What do you think?
Rate this book
Kali Linux渗透测试的艺术(异步图书) (信息安全技术丛书)
Kali Linux是一个渗透测试兼安全审计平台,集成了多款漏洞检测、目标识别和漏洞利用工具,在信息安全业界有着广泛的用途。
本书从业务角度出发,通过真实攻击案例并辅之以各种实用的黑客工具,探讨了进行渗透测试所需的各种准备工序和操作流程。本书共分为12章,其内容涵盖了Kali Linux的使用、渗透测试方法论、收集评估项目需求的标准流程、信息收集阶段的工作流程、在目标环境中探测终端设备的方法、服务枚举及用途、漏洞映射、社会工程学、漏洞利用、提升权限、操作系统后门和Web后文的相关技术、渗透测试文档报告的撰写等。
本书适合讲解步骤清晰易懂、示例丰富,无论是经验丰富的渗透测试老手,还是刚入门的新手,都会在本书中找到需要的知识。
本书从业务角度出发,通过真实攻击案例并辅之以各种实用的黑客工具,探讨了进行渗透测试所需的各种准备工序和操作流程。本书共分为12章,其内容涵盖了Kali Linux的使用、渗透测试方法论、收集评估项目需求的标准流程、信息收集阶段的工作流程、在目标环境中探测终端设备的方法、服务枚举及用途、漏洞映射、社会工程学、漏洞利用、提升权限、操作系统后门和Web后文的相关技术、渗透测试文档报告的撰写等。
本书适合讲解步骤清晰易懂、示例丰富,无论是经验丰富的渗透测试老手,还是刚入门的新手,都会在本书中找到需要的知识。
461 pages, Kindle Edition
First published January 1, 2014
4 people are currently reading
35 people want to read
About the author
Lee Allen
3 booksLibrarian Note: There is more than one author in the Goodreads database with this name.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 8 of 8 reviews
April 19, 2018
A solid introduction to Penetration Testing with Kali Linux. Practical instructions on how to use the various tools in a test environment, and the various phases such as methodology, reconnaissance, discovery, enumeration, vulnerability mapping, social engineering, exploitation, privilege escalation and maintaining access are all covered. There is also a chapter on how to report and communicate findings to different levels of resources in the organization.
February 9, 2018
They teach about a lot of different kali tools. Really enjoyed the read.
August 21, 2014
Kali Linux is a rising star among Linux distros. As successor of Backtrack, its popularity as penetration test distro is increasing. But today, I won't talk about Kali Linux. This post will talk about a book for people who are interested in network security, especially in penetration testing area. PacktPub released a book titled Kali Linux – Assuring Security by Penetration Testing. If you're new to Kali or maybe Linux itself but interested in penetration testing, this book is for you. The book tell us from how to install Kali Linux to the installed tools and how to use them.
But if you have read a book titled "Backtrack 4 – Assuring Security by Penetration Testing", you might be a bit disappointed. Most content of those books are same. Especially early chapter in the book. From my point of view, the only differences between them are the explained tools. Some of them are new in Kali Linux, but some old but gold tools from Backtrack are missing.
If you haven't read the Backtrack book, I recommend reading the 2nd and 3rd chapter, which talked about penetration testing methodology. Thus if someone were ordered you to pentest their system, you would know what to do first. After you read this book for a while, you could pay attention to 11th chapter at web backdoors sub chapter. It is additional topic in this book, compared to the Backtrack book. Unfortunately, those tools are not explained in detail. You should read from other references, if you want to know more.
But if you have read a book titled "Backtrack 4 – Assuring Security by Penetration Testing", you might be a bit disappointed. Most content of those books are same. Especially early chapter in the book. From my point of view, the only differences between them are the explained tools. Some of them are new in Kali Linux, but some old but gold tools from Backtrack are missing.
If you haven't read the Backtrack book, I recommend reading the 2nd and 3rd chapter, which talked about penetration testing methodology. Thus if someone were ordered you to pentest their system, you would know what to do first. After you read this book for a while, you could pay attention to 11th chapter at web backdoors sub chapter. It is additional topic in this book, compared to the Backtrack book. Unfortunately, those tools are not explained in detail. You should read from other references, if you want to know more.
July 10, 2014
The book focuses on developing penetration testing skills for ensuring complete security in the network environment. If you are an IT security professional, with a basic knowledge of Unix/Linux operating systems then the book is ideal instrument to prevent vulnerabilities in the network,
The book is fully focused on guiding you to develop practical penetrating testing skills by demonstrating step by step the hacker tools and techniques. The book starts with lab techniques and testing procedures, giving a detailed explanation on the basic installation and configuration set up, discussing different types of penetration testing methodologies and proposing the Kali Linux specific testing process.
A number of security assessment tools for conducting penetration testing in different categories (target scoping, information gathering, discovery, enumeration, vulnerability mapping, social engineering exploitation, privilege escalation,, maintaining access and reporting) have been discussed, following formal testing methodology.
The authors Lee Allen and Tedi Heriyantohave both combined together to give a complete treatise on complete security in your network system.
http://www.packtpub.com/kali-linux-as...
The book is fully focused on guiding you to develop practical penetrating testing skills by demonstrating step by step the hacker tools and techniques. The book starts with lab techniques and testing procedures, giving a detailed explanation on the basic installation and configuration set up, discussing different types of penetration testing methodologies and proposing the Kali Linux specific testing process.
A number of security assessment tools for conducting penetration testing in different categories (target scoping, information gathering, discovery, enumeration, vulnerability mapping, social engineering exploitation, privilege escalation,, maintaining access and reporting) have been discussed, following formal testing methodology.
The authors Lee Allen and Tedi Heriyantohave both combined together to give a complete treatise on complete security in your network system.
http://www.packtpub.com/kali-linux-as...
July 10, 2014
Kali Linux is one of the most advanced and versatile penetrating testing distribution ever created. It is a Debian derived Linux distribution designed for digital forensics and penetration testing. Kali Linux, it may be added, is a GPL-compliant Linux distribution built by penetration testers for penetration testers with development staff consisting of individuals spanning different languages, regions, industries, and nationalities.
Lee Allen,Tedi Heriyanto and Shakeel Ali have, painstakingly revealed the industry’s best approach for logical and systematic penetrating testing process.
The book starts from the basics – lab penetration and testing procedures – and goes on to elaborate about the basic installation and configuration set up, discussing different types of penetration testing, uncovering open security testing methodologies and proposing Kali Linux specific testing process.
It is a ‘must go through’ book for IT security professionals. However, they must have a basic knowledge of Unix/Linux operating systems. They must also have an awareness of information security factors.
http://www.packtpub.com/kali-linux-as...
Lee Allen,Tedi Heriyanto and Shakeel Ali have, painstakingly revealed the industry’s best approach for logical and systematic penetrating testing process.
The book starts from the basics – lab penetration and testing procedures – and goes on to elaborate about the basic installation and configuration set up, discussing different types of penetration testing, uncovering open security testing methodologies and proposing Kali Linux specific testing process.
It is a ‘must go through’ book for IT security professionals. However, they must have a basic knowledge of Unix/Linux operating systems. They must also have an awareness of information security factors.
http://www.packtpub.com/kali-linux-as...
July 10, 2014
A great introductory practical tutorial. Provides valuable information with good amount of detail on using Kali for security and penetration tests. One of the greatest benefits of using Kali is the packages of tools which comes with it. This book does a good job on covering topics like exploitation and security vulnerabilities using tools like Metasploit. Additionally covers number of other tools and their uses such as: Wireshark, Nessus and Nmap. Overall a solid book with good flow and good selection topics. Only critique (personal) I would say that the book is a hefty size and really gets useful after chapter 4, it is quite broad and takes an introductory approach, but it had potential to explore concepts in more depth and cover the real difficulties in this field, but for an introductory useful reference to security and penetration tests, this book is a great place to start.
http://www.packtpub.com/kali-linux-as...
http://www.packtpub.com/kali-linux-as...
July 7, 2014
Had some time over the holiday to finish my review copy of Kali Linux – Assuring Security by Penetration Testing, which is Ppobably one of the better beginner/intermediate Kali books.
This book covers a lot of ground and lays down a solid foundation for discovery, enumeration, vulnerability assessment, exploitation, persistence, and reporting. It covers a lot of the basic tools like nmap, wireshark, metasploit, openvas,and burp as well as going into some of the fuzzers, MITM attacks, escalation and more.
The only thing that would make this book perfect is if the author got rid of the first two chapters (downloading,installing,configuring, etc) and condensed the chapters on penetration testing methodologies and reporting together.
You can read more about it here: http://goo.gl/TQ80h3.
This book covers a lot of ground and lays down a solid foundation for discovery, enumeration, vulnerability assessment, exploitation, persistence, and reporting. It covers a lot of the basic tools like nmap, wireshark, metasploit, openvas,and burp as well as going into some of the fuzzers, MITM attacks, escalation and more.
The only thing that would make this book perfect is if the author got rid of the first two chapters (downloading,installing,configuring, etc) and condensed the chapters on penetration testing methodologies and reporting together.
You can read more about it here: http://goo.gl/TQ80h3.
Read
November 4, 2016Location: ND6 IRC
Accession No: DL028598
Accession No: DL028598
Displaying 1 - 8 of 8 reviews