Penetration testers simulate cyber attacks to find security weaknesses in networks, operating systems, and applications. Information security experts worldwide use penetration techniques to evaluate enterprise defenses.
In Penetration Testing, security expert, researcher, and trainer Georgia Weidman introduces you to the core skills and techniques that every pentester needs. Using a virtual machine–based lab that includes Kali Linux and vulnerable operating systems, you’ll run through a series of practical lessons with tools like Wireshark, Nmap, and Burp Suite. As you follow along with the labs and launch attacks, you’ll experience the key stages of an actual assessment—including information gathering, finding exploitable vulnerabilities, gaining access to systems, post exploitation, and more.
Learn how to:
You’ll even explore writing your own exploits. Then it’s on to mobile hacking—Weidman’s particular area of research—with her tool, the Smartphone Pentest Framework.
With its collection of hands-on lessons that cover key tools and strategies, Penetration Testing is the introduction that every aspiring hacker needs.
About the Author
Georgia Weidman is a penetration tester and researcher, as well as the founder of Bulb Security, a security consulting firm. She presents at conferences around the world, including Black Hat, ShmooCon, and DerbyCon, and teaches classes on topics such as penetration testing, mobile hacking, and exploit development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security.
If you are unable to download the supplementary files for the book, you can order a DVD with those resources here.
Table of Contents
Foreward by Peter Van Eeckhoutte
Penetration Testing Primer
Part 1: The Basics
Chapter 1: Setting Up Your Virtual Lab
Part 2: Assessments
Chapter 5: Information Gathering
Part 3: Attacks
Chapter 8: Exploitation
Part 4: Exploit Development
Chapter 16: A Stack-Based Buffer Overflow in Linux
Part 5: Mobile Hacking
Chapter 20: Using the Smartphone Pentest Framework
View the detailed Table of Contents (PDF).
View the Index (PDF).(top)
"Practical, useful and insightful. How hackers work and how you can use the same methods and tools to guard your systems against attack."
"The explanatory subtitle of this book is 'A Hands-On Introduction to Hacking,' and it's exactly what you'll get. This is the best book for pentesting beginners that I ever had the pleasure of reading."