Aucun appareil Kindle n'est requis. Téléchargez l'une des applis Kindle gratuites et commencez à lire les livres Kindle sur votre smartphone, tablette ou ordinateur.

  • Apple
  • Android
  • Windows Phone
  • Android

Pour obtenir l'appli gratuite, saisissez votre numéro de téléphone mobile.

Prix Kindle : EUR 19,99

EUR 27,47 (58%)

TVA incluse

Ces promotions seront appliquées à cet article :

Certaines promotions sont cumulables avec d'autres offres promotionnelles, d'autres non. Pour en savoir plus, veuillez vous référer aux conditions générales de ces promotions.

Envoyer sur votre Kindle ou un autre appareil

Envoyer sur votre Kindle ou un autre appareil

Penetration Testing: A Hands-On Introduction to Hacking par [Weidman, Georgia]
Publicité sur l'appli Kindle

Penetration Testing: A Hands-On Introduction to Hacking Format Kindle

Voir les formats et éditions Masquer les autres formats et éditions
Prix Amazon
Neuf à partir de Occasion à partir de
Format Kindle
"Veuillez réessayer"
EUR 19,99

Descriptions du produit

Présentation de l'éditeur

Penetration testers simulate cyber attacks to find security weaknesses in networks, operating systems, and applications. Information security experts worldwide use penetration techniques to evaluate enterprise defenses.

In Penetration Testing, security expert, researcher, and trainer Georgia Weidman introduces you to the core skills and techniques that every pentester needs. Using a virtual machine-based lab that includes Kali Linux and vulnerable operating systems, you'll run through a series of practical lessons with tools like Wireshark, Nmap, and Burp Suite. As you follow along with the labs and launch attacks, you'll experience the key stages of an actual assessment - including information gathering, finding exploitable vulnerabilities, gaining access to systems, post exploitation, and more.

Learn how to:

  • Crack passwords and wireless network keys with brute-forcing and wordlists
  • Test web applications for vulnerabilities
  • Use the Metasploit Framework to launch exploits and write your own Metasploit modules
  • Automate social-engineering attacks
  • Bypass antivirus software
  • Turn access to one machine into total control of the enterprise in the post exploitation phase

You'll even explore writing your own exploits. Then it's on to mobile hacking - Weidman's particular area of research - with her tool, the Smartphone Pentest Framework.

With its collection of hands-on lessons that cover key tools and strategies, Penetration Testing is the introduction that every aspiring hacker needs.

Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 15558 KB
  • Nombre de pages de l'édition imprimée : 528 pages
  • Utilisation simultanée de l'appareil : Illimité
  • Editeur : No Starch Press; Édition : 1 (29 mai 2014)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • ASIN: B00KME7GN8
  • Synthèse vocale : Activée
  • X-Ray :
  • Word Wise: Non activé
  • Composition améliorée: Non activé
  • Moyenne des commentaires client : Soyez la première personne à écrire un commentaire sur cet article
  • Classement des meilleures ventes d'Amazon: n°167.019 dans la Boutique Kindle (Voir le Top 100 dans la Boutique Kindle)
  •  Voulez-vous faire un commentaire sur des images ou nous signaler un prix inférieur ?

click to open popover

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoile

Commentaires client les plus utiles sur (beta) 4.4 étoiles sur 5 58 commentaires
20 internautes sur 21 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 Great for Beginners 26 juillet 2014
Par Perry Norton - Publié sur
Format: Broché Achat vérifié
I have tried hacking before, years ago with no success. There are a lot more tools now (I've learned) and I'm sure there is a lot more info online but finding the right info and things that actually work can be a daunting task in itself. You can find the info you need online for anything these days if you want to work that hard. I don't. I especially like all the screen shots. I hate it when the instructions take you through multiple steps and then show you a screenshot. When mine doesn't look like theirs, I have no clue where I went wrong. Thanks to all those screenshots, that doesn't happen with this book. Big plus!

I saw this book and thought it would make an interesting summer project. And it has been! Setting up the lab was challenging but the instructions were great. Be prepared for a lot of "I did it!" rushes as you work through this book. I especially enjoyed the Exploit Development chapters. I can't compare it to other books on the subject but you won't be disappointed with this one. It is truly a great book for beginners on the subject. It does not make you an expert but I feel I know enough to be of use on a team of pentesters.
22 internautes sur 25 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 An excellent resource for people looking for an introduction to penetration testing 21 juillet 2014
Par Martin Bos - Publié sur
Format: Format Kindle Achat vérifié
Penetration testing and hacking is a sexy subject. With all of the big public breaches every year, security has come to the forefront of many peoples minds and the demand for young skilled hackers is greater than ever. The problem is that many of these would be hackers have no idea where to begin. They don't have money for higher education of fancy certifications, so where do we as a security community tell them to begin. I always point people at books. They are generally inexpensive and easy to get. I have been doing penetration testing for a number of years professionally so I am familiar with all of the topics in this book already, however, I am constantly reading material like this so that I can find the best resources to point out to new hackers.

I found this book to be well laid out with lots of explanations and an easy to follow methodology. I believe some of the people who have previously reviewed the book forgot what it is like to start with zero knowledge. I know when I was starting in hacking, I was thankful for as many screenshots as possible so I knew I was entering the correct commands. I especially like the way the book follows the Penetration Testing Execution Standard (PTES).

If you are new to hacking or penetration testing, this is the perfect resource to get you started and help you determine if this is the correct career path for you!
4 internautes sur 5 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 the author guides us through the process of vulnerability analysis for the propose of obtain better target success and traffic c 20 mai 2015
Par Kellep Charles - Publié sur
Format: Broché

A Book Review of “Penetration Testing: A Hands-On Introduction to Hacking”

In June of 2014 No Starch Press published “Penetration Testing: A Hands-On Introduction to Hacking” by security trainer and researcher Georgia Weidman (@georgiaweidman). Although the book has been categorized as an introductory guide to penetration testing, the information should also benefit more seasoned individuals as well. Wikipedia defines penetration testing as “an attack on a computer system with the intention of finding security weaknesses, potentially gaining access to it, its functionality and data.”

The book provides a blue print that can be used by information security practitioners who are tasked in ensuring an organization’s security posture as well as checking to confirm if employees are abiding to the security policies that are in place. Moreover, as an educator, I quickly realized the practical usefulness of “Penetration Testing: A Hands-On Introduction to Hacking” would serve in a classroom and lab environment.

The table of contents represents an orderly and organized method to learning the material in the book. The book begins with an introduction, a very informative section titled “Penetration Testing Primer” that laid out the purpose of the book and builds to more advance concepts and practices in later chapters. The body of the book consists of five parts, twenty well-written chapters as well as a resource and index section. Each chapter in the book ends with a chapter summary recapping the main topics.

Part I titled “The Basics” consist of four chapters that provided outstanding information that would be advantageous in later chapters as well as in the readers’ personal computing activity. The chapters consist of “Setting Up Your Virtual Lab” (Chapter 1), “Using Kali Linux” (Chapter 2), “Programming” (Chapter 3) and “Using the Metasploit Framework” (Chapter 4). The author provided a meticulous step-by-step process, which aided in the successful implementation of the reader’s pen-testing environment, the installation/explanation of the Kali tool, networking and additional testing tools. The author also provided instructions about various computer programming/scripting languages that penetration testers can use to enhance when conducting testing on information resources. Lastly, Metasploit is examined for its use in exploitation and risk factors capability.

In part II titled “Assessments” it consisted of three chapters that provided detectable and undetected techniques to collect information about an organization or computer. The chapters are as follows “Information Gathering (Chapter 5), Finding Vulnerabilities (Chapter 6) and Capturing Traffic (Chapter 7). In chapter 5, “Information gathering”, the author stressed that before starting an active penetration test, the tester must collect as much information as possible. This can be accomplished through the use of “Open Source Intelligence Gathering” tools such as “Net craft” and “Whois Lookups” to name a few. While in chapter 7, “Finding Vulnerabilities” and chapter 8, “Capturing Traffic”, the author guides us through the process of vulnerability analysis for the propose of obtain better target success and traffic capturing to collect and manipulate packets to gain information from other computer systems.

Part III titled “Attacks” consisted of eight of the following chapters “Exploitation” (Chapter 8),
“Password Attacks” (Chapter 9), “Client-Side Exploitation” (Chapter 10), “Social Engineering”
(Chapter 11), “Bypassing Antivirus Applications” (Chapter 12), “Post Exploitation” (Chapter 13), “Web Application Testing” (Chapter 14) and “Wireless Attacks” (Chapter 15) provided scores of exciting information about attacking a target. In this section the author builds from the preparatory work of the assessment (Part II) section of the book to conduct precision attacks. Many concepts are discussed such as default password attacks, exploiting open NFS share, browser, and PDF and Java exploitation. I found the use of the social-engineering toolkit (SET) in “Social Engineering (Chapter 11) to be one of my favorite parts of the book. In this chapter, the authors used SET to conduct spear phishing, web-based and email attacks on a target. This is an excellent way a security practitioner can test to determine if employees are adhering to the organization’s security policies. Post exploitation and wireless attacks were also well covered.

In part IV titled “Exploit Development” the author took a turn from using ready available tools such as Metasploit to attack a target, to using writing our own exploit code. I found this section to be a bit of a challenge, but if you stick with it and do additional research, it will become clearer as time and repeated learning occurs.

As for the last component of the book part V “Mobile Hacking” consist of using the Smartphone Pentest Framework (Chapter 20). This section explains and allows the reader to understand the issues organizations face when employees bring their own device and connects to the network. The chapter discusses the mobile attack vectors that exist such as text messaging, near field communications and QR codes. The introduction and installation process of the Smartphone Pentest Framework is provided. The author provides detail steps on testing and attacking mobile devices and apps. If is obvious, this is one of the author’s strong technical areas.

The appendix and index also provided some additional information the reader should be able to build on and obtain extra reading information to assist in understanding the background thoughts in the book.

The author’s approach of the book was comprehensive for both the beginner and seasoned security individual. The information would serve valuable in the educational environment as well as in the professional training environment. I found the book to be well written and to follow a logical pattern in its concepts.

This book is a contribution to the information security community and will likely aid in producing knowledgeable information security practitioners in the future. I personally enjoyed topics in the assessment portion of the book as well as the use of the Social-Engineering Tool-kit. I do recommend that if you are interested in penetration testing, would like to know more about topic or curious, this book would be a great source.
5 internautes sur 5 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 Really Good - Out of Date 8 février 2016
Par Mark N. - Publié sur
Format: Broché
This is a good book with a lot of really good technical information. The unfortunate side of things is that the VMs required are almost impossible to get now due to not being supported so it is really hard to set up the lab to follow along. You just have to get creative. I am hoping that they are in the works for an update on this because it has the potential to be really good. When it was released it was easily 5 stars.
7 internautes sur 9 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 The book is nicely laid out and is easy to understand 23 juillet 2014
Par Alt_key - Publié sur
Format: Broché Achat vérifié
I purchased this book as a supplement for a class I'm taking in the fall. I've never really done any exploitation in the past, and wanted to get a handle on the basics before tackling some course material.

The book is nicely laid out and is easy to understand. I like the screenshots included, as it gave me a visual representation of what the author is talking about. The screenshots of console commands and printouts especially are nice, as they are labeled and referenced in the text by label, which I find helpful. This book works best when following along with the provided resources.

I enjoyed working my way through this book, and have suggested it to the course instructor for my course in the fall.
Ces commentaires ont-ils été utiles ? Dites-le-nous