Written as an interactive tutorial, this book covers the core of BackTrack with real-world examples and step-by-step instructions to provide professional guidelines and recommendations to you. The book is designed in a simple and intuitive manner, which allows you to explore the whole BackTrack testing process or study parts of it individually. If you are an IT security professional or network administrator who has a basic knowledge of Unix/Linux operating systems including awareness of information security factors, and you want to use BackTrack for penetration testing, then this book is for you.
BackTrack 4: Assuring Security by Penetration Testing
and over one million other books are available for Amazon Kindle.
Learn more
| ||||||||||||||||||||
Book Description
Frequently Bought Together
Editorial Reviews
About the Author
Shakeel Ali
Shakeel Ali is a main founder and CTO of Cipher Storm Ltd, UK. His expertise in the security industry markedly exceeds the standard number of security assessments, compliance, governance, and forensic projects that he carries in day-to-day operations. As a senior security evangelist and having spent endless nights without taking a nap, he provides constant security support to various businesses and government institutions globally. He is an active independent researcher who writes various articles, whitepapers, and manages a blog at Ethical-Hacker.net. He regularly participates in BugCon Security Conferences, Mexico, to highlight the best-of-breed cyber security threats and their solutions from practically driven countermeasures.
Tedi Heriyanto
Tedi Heriyanto currently works as a Senior Technical Consultant in an Indonesian information technology company. He has worked with several well-known institutions in Indonesia and overseas, in designing secure network architecture, deploying and managing enterprise-wide security systems, developing information security policies and procedures, doing information security audit and assessment, and giving information security awareness training. In his spare times, he manages to research, write various articles, participate in Indonesian Security Community activities, and maintain a blog site. He has shared his knowledge in information security by writing several information security and computer programming books.
Product Details
Would you like to update product info or give feedback on images?
|
Customer Reviews
Most Helpful Customer Reviews
61 of 63 people found the following review helpful
Format:Paperback
This book is not just about learning a bunch of command line tools for p0wning a few poorly-maintained systems. In this book, the authors do a good job exposing the reader to the many facets of pen testing, and present the readers with the opportunity to try a few new things along the way, including virtualization, Linux, and BackTrack itself.
The authors introduce the idea that pen testing is not about randomly using a collection of tools to plink around a network. Instead, a structured, procedural methodology should be used to achieve timely, thorough, and reportable results. The author's also provide a detailed description of a security testing methodology to be used with BackTrack itself.
Each step in this methodology represents an element in the penetration testing life cycle management performed for each customer. The authors describe how this organized progression allows pen testers to determine their course of action, plan for needed resources, and not waste time and resources by duplicating effort. My only complaint is that this section is too small, and deserves expanding using actual case studies.
A considerable number of pen testing tools for each step in the methodology are covered with examples and instruction. Popular tools covered include Metasploit (Meterpreter), Maltego, NMap, NetXpose, and Nessus. Tools for exploiting (uh, testing) Web servers, databases, applications, and even Cisco devices are also covered.
I was very happy to see a chapter on Social Engineering. Experienced pen testers often remark that the most penetrable area of any system are the people who use and control it. The authors provide a detailed description of the psychology, tactics, and objectives of social engineering and how it is used to penetrate the "fleshy" parts of information systems.
This book is intended to educate both novice and experienced pen testers on how to successfully use BackTrack 4. I am sure not every professional pen testing will agree with everything in this book, as it represents the personal experience of only a few people in the profession. However, novices will find a tremendous amount of hands-on practice and enlightening information related to the pen testing profession in clear and readable instructions. Pros should a few things about becoming an even more efficient and versatile pen tester too.
The authors introduce the idea that pen testing is not about randomly using a collection of tools to plink around a network. Instead, a structured, procedural methodology should be used to achieve timely, thorough, and reportable results. The author's also provide a detailed description of a security testing methodology to be used with BackTrack itself.
Each step in this methodology represents an element in the penetration testing life cycle management performed for each customer. The authors describe how this organized progression allows pen testers to determine their course of action, plan for needed resources, and not waste time and resources by duplicating effort. My only complaint is that this section is too small, and deserves expanding using actual case studies.
A considerable number of pen testing tools for each step in the methodology are covered with examples and instruction. Popular tools covered include Metasploit (Meterpreter), Maltego, NMap, NetXpose, and Nessus. Tools for exploiting (uh, testing) Web servers, databases, applications, and even Cisco devices are also covered.
I was very happy to see a chapter on Social Engineering. Experienced pen testers often remark that the most penetrable area of any system are the people who use and control it. The authors provide a detailed description of the psychology, tactics, and objectives of social engineering and how it is used to penetrate the "fleshy" parts of information systems.
This book is intended to educate both novice and experienced pen testers on how to successfully use BackTrack 4. I am sure not every professional pen testing will agree with everything in this book, as it represents the personal experience of only a few people in the profession. However, novices will find a tremendous amount of hands-on practice and enlightening information related to the pen testing profession in clear and readable instructions. Pros should a few things about becoming an even more efficient and versatile pen tester too.
44 of 45 people found the following review helpful
Format:Paperback
Right after I got this book, Backtrack 5 was released. My intention was to go through the book and compare/contrast things to Backtrack 5. Well, we all know the saying about the best layed plans...
That being said, I believe the information in this book to be directly applicable to Backtrack 5 and a good reference for it!
The book is a great tutorial and walk-through on how to use Backtrack for security and penetration testing, but, more than that, it offers good information about the field in general. You will go through software installations, software overviews, methodologies, tests / testing, and my favorite part, reporting and deliverables, a MUST for professional computer people.
I think this is an excellent book to add to your knowledge arsenal and you may be surprised at just how much you didn't know. I know I was. This really is an important subject for computer professionals and I cant think of a better way to brush up than by grabbing a copy today. Thumbs up!
That being said, I believe the information in this book to be directly applicable to Backtrack 5 and a good reference for it!
The book is a great tutorial and walk-through on how to use Backtrack for security and penetration testing, but, more than that, it offers good information about the field in general. You will go through software installations, software overviews, methodologies, tests / testing, and my favorite part, reporting and deliverables, a MUST for professional computer people.
I think this is an excellent book to add to your knowledge arsenal and you may be surprised at just how much you didn't know. I know I was. This really is an important subject for computer professionals and I cant think of a better way to brush up than by grabbing a copy today. Thumbs up!
49 of 51 people found the following review helpful
Format:Paperback|Amazon Verified Purchase
This book was written very well for any BackTrack Beginners. Note going into this book though that BackTrack 5 is now available for free download. The chapters go over a lot of the tools, and you delve into Metasploit and some other Vulnerability Tools as well, though it sometimes seems rushed (which is why I am giving it a 4star instead of 5star rating). I think this book would have been amazing if it had a DVD with extra stuff, or even with the Backtrack ISO on it.
I would recommend this to anyone who doesn't know very much about BackTrack, or anyone who just wants a reference for it. This is also a great book for beginner Pen Testers.
I would recommend this to anyone who doesn't know very much about BackTrack, or anyone who just wants a reference for it. This is also a great book for beginner Pen Testers.
Most Recent Customer Reviews
Carry out network or application security assessments with BackTrack,...
BackTrack is one of the famous pen-testing suites available for carrying different kinds of security assessments. Read more
Published 1 month ago by Chris Fry
Technical guide for Penetration Testing
One of the great books to read. I would highly recommend this book for those who are involved in vulnerability assessments, research and pen-testing projects. Read more
Published 2 months ago by DANIEL KORANDO
Very practical and handful guide with detailed examples
BT4 book has practically built my strength in understanding the subject of Penetration Testing. The book contents are covered by useful descriptions and illustrative examples to... Read more
Published 3 months ago by Mrs. lilian todd
Testing software applications and network security using Backtrack 4,...
The book provides technical knowledge to assess the software systems and network security through "penetration testing". Read more
Published 4 months ago by N WILLIAMS
One of the best security books of 2011, increases knowledge and...
I've been working in a security industry for almost a decade now. The BT4 book covers all the core aspects of ethical hacking/penetration testing with systematic methodology which... Read more
Published 4 months ago by Chris Hobbins
A key to discover hackers secret world with "BackTrack" tools and...
After reading this book, it was quite surprising for me to see how much I knew about IT security from defensive end. Read more
Published 4 months ago by G H Turner
Learn the professional penetration testing in just few steps
It is hard to find a single source of study material on penetration testing subject. This book has resolved that problem by providing such a concise and informative explanation on... Read more
Published 4 months ago by Graeme Wood
Get the best out of network security testing with BackTrack Linux
As many of us may know that BackTrack has emerged from the combination of WHAX and Auditor Security Collection. I had been attached to these distributions for a long period. Read more
Published 5 months ago by Cat Machin
Take your ethical hacking skills to the next-level
One of fantastic books I have came across recently. The book contents are properly structured and attentively reviewed to provide better understanding of "Pen-Testing". Read more
Published 5 months ago by J Abbott Donnelly
Bad. Very, very bad...
I've been in IT for 20 years, 10 focusing on security but am new to pentesting. I got this book to (hopefully) get a quick intro to BT before wading through thousands of man pages. Read more
Published 5 months ago by Nick
Inside This Book
(learn more)
What Other Items Do Customers Buy After Viewing This Item?
Tags Customers Associate with This Product(What's this?)Click on a tag to find related items, discussions, and people.
|
Customer Discussions
|
This product's forum
Active discussions in related forums
Search Customer Discussions
|
Related forums
|
![[Start the discussion]](http://g-ecx.images-amazon.com/images/G/01/x-locale/communities/discussion_boards/start-new-discussion-sec._V192250339_.gif){kind=small}
Listmania!
|
|
