This book is a divergence from most books as it discusses professional penetration testing from conception to completion. Rather than focusing solely on information system vulnerability identification and exploitation, by the end of this book we will have examined all aspects of a professional penetration test, including project management, organizational structures, team building, career development, metrics, reporting, test-data archival methods, risk management, and training . . . in addition to . . . information gathering, vulnerability identification, vulnerability exploitation, privilege escalation, maintaining access, and covering our tracks.
The second factor that makes this book unique is the inclusion of two video courses, designed to teach fundamental and intermediate information system penetration testing techniques. These courses were developed as online training classes and offered through Heorot.net and targeted both experienced and novice penetration test practitioners. The course provided the learner with hands-on experience, so they could translate the theoretical knowledge of PenTesting into real-world skills.
The third advantage of this book is the above-mentioned hands-on experience. The accompanying DVD includes everything needed to create a penetration test lab, including target systems that mimic real-world servers. The target systems were developed specifically to be attacked and hacked within a PenTest lab, and offer different levels of complexity and difficulty. For those who are unfamiliar with penetration testing techniques, the target systems included in this book provide a gradual learning curve, which will challenge both novices and experts alike.
The Heorot.net Web site should be considered as an extension of this book. The forum section has numerous discussions on all the topics presented in this book as well as the De-ICE challenges. New LiveCDs are in development to challenge skills, and how-to videos are being added. Take advantage of the shared knowledge. If you have any questions or comments about the book, its contents, or the Heorot. net site, please don’t hesitate to contact me directly at twilhelm@heorot.net.
Enjoy!
