Book Review: Penetration Testing – a Hands-On Introduction to Hacking

5-PenetrationTesting-Georgia-227x300

A few weeks ago I bought Georgia Weidman’s book about penetration testing: “A Hands-On Introduction to Hacking“. Being overloaded by many projects, I finally finished reading it and it’s now time to write a quick review. Georgia is an awesome person. There are not many recognized women in the information security landscape and Georgia is definitively one of them, I already met her a few times during security conferences! She started her own company, she’s a great speaker and the author of the SPF (“Smartphone Pentesting Framework“). That’s why I did not hesitate to buy her book.

The book title contains the word “Introduction” and, as explains Georgia in her introduction, this is the kind of book that you dream of when jumping into the penetration testing business. It covers indeed many topics but don’t be fooled by the title, it contains many tips and examples that could be useful also to experienced pentesters. Why? Sometimes people ask me how to “work in security” and I always compare information security to medicine. You have many specializations. It’s even more true for a pentester: web applications, reverse engineering, wireless, mobile devices, etc… It’s practically impossible to have a strong knowledge in all those ever-changing topics! That’s why Georgia’s book is a good reference. This is a technical book which focus on practical examples.

A first good surprise, the foreword was written by my friend Peter Van Eeckhoutte. If Peter accepted to put his name in a book, it’s a sign of quality! The book is big: 528 pages and 20 chapters which covers many topics. It is divided in five main sections which are organized like a regular pentest framework: from the reconnaissance phase up to the exploitation of found vulnerabilities:

  • The basics
  • Assessments
  • Attacks
  • Exploit development
  • Mobile hacking

In the first section, “The basics“, Georgia covers some essential tools you need to master like the Kali Linux distribution or the Metasploit framework and how to deploy your own home lab. The “Assessments” explains how to collect information using open source intelligence, traffic capture and vulnerability scanners. The third section “Attacks” is the biggest and, of course, the most interesting funny! The following topics are reviewed:

  • Exploitation
  • Password attacks
  • Client-side exploitation
  • Social engineering
  • Bypassing AV’s
  • Post exploitation
  • Webapp testing
  • Wireless attacks

Each chapters contains examples of commands, tips and some anecdoctes from Georgia’s previous engagements. It’s always good to learn from other’s experience. The next section is dedicated to exploit development (I suspect some contribution from Peter here ;-). Georgia explains how to exploit a stack-based buffer overflow in Linux and Windows environments. The chapter 19 is very interesting: it explains how to develop your own Metasploit modules. Finally, the last section covers mobile is based on Georgia’s own product the Smartphone Pentest Framework. At the end of the book a resources section lists all the references mentioned in the different chapters (link to tools, documentation, etc.). A goldmine!

While reading the book, I added plenty of bookmarks on pages that contains a specific command or useful command line switch. As said above, there are multiple domains to be pentested and we must keep us up-to-date. Everybody will learn by reading Georgia’s book! Keep in mind, the book focus on hacking and exploitation. No place for the homework like writing a report!

(This article was originally published on blog.rootshell.be/2014/07/30/book-review-penetration-testing-a-hands-on-introduction-to-hacking/ )

Xavier Mertens

Xavier Mertens is an independent security consultant. His job focuses mainly on protecting his customer’s resources by applying “offensive” (pentesting) as well as “defensive” security (log management, SIEM, security visualisation). Instead of using out of the box solutions from security vendors, he prefers to advice on best ways to solve security issues. In parallel to his daily job, Xavier maintains his security blog (blog.rootshell.be), is a BruCON (www.brucon.org) co-organizer and offers some spare time and resources to initiatives like the EuroTrashSecurity (www.eurotrashsecurity.eu) podcast.

Xavier Mertens
Xavier Mertens is an independent security consultant. His job focuses mainly on protecting his customer’s resources by applying “offensive” (pentesting) as well as “defensive” security (log management, SIEM, security visualisation). Instead of using out of the box solutions from security vendors, he prefers to advice on best ways to solve security issues.
Xavier Mertens on Linkedin

Leave a Reply

Your email address will not be published.

Stay in the loop with the lastest
software testing news

Subscribe