Buy Used
$6.52
FREE Shipping on orders over $35.
Used: Good | Details
Sold by apex_media
Condition: Used: Good
Comment: Ships direct from Amazon! Qualifies for Prime Shipping and FREE standard shipping for orders over $25. Overnight and 2 day shipping available!
Access codes and supplements are not guaranteed with used items.
Trade in your item
Get a $2.00
Gift Card.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Professional Penetration Testing: Volume 1: Creating and Learning in a Hacking Lab Paperback – August 28, 2009

ISBN-13: 978-1597494250 ISBN-10: 1597494259 Edition: 1st

Used
Price: $6.52
13 New from $31.25 25 Used from $2.53
Rent from Amazon Price New from Used from
Kindle
"Please retry"
$19.84
Paperback
"Please retry"
$31.25 $2.53
Multimedia DVD
"Please retry"

NO_CONTENT_IN_FEATURE
Save up to 90% on Textbooks
Rent textbooks, buy textbooks, or get up to 80% back when you sell us your books. Shop Now

Product Details

  • Paperback: 528 pages
  • Publisher: Syngress; 1 edition (August 28, 2009)
  • Language: English
  • ISBN-10: 1597494259
  • ISBN-13: 978-1597494250
  • Product Dimensions: 9.1 x 7.4 x 1.2 inches
  • Shipping Weight: 2 pounds
  • Average Customer Review: 3.9 out of 5 stars  See all reviews (10 customer reviews)
  • Amazon Best Sellers Rank: #740,095 in Books (See Top 100 in Books)

Editorial Reviews

Review

"Wilhelm has created the ultimate handbook for becoming a pen tester. This is going to help launch many a career." - Richard Stiennon, Chief Research Analyst, IT-Harvest

"Professional Penetration Testing covers everything from ethical concerns, to advance concepts, to setting up your own custom laboratory. It is the most comprehensive and authoritative guide at penetration testing that I have seen. Tom Wilhelm is a true expert in the field who not only is in the trenches on a daily basis, but also takes the time to instruct others on the ways and means of pen testing." -Frank Thornton, Owner, Blackthorn Systems

From the Back Cover

Save yourself some money! This complete classroom-in-a-book on penetration testing provides material that can cost upwards of $1,000 for a fraction of the price!

Thomas Wilhelm has delivered pen testing training to countless security professionals and now through the pages of this book you can benefit from his years of experience as a professional penetration tester and educator. After reading this book you will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios.

Penetration testing is the act of testing a network to find security vulnerabilities before they are exploited by phishers, digital piracy groups, and countless other organized or individual malicious hackers. The material presented will be useful to beginners all the way through to advanced practitioners.

  • Find out how to turn hacking and pen testing skills into a professional career
  • Understand how to conduct controlled attacks on a network through real-world examples of vulnerable and exploitable servers
  • Master project management skills necessary for running a formal penetration test and setting up a professional ethical hacking business
  • Discover metrics and reporting methodologies that provide experience crucial to a professional penetration tester
  • Learn through video - the DVD includes instructional videos that replicate classroom instruction and live, real-world vulnerability simulations of complete servers with known and unknown vulnerabilities to practice hacking skills in a controlled lab environment


More About the Author

Thomas Wilhelm has been in involved in Information Security since 1990, where he served in the Army for eight years as a Signals Intelligence Analyst / Russian Linguist / Cryptanalyst.

A speaker at security conferences across the U.S., including DefCon, HOPE, and CSI, he has been employed by Fortune 100 companies to conduct Risk Assessments, participate and lead external and internal Penetration Testing efforts, and manage Information Systems Security projects.

Thomas is also a Doctoral student who holds Masters degrees in both Computer Science and Management. Additionally, he also dedicates some of his time as an Associate Professor at Colorado Technical University, and has contributed to multiple publications, including both magazines and books. His latest contribution was the publication titled "Professional Penetration Testing," released in August, 2009, which was his fourth book contribution to Syngress.

Customer Reviews

3.9 out of 5 stars
5 star
3
4 star
4
3 star
2
2 star
1
1 star
0
See all 10 customer reviews
The book will suit both the security professional and those new to the security field.
K. Wolstencroft
If you want much better coverage on technical matters not found in Andreu's book, try the core Hacking Exposed titles.
Richard Bejtlich
It has many of the scenarios and exercises that will help you to understand more about pen testing.
Alan Dunbar

Most Helpful Customer Reviews

38 of 41 people found the following review helpful By Richard Bejtlich on January 27, 2010
Format: Paperback
I had fairly high hopes for Professional Penetration Testing (PPT). The book looks very well organized, and it is published in the new Syngress style that is a big improvement over previous years. Unfortunately, PPT should be called "Professional Pen Testing Project Management." The vast majority of this book is about non-technical aspects of pen testing, with the remainder being the briefest overview of a few tools and techniques. You might find this book useful if you either 1) know nothing about the field or 2) are a pen testing project manager who wants to better understand how to manage projects. Those looking for technical content would clearly enjoy a book like Professional Pen Testing for Web Applications by Andres Andreu, even though that book is 3 years older and focused on Web apps.

PPT offers 18 chapters, with 12 chapters on project management and non-technical issues, and 6 ostensibly covering technical issues. The technical material is limited to the basics of conducting reconnaissance, running Nmap, Nessus, CORE IMPACT, Ettercap, Aircrack-ng, Netcat for "maintaining access," SSH for an "encrypted tunnel," and trivial file and script changes to "cover tracks." Seriously. I'm sure some review readers are saying "sometimes it's just that easy." That's true, but we don't need a 528 page book with an outrageous price tag to read about these well-known methods. If your experience with pen testing is limited to this book, take a look at Andres Andreu's title to see the sort of material you should expect in a book on pen testing.

I didn't find the project management parts all that helpful, either. Some of it just repeats material published in various guides like the Open Source Security Testing Methodology Manual.
Read more ›
2 Comments Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
10 of 10 people found the following review helpful By Bane on March 19, 2010
Format: Paperback
I recently finished going through Professional Penetration Testing by Wilhelm. This book is very good for beginers and advance Pen testers. In the past there have not really been any texts that focused on the entire process of Penetration testing. This is where Professional Penetration Testing excells. It goes over the entire process from start to finish.

For beginners, this text gives a very good overview of the entire penetration testing process from scoping all the way to writing an executive summary. For advanced testers, the most valuable sections are problaby the ones on testing frameworks, scoping, and report writing. I have met many testers who were excellent technically but could not communicate the results effectively to business leaders, this book will help these testers improve in that area. Advanced Pen Testers will probably not learn any technical tricks from this text.

My only complaint about the book is that it doesn't really go into how any of the exploits that one would use in pen testing work. For example, the author gives a listing of different NMAP scan options and very briefly goes over what the options are, but doesn't really explain why you would use one over the other. I am guessing that this omission is primarily due to the space required to add such information and the that the goal of the text seems to be to give the whole view of pen testing without going into too much deatil on any section.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
7 of 8 people found the following review helpful By K. Wolstencroft on April 27, 2010
Format: Paperback
I have read quite a few books covering the security field and have found most of them very dry and hard to read. Thomas Wilhelm's PPT book is the exception, I found it easy to read and managed to complete it in a weekend. The book will suit both the security professional and those new to the security field. The technical depth of the book will benefit systems administrators who need to gain an understanding of penetration testing. The project management aspects of the book will benefit the security professional moving into a more managerial role.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By Douglas Gullett on December 30, 2010
Format: Paperback
This book appears to be directed toward at least three audiences: Security consultants that may wish to start their own company, project managers interested in managing penetration testing, and finally those that want to get into the penetration testing field. There were some awesome nuggets in this book, but I felt that I had to dig to get to them. The book did not flow well in my opinion. Based on the title, I was hoping for a book that would take you through setting up an advanced "Professional" lab and address more advanced techniques.

The author definitely thought out all the ins and outs of writing up a contract with a client and many more legal ramifications that most companies focus on. That section is much marked up and will be kept for future reference.

I will admit I was a bit disappointed in part 2 as it clearly is directed toward beginners and not those with much experience. Overall, there is valuable information in this book and the material and extras on the CD are valuable. I think that it may have been more suitable to make this into two separate books.

The book has valuable knowledge, but the title is a bit misleading.

The next book on my list: Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques, from the same author.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Rami S. Altalhi on October 24, 2012
Format: Paperback Verified Purchase
I have read this book and found it talking about the tools most of the time, There is no such complete scenario of Penetration Testing and going step by step, That's why I'm not comfortable with this book after I read it.

I'll give you an example, Look at this book from Cisco Penetration Testing and Network Defense This book is published in 2005 but the way to deliver the penetration test is totally different than this book.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images