turn hacking and pen testing skills into a professional career -
Understand how to conduct controlled attacks on a network through real-world examples of vulnerable and exploitable servers -
Master project management skills necessary for running a formal penetration test and setting up a professional ethical hacking business -
Discover metrics and reporting methodologies that provide experience crucial to a professional penetration tester -
Learn through video - the DVD includes instructional videos that replicate classroom instruction and live, real-world vulnerability simulations of complete servers with known and unknown vulnerabilities to practice hacking skills in a controlled lab environment
| | | Product Details: | | | Author:
| Thomas Wilhelm | | Paperback:
| 528 pages | | Publisher:
| Syngress | | Publication Date:
| August 28, 2009 | | Language:
| English | | ISBN:
| 1597494259 | | Product Length:
| 9.1 inches | | Product Width:
| 7.4 inches | | Product Height:
| 1.2 inches | | Product Weight:
| 2.11 pounds | | Package Length:
| 9.2 inches | | Package Width:
| 7.5 inches | | Package Height:
| 1.3 inches | | Package Weight:
| 2.0 pounds | | Average Customer Rating:
|  based on 9 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
 ( 9 customer reviews )
Write an online review and share your thoughts with other customers.
Most Helpful Customer Reviews
36 of 39 found the following review helpful:
 Should be called "Professional Pen Testing Project Management"Jan 27, 2010
By Richard Bejtlich
"TaoSecurity"
I had fairly high hopes for Professional Penetration Testing (PPT). The book looks very well organized, and it is published in the new Syngress style that is a big improvement over previous years. Unfortunately, PPT should be called "Professional Pen Testing Project Management." The vast majority of this book is about non-technical aspects of pen testing, with the remainder being the briefest overview of a few tools and techniques. You might find this book useful if you either 1) know nothing about the field or 2) are a pen testing project manager who wants to better understand how to manage projects. Those looking for technical content would clearly enjoy a book like Professional Pen Testing for Web Applications by Andres Andreu, even though that book is 3 years older and focused on Web apps.
PPT offers 18 chapters, with 12 chapters on project management and non-technical issues, and 6 ostensibly covering technical issues. The technical material is limited to the basics of conducting reconnaissance, running Nmap, Nessus, CORE IMPACT, Ettercap, Aircrack-ng, Netcat for "maintaining access," SSH for an "encrypted tunnel," and trivial file and script changes to "cover tracks." Seriously. I'm sure some review readers are saying "sometimes it's just that easy." That's true, but we don't need a 528 page book with an outrageous price tag to read about these well-known methods. If your experience with pen testing is limited to this book, take a look at Andres Andreu's title to see the sort of material you should expect in a book on pen testing.
I didn't find the project management parts all that helpful, either. Some of it just repeats material published in various guides like the Open Source Security Testing Methodology Manual. Other sections repeat certification descriptions found on vendor Web sites. It is clear the author really cares about project management, so maybe he should have just written a book on project management for security managers?
I gave the book three stars because I didn't find the book to be technically or managerially incorrect. (If that had been the case, I would have rated it two stars.) If you want much better coverage on technical matters not found in Andreu's book, try the core Hacking Exposed titles. They address the same topics that PPT barely introduces.
7 of 7 found the following review helpful:
A Very Good book for the intended AudienceMar 19, 2010
By J. Klein
I recently finished going through Professional Penetration Testing by Wilhelm. This book is very good for beginers and advance Pen testers. In the past there have not really been any texts that focused on the entire process of Penetration testing. This is where Professional Penetration Testing excells. It goes over the entire process from start to finish.
For beginners, this text gives a very good overview of the entire penetration testing process from scoping all the way to writing an executive summary. For advanced testers, the most valuable sections are problaby the ones on testing frameworks, scoping, and report writing. I have met many testers who were excellent technically but could not communicate the results effectively to business leaders, this book will help these testers improve in that area. Advanced Pen Testers will probably not learn any technical tricks from this text.
My only complaint about the book is that it doesn't really go into how any of the exploits that one would use in pen testing work. For example, the author gives a listing of different NMAP scan options and very briefly goes over what the options are, but doesn't really explain why you would use one over the other. I am guessing that this omission is primarily due to the space required to add such information and the that the goal of the text seems to be to give the whole view of pen testing without going into too much deatil on any section.
6 of 7 found the following review helpful:
 PPT is an excellent and easy readApr 27, 2010
By K. Wolstencroft
I have read quite a few books covering the security field and have found most of them very dry and hard to read. Thomas Wilhelm's PPT book is the exception, I found it easy to read and managed to complete it in a weekend. The book will suit both the security professional and those new to the security field. The technical depth of the book will benefit systems administrators who need to gain an understanding of penetration testing. The project management aspects of the book will benefit the security professional moving into a more managerial role.
1 of 1 found the following review helpful:
Open to disappointmentOct 10, 2011
By Capture
Overall, I enjoyed Professional Penetration Testing book. It is aimed at rookies, so I overall found it useful. I was disappointed with the labs corresponding with the CD. I admit I wanted the BackTrack brain dead version, but there is no BackTrack on the CD. No big deal, because it easy enough to download...but when you pay $75, it is disappointing. So why is BackTrack not on the CD? Per [...]link, the "DVD was changed at the last minute to exclude the BackTrack images due to space issues.". So there is not enough space for a "readme" file?
I did like the down to earth explanations of what the reader should be seeing, etc.
1 of 1 found the following review helpful:
A must haveJan 10, 2011
By paztek
A must-have for everyone who wants to start a professional career as a pentester.
The DVD with several system images and hacking challenges is a great addition to the content of this book.
See all 9 customer reviews on Amazon.com
| | |
|
