Top positive review
6 people found this helpful
Amazing book, highly recommended!
on 15 May 2014
I'd been looking for a book to a) learn more about Penetration Testing and b) have something as a reference guide for future use. I bought this whilst researching the subject for work, so I'm not a professional PenTester.
I think Patrick has done a great job on gearing this book up for the general spectrum of people reading it. It starts pretty much from the real basics (setting up Kali, "starting the engine" of your attack machine etc) and takes you right through to post exploitation, maintaining access etc.
The book covers the 4 main areas you'd expect - recon, scanning, exploit and post. I was reading away, making notes and practicing things, then all of a sudden I was taking over my target machine and executing real exploits, totally from this book. Every day I would start my computer up, get my book out etc, but I also found myself reading this book in my garden and it making perfect sense. You don't have to be in front of a machine doing things step by step - Patrick has done really well in teaching the concepts of "hacking" and the mindset required to get you thinking like a "hacker", not just a droid punching commands in to software.
Patrick guides you through all the processes, explaining everything as you go. It would be unreasonable to expect Patrick to explain every switch in every tool in Kali, but he gives clear references to where you can find out more about the tools you're using, their uses etc. Rather than glossing over things (like some other books); Patrick explains things thoroughly enough, but also says things like "take time to learn about XX", so you end up with some great pointers on where to go next to help yourself achieve in the most productive way.
I read The Basics of Hacking & Penetration Testing first, then "Metasploit: The Penetration Testers Guide", then "Violent Python". All 3 books give you a great understanding of some of the most powerful pieces of kit out there.
Perfect book for anyone interested in PenTesting, at any level - great read.