Hacking Exposed Series

coffeeking

Hi All,

Just a quick one for you are already in this...I am planning to get into pen testing down the road, so far I mostly do security administration and monitoring kind of stuff along with assisting in a couple of compliance project.

I have read this on a form here before, not sure where, but what do you guys think about reading through the series of Hacking Exposed books (starting with NetSec)? I am thinking this should give me a good knowledge base to start with for pen testing.

JDMurray

The Hacking Exposed books are not tutorials on the art/science pen testing. They are specific pen testing case studies used to test one's own pen testing skills. I would look for more basic books on pen testing to start with.

impelse

I bought this book: Professional Penetration Testing: Creating and Operating a Fromal Hacking Lab.

Amazon.com: Professional Penetration Testing: Creating and Operating a Formal Hacking Lab (9781597494250): Thomas Wilhelm: Books

This an excelent book, I get you from the beginning in penetration testing to attack the system, The book include the same traingin that there is at Heorot.net (I took that training). Also include certifications and all the process for the penetration.

Good book, I recommend it to you. After that book you could go through OSCP or CEH.

coffeeking

impelese,

thanks for your recommendation. I have looked at the content and sounds pretty good to start with, will into it.

JD,

thanks for your input as well, I wasn't aware of this, actually I thought it was the other way around. I was planning to use this book first and then move on to CEH and stuff.

JDMurray

I have taken a couple of classes using the Hacking Exposed series as the primary text. There is much information about specific types of hand-on hacking tricks, but it's not a detailed, "here's what you need to know to be a pen tester" type of series. It's more for reference and to help expand your current hacking repertoire. I do recommend getting the HE books, but not as a "first hacking" text.

Slowhand

JDMurray wrote: »

I have taken a couple of classes using the Hacking Exposed series as the primary text. There is much information about specific types of hand-on hacking tricks, but it's not a detailed, "here's what you need to know to be a pen tester" type of series. It's more for reference and to help expand your current hacking repertoire. I do recommend getting the HE books, but not as a "first hacking" text.

I can attest to this. I've let more than one Hacking Expose book go obsolete, (a newer version come out,) before finishing up what I wanted to do with it because I quickly found myself over my head. I think it's a great book-series for someone with a little bit of security/admin experience, maybe with a cert like Security+ or other security specialization under their belt, who is ready for some hands-on practice. Think of the Hacking Exposed books as makeshift lab manuals, though, not comprehensive texts.

L0gicB0mb508

Counter Hack might be a good read for you. There are also several books on setting up a security lab, with some basic labs in them. This would be a great intro. Hacking exposed looks a little over your head at your current level. Once you get some skills in the beginner labs then you can move onto hacking exposed and such.

good luck in your studies!

coffeeking

Thanks all, great input.

kimanyd

Check out the CEH exam prep book as well as the Penetration Tester's Open Source Toolkit.

Slowhand

kimanyd wrote: »

Check out the CEH exam prep book as well as the Penetration Tester's Open Source Toolkit.

That's what she said. (I had to, there was no way to avoid it.)

kimanyd

Too little, too late.

At the office today, I got one in on, "I'll take it, but Ed gets the next one."

And someone else got, "You're going to be really disappointed with the outcome of that poll," in addition to, "I'll keep beating on it until it springs into action."