Good Book Recommendation: "Hacker tips: A practical Guide to penetration testing"

Source: Internet
Author: User
Content Introduction

The so-called penetration testing, through the use of various vulnerability scanning tools, by simulating the hacker's attack method, to the network security assessment.

This book uses a large number of real-life cases and advice on philately to explain some of the obstacles that will be faced during penetration testing and how to solve them. This book is divided into 10 chapters, covering the book's Attack machine/tool installation configuration, network scanning, exploit, manual search and searching for Web application vulnerabilities, how to gain more important information after the system, social work skills, physical access attacks, circumvent anti-virus software methods, Crack down on password related tips and the final results of the summary of knowledge.

The book is arranged in an orderly manner, and the chapters are directly independent of each other, and readers can read them on demand or by chapter. This book does not require the reader to have a background in penetration testing, but it will be more helpful to understand the content of the book if it has relevant experience.

About the author

Peter Kim, CEO and chairman of Secure Planet, has nearly 10 years of experience in the field of security and has been conducting penetration testing for the past 7 years. He has lectured on penetration testing and cyber security at Howard Community College, Maryland, and has extensive security-related certifications.

Recommended index

Best-in-class penetration test books on the market, the United States Amazon ranked in the long-term first, and rave reviews, the English version of paper books in a year sales of 17,000 copies, electronic version sales of 7,500 copies, sales of seconds to kill all other similar penetration test books.

Spoiler: Rugby

The book describes the tactics of penetration testing in rugby jargon, which reads as follows:

1, pre-match preparation-installation: about how to configure the use of this book attack machines, tools. 2, before the service-scan network: Before the strike, you need to scan to understand the environment that will be facing. This chapter will delve into the search for target information and the relevant content of intelligent scanning. 3, with the ball-exploit: the use of the vulnerability detected in the scan, the system to attack. From now on, we have started to act. 4. Manual detection Technology for-web applications: Sometimes you need to be creative and look for open goals. We'll see how to manually find and attack Web apps. 5, horizontal transmission-infiltration intranet: After a system, how to get more important information through the network. 6, assists-social engineering: by acting to confuse the enemy, this chapter will explain some of the social engineering skills. 7. Short pass-an attack that requires physical access: a nice little kick that requires a very close distance. This will describe the attacks that require physical access. 8, four breakout-avoid anti-virus detection: When you are close, the sneak attack is very good. In most cases, you will be faced with anti-virus software obstruction. To address this obstacle, this chapter will introduce ways to circumvent the anti-virus system. 9, Secret Service group-crack, use and skills: crack password, exploit, and some tips. 10, after the game-Analysis Report: Competition process analysis and Results report. 11. Continuing education: Share with readers some of the things that are necessary to improve penetration testing, such as attending safety meetings, attending training courses, reading related books, researching loopholes, and participating in CTF competitions.

The above on the introduction of good Book Recommendation: "Hacker tips: A practical Guide to penetration testing," including aspects of the content, I hope that the PHP tutorial interested in a friend helpful.

  • Related Article

    Contact Us

    The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

    If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

    A Free Trial That Lets You Build Big!

    Start building with 50+ products and up to 12 months usage for Elastic Compute Service

    • Sales Support

      1 on 1 presale consultation

    • After-Sales Support

      24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.