Computers and the networks connecting them have become highly vulnerable to hacking. One way of safeguarding them is by penetration testing (often abbreviated as pentesting). This involves modeling attacks on applications, operating systems, and computer networks. This book on pentesting follows a hands-on approach. It is introductory in nature and hence suitable for novices to pentesting and hacking. The author of book, Georgia Weidman, is one of the few female information security experts. She runs her own consulting firm, offers training in security, and presents her work at conferences. She was awarded a Defense Advanced Research Projects Agency (DARPA) Cyber Fast Track grant for pursuing research in mobile device security.

The book explains the various stages in pentesting: pre-engagement, information gathering, threat modeling, vulnerability analysis, exploitation, post exploitation, and reporting. The hands-on approach of the book is facilitated by the freely downloadable Kali Linux distribution. This comes with numerous pre-installed security tools helpful in pentesting. The author describes the steps in installing and using Kali and its various security tools. A brief introduction to scripting is also provided. The open-source Metasploit framework that aids pentesting is then described. It enables setting up and running exploit code on remote targets and includes many anti-forensic and evasion tools. The information gathering phase of pentesting is aided by free tools such as Netcraft, Maltego, and Nmap. Vulnerability scanners such as Nessus and Nikto may find vulnerabilities.

Capturing and manipulating traffic is an important activity of hackers. For this, tools such as Wireshark and techniques such as cache poisoning are used. Vulnerabilities found may then be exploited. This may be done by attacking improperly configured web servers, piggybacking on software with backdoors, taking advantage of inadequate access control in sensitive files, exploiting vulnerabilities in the underlying operating system, and exploiting weaknesses in third-party software. Cracking passwords helps to gain a firmer foothold on the target system. Client-side software is also highly vulnerable to exploitation. Examples include web browsers, portable document format (PDF) viewers, plug-ins for Java, and music players.

A well-known adage is that a chain is as weak as its weakest link. This applies to computer security as well. More than the computers, it is the humans that use them who are vulnerable to attacks known as social engineering attacks. Toolkits are currently available to make this happen. Kali comes with the social-engineer toolkit (SET). The book looks at ways of bypassing antivirus software. Once a system has been exploited, it is possible to escalate privileges on the exploited system, gather local information, and turn access to one system into access to many and so on. The book takes a brief look at web application vulnerabilities. The author promptly agrees that web application testing deserves much more discussion than what is devoted to it in this book. Nowadays, wireless devices and networks are commonplace. Hence, the book focuses briefly on wireless security. The author is right in saying that wireless security is an often-overlooked piece of an organization’s security apparatus.

The book discusses the basics of how a hacker may develop his/her own exploits. The author looks at ways of finding vulnerabilities, exploiting them with common techniques, and the possibility of developing one’s own Metasploit module. The last chapter of the book looks at ways of assessing the security of mobile devices. For this, the author describes her own tool, the smartphone pentest framework. Supplementary files for the book are available on the book’s website (http://www.nostarch.com/pentesting).

The book offers a sound introduction to pentesting with numerous screen shots. For topics that have not been covered in depth, the reader may follow the references listed at the end of the book. Some readers may feel that the author has barely scratched the surface of too many vastly dissimilar topics. However, the book is introductory so this may be overlooked. That being said, it could have included many references to research papers, books, and articles. The risk of obsolescence in books such as this one is quite high. For example, the book focuses on Windows XP, which has become obsolete recently. The author’s writing style makes reading the book a pleasant exercise, which is why I strongly recommend it for beginners to pentesting.

More reviews about this item: Amazon, B&N