Security Bible

cjthedj45cjthedj45 Member Posts: 331 ■■■□□□□□□□
Hi,

I'm not studying the CEH course at the minute but wondered if you could recommend a really good security/hacking book. Like a bible that a security professional should not be without??

I have been told the Wiley hacker is good and saw Grey Hat Hacking on Amazon.

Thanks

Comments

  • dbrinkdbrink Member Posts: 180
    Hacking Exposed books are usually pretty good.
    Currently Reading: Learn Python The Hard Way
    http://defendyoursystems.blogspot.com/
  • jesseou812jesseou812 Member Posts: 60 ■■□□□□□□□□
    Second the motion on Hacking Exposed.
  • dmoore44dmoore44 Member Posts: 646
    I'll third the Hacking Exposed book. Also, the Grey Hat series (Hacking, Python, etc...) is generally pretty good.
    Graduated Carnegie Mellon University MSIT: Information Security & Assurance Currently Reading Books on TensorFlow
  • the_hutchthe_hutch Banned Posts: 827
    For anyone just getting started, my recommendation would be "Metasploit: The Penetration Testers Guide." Metasploit is the one single tool that is functional enough that it can be used for nearly every part of the traditional PenTesting methodology, but streamlined enough that someone new to ethical hacking can learn it without becoming too overwhelmed. I always recommending learning PenTesting with Metasploit first.
  • QuantumstateQuantumstate Member Posts: 192 ■■■■□□□□□□
    Thanks Hutch, but Metasploit is like a giant undertaking. How would a beginner approach this?
  • the_hutchthe_hutch Banned Posts: 827
    I don't consider metasploit to be huge undertaking. Metasploit streamlines nearly every function of backtrack into one interface. You can use nmap, nessus, nexpose, auxillary scanning modules, exploits and payloads all in one package. In my opinion it simplifies things. I'd say given the right material (either Metasploit Unleashed or Metasploit: A Penetration Tester's Guide), you can learn most of the functionality of Metasploit within a couple days.
  • zxshockaxzzxshockaxz Member Posts: 108
    I'd also like to add that securitytube has TONS of information about learning metasploit. thats where i started.
  • the_hutchthe_hutch Banned Posts: 827
    True. The MSFE (Metasploit Framework Expert) video course on SecurityTube is free...and a very good resource.
  • JayTheCrackerJayTheCracker Member Posts: 169
    i like to study Exam StudyGuides (without sitting the actual exam)....
    for eg, i did that for A+ & N+, very good read........... :)

    so, i wanna suggest S+ study guide by darril gibson &or CEH Sybex/all-in-one guide
  • cjthedj45cjthedj45 Member Posts: 331 ■■■□□□□□□□
    cheers guy thanks for the responses. Hacking exposed looks good so think I will get that. Im not a complete newby by the way. I'm a network engineer primarily but this does extend to security. I currently scan the network for vulnerabilities using nessus and also have to perform risk assessments and provide evidence for PCI audits. I have no books though and security is an area I think I would like to do solely.
  • cjthedj45cjthedj45 Member Posts: 331 ■■■□□□□□□□
    just bought hacking exposed edition 7 thanks again guys
  • QuantumstateQuantumstate Member Posts: 192 ■■■■□□□□□□
    Did you get the ebook? If so, what form?
Sign In or Register to comment.