The Best Hacking Books 2018

Penetration Testing: A Hands-On Introduction to Hacking


Penetration Testing: A Hands-On Introduction to Hacking is written by Georgia Weidman and is a good book for anyone new to the subjects as it generally focuses on beginners. The author of this book covers many different subjects such as setting up a lab to enumeration, exploitation, mobile hacking and a lot more. What I personally like about this book is that the author explains every step in the process in detail and also relates it to her wide experience in the field as a penetration tester. So if you’re new to penetration testing without prior experience, this book is a great place to start an exciting journey!


The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws 2nd Edition


 The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws 2nd Edition is written by the founder of Portswigger which is the company behind the popular security testing & scanning tool called Burp Suite. This book teaches you step by step how to test the security of web applications from start to finish. One thing I particularly like about this book is that it explains different web technologies, how to exploit them and how to defend against the attack in particular. Furthermore this book covers the very basics a web application penetration tester needs to know in depth, such as how the HTTP protocol works in order to get a better understanding of communications between a webserver and visitor which helps in understanding attacks and defense.



Advanced Penetration Testing: Hacking the world’s most secure networks

This book might not be the first book for beginners to read although it puts everything you read about penetration testing in the right perspective. In this book the author covers complex attack simulation and Advanced Persistent Threat (APT) modelling featuring techniques that are way beyond using Metasploit and vulnerability scanners. IT covers subjects such as social engineering, highly secured networks, malware, creating and setting up C2 servers and C&C structures and even advanced data exfiltration techniques. Each chapter describes APT modelling against an organization in a specific industry such as a hospital, pharmaceutical company or bank. The break down in industry also gives the reader a clear view how specific industries have different assets to protect, how they are protected and by who. Finally the author is a very experienced penetration tester/red teamer so the examples and context of the scenarios provided in the book come straight from the field


No comments

Powered by Blogger.