Security Power Tools and over one million other books are available for Amazon Kindle. Learn more
  • List Price: $59.99
  • Save: $19.11 (32%)
Only 13 left in stock (more on the way).
Ships from and sold by
Gift-wrap available.
Used: Acceptable | Details
Sold by FPQ Books
Condition: Used: Acceptable
Comment: The cover is clean but does show some wear; bent corner. The cover has curled corners. The spine is creased and warped. The pages show normal wear and tear. Text only, no supplement included. Item ships secure with Fulfillment By Amazon, Prime customers get 2nd day at no charge!
Access codes and supplements are not guaranteed with used items.
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

Security Power Tools Paperback – September 6, 2007

ISBN-13: 978-0596009632 ISBN-10: 0596009631 Edition: 1st

Buy New
Price: $40.88
32 New from $15.06 29 Used from $3.25
Amazon Price New from Used from
"Please retry"
"Please retry"
$15.06 $3.25
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student

Frequently Bought Together

Security Power Tools + Network Security Assessment: Know Your Network + Security Warrior
Price for all three: $105.37

Buy the selected items together

Hero Quick Promo
Save up to 90% on Textbooks
Rent textbooks, buy textbooks, or get up to 80% back when you sell us your books. Shop Now

Product Details

  • Paperback: 860 pages
  • Publisher: O'Reilly Media; 1 edition (September 6, 2007)
  • Language: English
  • ISBN-10: 0596009631
  • ISBN-13: 978-0596009632
  • Product Dimensions: 7 x 1.9 x 9.2 inches
  • Shipping Weight: 3 pounds (View shipping rates and policies)
  • Average Customer Review: 4.4 out of 5 stars  See all reviews (13 customer reviews)
  • Amazon Best Sellers Rank: #1,217,947 in Books (See Top 100 in Books)

Editorial Reviews

About the Author

Bryan Burns is the technical editor and general project leader of this book. He is the Chief Security Architect for Juniper Networks with more than a decade of experience in the security networking field and with numerous posts at leading network security companies.All other contributors are security engineers and researchers working at Juniper Networks in various posts both in the security network lab and in the field.

Dave Killion (NSCA, NSCP) is a senior security research engineer with Juniper Networks, Inc. Formerly with the U.S. Army's Information Operations Task Force as an Information Warfare Specialist, he currently researches, develops, and releases signatures for the NetScreen Deep Inspection and Intrusion Detection and Prevention platforms. Dave has also presented at several security conventions including DefCon and ToorCon, with a proof-of-concept network monitoring evasion device in affiliation with several local security interest groups that he helped form. Dave lives south of Silicon Valley with his wife Dawn and two children, Rebecca and Justin.

Nicolas Beauchesne is a network security engineer specializing in network penetration. He has worked with Juniper Networks for the past two years.

Eric Moret is originally from France and lives with his wife and two children in the San Francisco Bay Area. He obtained his Masters degree in Computer Sciences in 1997. He currently works at Juniper Networks where he manages a team dedicated to testing and releasing network protocol decoders for security appliance products. In addition to writing he enjoys traveling the world, photography and, depending on the season, snow boarding the Sierra Nevada or scuba diving Mexican caves.

Julien Sobrier is a network security engineer at Zscaler. He works on the web security in the cloud. He was previously working for Juniper Networks. His experience was on the Intrusion Detection and Preventions systems. He is also the creator of, a URL shortener focused on security.

Michael Lynn is a network security engineer at Juniper Networks. He has worked there for the past two years.

Eric Markham is a security engineer. He has been with Juniper Networks for the past five years.

Chris Iezzoni has been a security researcher and signature developer with Juniper's security team for several years.

Philippe Biondi is a research engineer at EADS Innovation Works. He works in the IT security lab, and is the creator of many programs like Scapy or ShellForge.

Jennifer Stisa Granick is the Civil Liberties Director at the Electronic Frontier Foundation. Before EFF, Granick was a Lecturer in Law and Executive Director of the Center for Internet and Society at Stanford Law School where she taught Cyberlaw and Computer Crime Law. She practices in the full spectrum of Internet law issues including computer crime and security, national security, constitutional rights, and electronic surveillance, areas in which her expertise is recognized nationally.

Before teaching at Stanford, Jennifer spent almost a decade practicing criminal defense law in California. She was selected by Information Security magazine in 2003 as one of 20 "Women of Vision" in the computer security field. She earned her law degree from University of California, Hastings College of the Law and her undergraduate degree from the New College of the University of South Florida.

Steve Manzuik has more than 13 thirteen years of experience in the information technology and security industry. Steve founded and was the technical lead for Entrench Technologies. Prior to Entrench, Mr. Manzuik was a manager in Ernst & Young's Security & Technology Solutions practice. Steve co-authored Hack Proofing Your Network, Second Edition (Syngress, 1928994709).

Paul Guersch is a security technical writer and one of the developmental editors of Security Power Tools (O'Reilly). He has been with Juniper Networks for a year and a half.

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

4.4 out of 5 stars
5 star
4 star
3 star
2 star
1 star
See all 13 customer reviews
That's a good thing for a "power tool book" isn't it ?
This book is written for experienced security professionals who need an authoritative resource for finding the best IT security tool for the job.
Ben Rothke
The large number of authors means though that the writing style and ease of understanding varies from one section of the book to the next.
Stephen Chapman

Most Helpful Customer Reviews

20 of 21 people found the following review helpful By Richard Bejtlich on January 17, 2008
Format: Paperback
I am probably the first reviewer to have read the vast majority of Security Power Tools (SPT). I do not think the other reviewers are familiar with similar books like Anti-Hacker Toolkit, first published in 2002 and most recently updated in a third edition (AHT3E) in Feb 2006. (I doubt the SPT authors read or even were aware of AHT3E.) SPT has enough original material that I expect at least some of it will appeal to many readers, justifying four stars. On the other hand, a good portion of the material (reviewed previously as "the most up-to-date tools") offers nothing new and in some cases is several years old.

I'll begin with my favorite sections. SPT started very strongly with Jennifer Grannick's chapter on law as it pertains to security issues. She is an excellent writer and I would like to see her create her own book on the same subject. I liked Philippe Biondi's work in Ch 6 (Custom Packet Generation) although his coverage of Scapy (while great) is not for the beginner. (Just try as many examples as you can -- Scapy is cool.) Ch 7 (Metasploit) provided a great discussion of Metasploit 3; I learned quite a bit. I was pleasantly surprised by Ch 15 (Securing Communications). It was very practical. I should mention that some of the chapters appeared to be good, but they were outside my expertise and beyond my skill level. These included Ch 10 (Custom Exploitation), Ch 22 (Application Fuzzing) and Ch 23 (Binary Reverse Engineering). I was initially inclined to skip the section on BO2k in Ch 11 (Backdoors), but I didn't know the tool had been updated in Mar 07 and could be considered "viable" in the age of botnets.

Readers may also like SPT because it mixes coverage of open source and commercial tools.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
13 of 14 people found the following review helpful By Todd Dailey on September 17, 2007
Format: Paperback
I haven't quite digested all 800+ pages yet, but I've found this book to be a useful reference and I believe this book is useful for beginners and experts alike.

Beginners will like the logical structure, beginning with ethical issues and progressing through Reconnaissance, Penetration, Control, Defense, Monitoring and Discovery. This is a logical sequence that closely follows how a new security analyst would actually learn security topics. In particular I thought part II, Reconnaissance, was well-written and clear, covering all the major tools and explaining the complex topics in a way that should be very clear to the newbie.

Experts will like it as a good, and very up-to-date, survey of all the major tools and techniques. I learned quite a bit in the Penetration section that I didn't know before, such as the section on MOSDEF and Canvas. The index is very good, so even if you don't read through this cover-to-cover it's a good reference on tools and common techniques.

The book is edited well and meets my high expectations for an O'Reilly book. Graphics and screenshots are liberally shown throughout, and callout boxes explain advanced topics in many sections. Although there are a bunch of authors the editorial style is pretty consistent and it doesn't feel like a mishmash.

Overall this is a great book for security researchers at any level, and it compares well with my favorite O'Reilly security book, the venerable Building Internet Firewalls.

If you like this book you'd probably also like the excellent Network Warrior by Gary Donahue. This book is a good general survey of everything in security, while Gary's book is a more of a personal testimonial from a professional security researcher about how he does his job. Both are useful in their own way.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
7 of 8 people found the following review helpful By R. S. Shyaam Sundhar on December 2, 2007
Format: Paperback Verified Purchase
I guess there is a misconception in the field of pentesting that everything is about tools. People started considering pentesting as mere collection of tools. This books is not about that. This book does not only help with knowing the various tools, it helps you to understand them, to tune them according to your need or your customer's need. The real skill is not to write a tool of your own when you already have the same tool out there. The real skill in this field is to take an existing tool and modify it based on your need.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By bnell on February 12, 2008
Format: Paperback
Security Power Tools (SPT) is O'Reilly Publishing's sister manual to their popular Unix Power Tools […]. It is written as a primer to various security tools, organized within seven sections, covering Legal and Ethics, Reconnaissance, Penetration, Control, Defense, Monitoring, and Discovery. While the target audience of SPT is security professionals, the book weighs in at just over 800 pages and probably has something for everyone working in a technical facet of IT.

Having said that, I really enjoyed reading this book. I read it nearly cover-to-cover, and while I was at least familiar with most of the material in the book, I was still able to find gems of knowledge, even in tools that I work with on a daily basis. Expect to read about some tools that you may already know about, like Nmap, Nessus, and The Metasploit Framework, but keep reading for a heap of other useful applications that you may not be familiar with.

One of the strengths of the book is the varying backgrounds of its contributing authors; just as the book covers a diverse tool set, the expertise of the authors is also diverse. The book was written collaboratively by twelve individuals, made up primarily of Juniper Networks' J-Security team […]. Despite an opportunity for vendor-bias towards Juniper products, the book remained vendor-neutral. The majority of the book focuses on open-source and free-ware applications, although there is commercial software covered as well. In fact, Chapter 9 - Exploitation Framework Applications covers Canvas […] and Core Impact […] exclusively; both commercial applications.

One of the chapters that makes this book unique is the chapter on Law and Ethics, written by Jennifer Stisa Granick.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Most Recent Customer Reviews

What Other Items Do Customers Buy After Viewing This Item?