Book Review: Basic Security Testing with Kali Linux 2

Basic Kali 2

A fully updated version of the very popular “Basic Security Testing with Kali Linux” is now available! Now totally re-written from the ground up to cover the new Kali Linux “2016-Rolling” with the latest pentesting tools and Ethical Hacking techniques.

I was honestly shocked how well received the first Basic Security Testing book was received by the security community. But all in all, it was my first book attempt and definitely had room for improvement. I was flooded with requests and advice from students, instructors and even military personnel on recommended changes and ways the book could be improved.

I took every comment to heart and with the help of an amazing editorial and reviewer team, that included a computer security professor and a CTF player, created Basic Security Testing 2!

What’s new:

  • Completely re-written to cover topics more logically
  • Better lab layout that is used consistently throughout the book
  • Written for the latest version of Kali (Kali 2.0 “Sana” & Kali “2016-Rolling”)
  • Includes an introduction chapter for the new Kali 2016-Rolling
  • All tools sections have been updated – old tools removed, new tools updated
  • Now uses PowerShell for most of the remote Windows Shells
  • XP removed, Windows 7 used as the main Windows target (though Windows 10 is mentioned a couple times  🙂  )
  • More tool explanations and techniques included
  • 70 pages longer than original book

What’s the same:

  • Learn by doing
  • Hands on, Step-by-Step tutorials
  • Plenty of pictures to make steps more understandable
  • Covers the same major topics as the original, but using the latest tools
  • The front cover, well, except for the “2”!

My goal was to provide a common sense Ethical Hacking how-to manual that would be useful to both new and veteran security professionals. And hopefully I have accomplished that task. Thank you to everyone for your continuous support and feedback, it is greatly appreciated!

So what are you waiting for, check it out!

Basic Security Testing with Kali Linux 2

 

 

 

 

Advertisements

Book Review: Practical Mobile Forensics

practical mobile forensics“Practical Mobile Forensics” by Satish Bommisetty, Rohit Tamma, and Heather Mahalik is a great book for both the individual looking to learn more about Mobile Forensics and those looking for a good smartphone reference book.

The book covers mobile forensics on Apple iOS, Android, Windows and BlackBerry devices. With the majority of emphasis spent on Apple and Android based product.

In “Practical Mobile Forensics” you will find extensive information on Apple and Android devices including models, features, architecture layout and security.

It covers multiple tools (commercial and open source) to obtain, decrypt, and analyze smartphones including recovering deleted files, contacts, messages and other data.

I am pretty familiar with the Android platform, so the book was a good refresher course on how to connect to and recover data from an Android Device. Though, as I am not as familiar with the iPhone platform, I found the book a great learning tool about Apple mobile devices and how they function and store data.

I did enjoy too that the author not only covered commercial/ law enforcement recovery tools, but also included numerous step-by-step tutorials in performing many of the same functions with open source utilities. The tutorials were easy to follow and the book was full of reference links to find out more information on the tools and technology behind mobile devices.

Though written from a legal forensics/ law enforcement point of view, security individuals will also find this book a good reference guide for mobile devices.

I highly recommend this book.

Available from Packt Publishing and Amazon.com.

Book Review: Kali Linux Network Scanning Cookbook

Everything you ever wanted to know about scanning (and then some)!

Kali Linux Network Scanning

Security Guru and trainer Justin Hutchens has recently released an exceptional book on network scanning with Kali Linux. The book starts out with the very basics of network scanning and progresses through stages to more advanced scans and even exploitation.

All the basics are present, like using Nmap, ARPing, Scapy and other tools to perform varied levels of discovery, port scanning and fingerprinting.  You are then masterfully shown how to greatly expand the capabilities and functions of these tools by using scripting.

But it doesn’t stop there, you then move on to using scanning tools and Burp Suite to perform Denial of Service attacks, SQL injection and Metasploit attacks. Because really what is a scanning book without including offensive attacks?  🙂

The book is easy to read and follow using step-by-step instructions and screen views. It is setup in sections (called “Recipes”) so that if you want to know how to perform Layer 4 discovery using Scapy or DoS attacks with Nmap, you just go directly to that particular section.

I have worked with Justin on a couple projects and he is one of the most talented security teachers and authors that I have ever met. He covers material in this book that I have never seen covered anywhere else. If you have any interest in network scanning or want to learn a lot more about it, get this book!

Available at Packt Publishing and Amazon.com.

*** UPDATE *** Original print quality issues have been rectified according to the publisher.

New Book Out: Kali Linux CTF Blueprints

Kali Linux CTF Blueprints

A new Kali Linux book written by Cameron Buchanan has recently been published. This book published by Packt Publishing focuses on using Kali Linux and other Linux versions to create “Capture the Flag” (CTF) challenges:

If you are a penetration testing team leader or individual who wishes to challenge yourself or your friends in the creation of penetration testing assault courses, this is the book for you. The book assumes a basic level of penetration skills and familiarity with the Kali Linux operating system.”

About This Book

  • Put the skills of the experts to the test with these tough and customisable pentesting projects
  • Develop each challenge to suit your specific training, testing, or client engagement needs
  • Hone your skills, from wireless attacks to social engineering, without the need to access live systems

I am a technical reviewer for a lot of security books, magazines and training material and had the honor of being one of the reviewers on this project. The book is geared for those who have had some experience as a security tester and is familiar with using Kali Linux and penetration testing tools.

I found the book interesting and really liked Cameron’s sense of humor. Though it is not a book for someone who has never used Kali before, those who are interested in how Capture the Flag type contents can be run from a technical perspective will really enjoy this book.

Check it out!