Programming Books C Java PHP Python Learn more Browse Programming Books
Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition and over one million other books are available for Amazon Kindle. Learn more
  • List Price: $60.00
  • Save: $40.25 (67%)
Rented from apex_media
To Rent, select Shipping State from options above
Due Date: Dec 23, 2014
FREE return shipping at the end of the semester. Access codes and supplements are not guaranteed with rentals.
FREE Shipping on orders over $35.
Condition: Used: Good
Comment: This is a used text in good condition. It may have some writing and highlighting. Ships directly from Amazon. Eligible for free super saver shipping.
Access codes and supplements are not guaranteed with used items.
Add to Cart
Qty:1
  • List Price: $60.00
  • Save: $22.34 (37%)
Only 7 left in stock (more on the way).
Ships from and sold by Amazon.com.
Gift-wrap available.
Add to Cart
Trade in your item
Get a $8.43
Gift Card.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition Paperback – January 27, 2011

ISBN-13: 978-0071742559 ISBN-10: 0071742557 Edition: 3rd

Buy New
Price: $37.66
Rent
Price: $19.75
37 New from $32.91 33 Used from $19.20
Amazon Price New from Used from
eTextbook
"Please retry"
Paperback
"Please retry"
$37.66
$32.91 $19.20

There is a newer edition of this item:

Gray Hat Hacking The Ethical Hacker's Handbook, Fourth Edition
$40.65
This title has not yet been released.

Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student



Frequently Bought Together

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition + Hacking: The Art of Exploitation, 2nd Edition + Metasploit: The Penetration Tester's Guide
Price for all three: $96.97

Buy the selected items together

NO_CONTENT_IN_FEATURE

Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Paperback: 720 pages
  • Publisher: McGraw-Hill Osborne Media; 3 edition (January 27, 2011)
  • Language: English
  • ISBN-10: 0071742557
  • ISBN-13: 978-0071742559
  • Product Dimensions: 1.4 x 7.4 x 8.9 inches
  • Shipping Weight: 2.6 pounds (View shipping rates and policies)
  • Average Customer Review: 4.6 out of 5 stars  See all reviews (9 customer reviews)
  • Amazon Best Sellers Rank: #221,524 in Books (See Top 100 in Books)

Editorial Reviews

About the Author

Allen Harper, CISSP, a retired Marine Corps Major, is the president and founder of N2NetSecurity, Inc., and a faculty member for the Institute for Applied Network Security, He has worked as a security consultant for the Internal Revenue Service and for Logical Security, LLC.

Shon Harris, CISSP, MCSE, is the president of Logical Security, a security consultant, a former engineer in the Air Force’s Information Warfare unit, an instructor, and a bestselling author. She was recognized as one of the top 25 women in the Information Security field by Information Security Magazine.

Jonathan Ness is a software security engineer at Microsoft. He is a member of an Air National Guard unit where he leads network penetration tests against military facilities across the country and helps define the information warfare aggressor mission for the Air Force.

Chris Eagle is a senior lecturer in the Computer Science Department at the Naval Postgraduate School (NPS) in Monterey, California. A computer engineer/scientist for 25 years, his research interests include computer network attack and defense, computer forensics, and reverse/anti-reverse engineering. He can often be found teaching at Black Hat or spending late nights working on capture the flag at Defcon

Gideon J. Lenkey, CISSP co-founded Ra Security Systems, a network security monitoring and consultancy. He has provided advanced training to the FBI and is the sitting president of the FBI's InfraGard chapter in New Jersey.

Terron Williams, NSA IAM-IEM, CEH, CSSLP, works for Elster Electricity as a Senior Test Engineer with his primary focus on Smart Grid Security. He has served on the editorial board for Hakin9 Magazine.

Customer Reviews

4.6 out of 5 stars
5 star
7
4 star
0
3 star
2
2 star
0
1 star
0
See all 9 customer reviews
Thank you for a wonderful read full of things which can never be learned to well!
Vincent Mabary
Short and Simple: Highly Recommanded to anyone who want to have idea of what hacking or hacker's world is like.
SrecaForever
As with any book like this it is important to practice the techniques in a lab to have the info "stick".
Jason Z.

Most Helpful Customer Reviews

58 of 61 people found the following review helpful By Richard Bejtlich on July 27, 2011
Format: Paperback
Critical reviews are my least favorite aspect of my Amazon experience, but I believe readers expect me to be honest with them. Gray Hat Hacking, 3rd Ed (GHH3E) has a lot of potential, but it needs a reboot and a ruthless editor. I read and reviewed the original edition 6 1/2 years ago but skipped the 2nd Ed. This 3rd Ed (published in Jan 2011) features several exceptionally talented authors (such as Allen Harper and Chris Eagle), so my expectations remained high. Unfortunately, after finishing the book I had collected a pile of notes that I will try to transform into constructive commentary for a 4th Ed, which I would enjoy seeing!

The GHH team needs to revisit first principles and decide just what it is trying to accomplish. I recommend the authors ditch the first three chapters, or radically concentrate on the ethical disclosure debate. The rest of the so-called legal material reads like a brain dump, almost like a blog post that never finishes. In some cases the authors of the sections stray from their topic, such as the "Vendors Paying More Attention" section on p 71. Cut it out! Be ruthless! Similarly, the section on social engineering (ch 4) needs a major overhaul if it is to survive into the next edition.

Other chapters have issues. Ch 7, on BackTrack, is basically just installation instructions. Ch 17 only devotes 17 pages to Web app security; either remove it or add substantially to the material. Ch 18 is supposed to be about VoIP, but it's mainly a discussion of the VoIPER tool. Ch 19 is supposed to be about SCADA attacks, but it's really just talk of the Autodafe and TFTPFuzz tools. In ch 28, the author doesn't explain how Nepenthes acquires a malware sample, besides letting it run on a cable network for a few weeks.
Read more ›
5 Comments Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
5 of 6 people found the following review helpful By SenseiC on December 6, 2011
Format: Kindle Edition Verified Purchase
I had this as a supporting text along with "legend" (William Stallings) "Internetworking with TCP/IP" text for a graduate course on Advanced Networks and Network Security.

I agree with many of the reviews that several of the chapters needed some more significant editorial review just to deliver topics in a clear and concise manner. That said I also completely disagree with the "for white hats by white hats" characterization. The book offers reasonably good overviews of numerous topics plus realistic examples of how most penetration attempts unfold. It also offers an appropriate discussion without "rendering judgement" about the nuances and conflicting interests surrounding defect disclosures and/or remediation (patches).

While versions constantly evolve, GHH would do well to include/add/expand on Linux "pen testing" distributions (BackTrack, Network Security Toolkit, security tools distribution, etc.), but not really spend much time on the mundane (installing, Live images, etc.) and more on which tools prove the most effective (The powers Metasploit can unleash should scare just about anyone!).

I also find it somewhat surprising with the pervasiveness of malware that only two chapters of the book focus on malware. Likewise I find it amazing that the book has a "one-chapter 'chat' on programming" (so often poor code exposes/provides the exploitation vector), but doesn't even mention CWE (Common Weakness Enumeration), etc. except as a footnote/reference.

As always the "Kindle edition" of a book leaves much to desire (especially the PC/Tablet "version" of the reader software). Someday someone at Amazon will look at an well-designed Adobe PDF and say, "Oh! I get it."

SenseiC bows out.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Jason Z. on October 10, 2013
Format: Paperback Verified Purchase
I just got done reading this book and I was quite impressed. I've read many other books on the same subjects and this handbook delivers the material without all the fluff. It shows the most popular (some of the most effective) tools and how they are used. I really love Ch. 6 about the "Insider Attacks" as it shows from start to finish how an attacker could leverage themselves as a domain admin with relative ease. While there are books alone written for each chapter this handbook sums each chapter up in a clear concise way especially if you are already a bit familiar with the tools and techniques. I would say that this book isn't written for a novice or someone who hasn't already have great understand of basic networking (TCP/IP) or systems experience.

There are excellent chapters about exploits, shellcodes and how to write and use them as well as some excellent examples of each. As with any book like this it is important to practice the techniques in a lab to have the info "stick". Overall, one of the more interesting books I've read that is not like the typical chapters you would see in a book related to becoming a "Certified Ethical Hacker".
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Dennis Schillinger on May 29, 2013
Format: Paperback Verified Purchase
This book was perfect for my class. I was able to find what I needed to help me through it.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 3 people found the following review helpful By Vincent Mabary on December 9, 2011
Format: Paperback Verified Purchase
Let me start by saying that my background is in enterprise configuration, system configuration and trouble-shooting, and information security policy. With that said I would heartily recommend that anyone working in the IT field would benefit from the lessons and skills which can be learned from this epitome of concise writing. Thank you for a wonderful read full of things which can never be learned to well!
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images

Search