Ethical Hacking and Penetration Testing Guide

Requiring no prior hacking experience, Ethical Hacking and Penetration Testing Guide supplies a complete introduction to the steps required to complete a penetration test, or ethical hack, from beginning to end. You will learn how to properly utilize and interpret the results of modern-day hacking tools, which are required to complete a penetration test.

The book covers a wide range of tools, including Backtrack Linux, Google reconnaissance, MetaGooFil, dig, Nmap, Nessus, Metasploit, Fast Track Autopwn, Netcat, and Hacker Defender rootkit. Supplying a simple and clean explanation of how to effectively utilize these tools, it details a four-step methodology for conducting an effective penetration test or hack.

Providing an accessible introduction to penetration testing and hacking, the book supplies you with a fundamental understanding of offensive security. After completing the book you will be prepared to take on in-depth and advanced topics in hacking and penetration testing.

The book walks you through each of the steps and tools in a structured, orderly manner allowing you to understand how the output from each tool can be fully utilized in the subsequent phases of the penetration test. This process will allow you to clearly see how the various tools and phases relate to each other.

An ideal resource for those who want to learn about ethical hacking but don’t know where to start, this book will help take your hacking skills to the next level. The topics described in this book comply with international standards and with what is being taught in international certifications.

About the Author

Rafay Baloch is the founder/CEO of RHA InfoSec. He runs one of the top security blogs in Pakistan with more than 25,000 subscribers (rafayhackingarticles.net). He has participated in various bug bounty programs and has helped several major Internet corporations such as Google, Facebook, Twitter, Yahoo!, eBay, etc., to improve their Internet security. Rafay was successful in finding a remote code execution vulnerability along with several other high-risk vulnerabilities inside PayPal, for which he was awarded a huge sum of money as well as an offer to work for PayPal. His major areas of research interest are in network security, bypassing modern security defenses such as WAFs, DOM-based XSS, and other HTML 5–based attack vectors. Rafay holds CPTE, CPTC, CSWAE, CVA, CSS, OSCP, CCNA R & S, CCNP Route, and eWAPT certifications.