Showing posts with label taosecurity. Show all posts
Showing posts with label taosecurity. Show all posts

Professional Penetration Testing: Creating and Operating a Formal Hacking Lab Review

Posted by Jose Bennet on 3/23/2013 / Labels: , , , , , , , , / Comments: (0)
Professional Penetration Testing: Creating and Operating a Formal Hacking Lab
Average Reviews:

(More customer reviews)Are you looking to buy Professional Penetration Testing: Creating and Operating a Formal Hacking Lab? Here is the right place to find the great deals. we can offer discounts of up to 90% on Professional Penetration Testing: Creating and Operating a Formal Hacking Lab. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

Professional Penetration Testing: Creating and Operating a Formal Hacking Lab ReviewI had fairly high hopes for Professional Penetration Testing (PPT). The book looks very well organized, and it is published in the new Syngress style that is a big improvement over previous years. Unfortunately, PPT should be called "Professional Pen Testing Project Management." The vast majority of this book is about non-technical aspects of pen testing, with the remainder being the briefest overview of a few tools and techniques. You might find this book useful if you either 1) know nothing about the field or 2) are a pen testing project manager who wants to better understand how to manage projects. Those looking for technical content would clearly enjoy a book like Professional Pen Testing for Web Applications by Andres Andreu, even though that book is 3 years older and focused on Web apps.
PPT offers 18 chapters, with 12 chapters on project management and non-technical issues, and 6 ostensibly covering technical issues. The technical material is limited to the basics of conducting reconnaissance, running Nmap, Nessus, CORE IMPACT, Ettercap, Aircrack-ng, Netcat for "maintaining access," SSH for an "encrypted tunnel," and trivial file and script changes to "cover tracks." Seriously. I'm sure some review readers are saying "sometimes it's just that easy." That's true, but we don't need a 528 page book with an outrageous price tag to read about these well-known methods. If your experience with pen testing is limited to this book, take a look at Andres Andreu's title to see the sort of material you should expect in a book on pen testing.
I didn't find the project management parts all that helpful, either. Some of it just repeats material published in various guides like the Open Source Security Testing Methodology Manual. Other sections repeat certification descriptions found on vendor Web sites. It is clear the author really cares about project management, so maybe he should have just written a book on project management for security managers?
I gave the book three stars because I didn't find the book to be technically or managerially incorrect. (If that had been the case, I would have rated it two stars.) If you want much better coverage on technical matters not found in Andreu's book, try the core Hacking Exposed titles. They address the same topics that PPT barely introduces.Professional Penetration Testing: Creating and Operating a Formal Hacking Lab Overview
Save yourself some money! This complete classroom-in-a-book on penetration testing provides material that can cost upwards of $1,000 for a fraction of the price!

Thomas Wilhelm has delivered pen testing training to countless security professionals and now through the pages of this book you can benefit from his years of experience as a professional penetration tester and educator. After reading this book you will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios.

Penetration testing is the act of testing a network to find security vulnerabilities before they are exploited by phishers, digital piracy groups, and countless other organized or individual malicious hackers. The material presented will be useful to beginners all the way through to advanced practitioners.


Find out how to turn hacking and pen testing skills into a professional career


Understand how to conduct controlled attacks on a network through real-world examples of vulnerable and exploitable servers


Master project management skills necessary for running a formal penetration test and setting up a professional ethical hacking business


Discover metrics and reporting methodologies that provide experience crucial to a professional penetration tester


Learn through video - the DVD includes instructional videos that replicate classroom instruction and live, real-world vulnerability simulations of complete servers with known and unknown vulnerabilities to practice hacking skills in a controlled lab environment



Want to learn more information about Professional Penetration Testing: Creating and Operating a Formal Hacking Lab?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System Review

Posted by Jose Bennet on 2/20/2013 / Labels: , , , , , , , , , / Comments: (0)
The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System
Average Reviews:

(More customer reviews)Are you looking to buy The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System? Here is the right place to find the great deals. we can offer discounts of up to 90% on The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System. Check out the link below:

>> Click Here to See Compare Prices and Get the Best Offers

The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System ReviewThe Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System
Wow...! This was my first reaction when I received this massive 900+ pages book from Amazon. I was just spell bounded and surprised to see such an enormous amount of information compiled on the lesser known area of computer security, the Rootkits.
The book starts with basics of system internals which is essential to understand the depth of Rootkits. It covers about various memory models, interrupts, TSR, Windows architecture etc in detail. Then it delves into explaining the ingredients of Rootkit including installing and launching of the Rootkit. All these system internals have been covered in very precise and concise manner.
The chapter 5 is where the real fun starts as it goes on elaborating all the hooking mechanisms from user land to kernel and then it describes various techniques for detecting these hooking mechanisms. Later chapters does awesome job of explaining the advanced Rootkit techniques. The Anti-Forensics section is just mind blowing, no explanation needed.
One of the salient features of this book is the code samples. Every technique mentioned in this book is illustrated with well explained, working code example. This along with Rootkit detection mechanisms explored in the book sets it apart from its predecessor, Rootkit - Subverting Windows Kernel.
Its clearly evident that author has taken great pain and patience to present the darkest topic of computer arena in a very simple and understandable manner in this gigantic compilation. By far this is the very good reference book and very well recommended for any one who wants to conquer the mysterious world of Rootkits.The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System Overview

Want to learn more information about The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System?

>> Click Here to See All Customer Reviews & Ratings Now
Read More...