Gray Hat Hacking: The Ethical Hacker's Handbook

In a few words, I loved this book. This book is written in a straightforward manner, right to the point, hands-on exercises and all. The weak points one might find is that it assumes a fair amount of knowledge in the areas of programming (C and python) as well as some networking. I don't think these are real flaws, since this book is directed as hacking (and cracking) in their purest form. The flaw I would note is that despite having those unsaid requirements, the book tries to appeal to beginners by skipping ahead on the lines of: in the case you're not familiar with C, just copy this example and don't worry about it. For a programmer, this is a waste of time and something which raises suspicion about how serious the authors were. For a beginner, this doesn't help at all. I would rather have a line there saying: read a book on C and come back when you're ready. But if you're willing to go ahead despite this, you're in for quite a treat.

Contents Second edition of books I like are always welcome - and this book is no exception. So I was very happy when I was provided a review copy from the publisher. I really liked the first edition of this book and consider this follow up an essential book for IT-security consultants and other professionals. The book is comprised of five parts which each give an overview of important subjects for professional IT-security consultants. Within these five parts are 21 chapters which are mostly around 20 pages, making it possible for busy professionals to digest a chapter while performing the usual projects and everyday work. The five parts are: I) introduction to ethical disclosure, including legal system in the US II) penetration testing tools: metasploit and backtrack III) exploits 101 with everything from basic programming skills to writing shellcode, but only on Linux and Microsoft Windows. IV) Vulnerability analysis which is a strong part about static analysis, reverse engineering, fuzzing, writing real life exploits and references to the essential tools used for these purposes V) Malware analysis is saved for last and includes the finishing touch to why IT-security professionals should care about all the rest of the book The great thing about this book are that non-programmers are presented with enough materials to get started in finding and developing exploits. This was also the reason why it took so long to do this review. Each time I read a chapter I was itching to get started running the examples and trying the techniques. Since this book tries to cover a lot of materials they have decided to include references. There are a lot of specific references to full-length articles covering each of the specialized techniques described in the examples. This really works out great, since I can skip the articles I already have read - but get some in-depth materials to complement the book. As you can probably understand this way of building the book makes it very efficient and much to my liking, I can decide where to go next. The reader can also decide to skip a chapter and enough references to other chapters are provided that I will never get lost. The small price to pay are a few lines repeated in two chapters. The writing style and the edge of the book is presented with authority and the authors have done a superb job of making this book consistent. The book is written by 4 authors, but except for a few places were they hint to the author of a chapter there are no clues to who wrote what part. The book is overall high quality and I have only discovered two small wording errors. I have not discovered any problems in the materials presented and was in general amazed by the updates done. As an example they use Vista for some of the Microsoft Windows examples and in other parts they reference articles and techniques that are up to date. When second edition of a book is published the fear is always that only the new chapters are updated, but it

Now Listen... I know some of you look at these books as if it's a world of training people to be hackers. Now, maybe these books might create a few bad seeds, but they usually create a lot of good ones.. This book is astounding, I bought this book because I love researching all about hacking, security, and protection. My major is computer science and I am hoping to be a professional white hat security professional, a hacker that is hired to show the flaws in sites. Now,when people see these books and say...this is madness!! books about hacking?! I think these books are great.They help you protect yourself, your computer, your company, your website, your server. This book shows a lot what hackers use...and the more you know about it, the better you can protect yourself.If you think that this trains bad hackers, well we cant change how some people use information.What I can tell you is that a lot of people will be better off with the information in this book for the companies and servers. This author is excellent! Great book!

i have read tonnes of books on this subject.starting from secrets of a super hacker by knightmare(published way back in 94, trust me dat was a great read n even 2day i find myself glued to da back as the first time i read it.now coming back 2 gray hat hacking.this is wat i would like 2 call the hacking reference book for the next generation.every one concerned about security should consider picking up this book.u might as well save some money n picking up more knowledge than any of the hacking exposed books in the market.no this book is not for button clicking script kiddies who play around wid trojans n claim to be hackers or web defacers(lamers).if u belong to da breed of script kiddies pick up this disgustin book by ankit fadia (oh by the way ive reviewed it).i wouuld liek to congradulate the authors for the outstanding work put into this book.howeever it would be great to see expanded materials on various topics and a little more detail in tool description.its not bad but it could still be better.so as i said before get dis book u wont regret it.so kiddies grow up keep those hacking exposed n ankit fadias books apart throw em in da firplace burn em do anythin .but go get dis one laterzzzzzz

The best book of ethical hacking that you can buy