Security Basics mailing list archives

Re: Penetration testing books

From: krymson () gmail com
Date: Tue, 23 Dec 2008 11:36:20 -0700

You'll likely get the same old list of books given whenever anyone asks for a list of books on an overly broad subject:

Hacking Exposed series
Security Engineering
Hacker's Handbook series
crappy compilations from Syngress...

I'd suggest heading to Bookpool.com and doing a search on what sort of box/application you need to learn about. For 
instance, "Linux security" or "web application security" or "subject security."

Then cross-reference that with Amazon ratings just to weed out some of the crap.

This might not work, in which case you might want to tackle reading the online copies of various testing methodologies. 
For each bullet point, tackle researching and learning how to test for each one. XKCD illustrates the value in this 
approach: http://www.xkcd.com/519/

This is a great start: http://www.vulnerabilityassessment.co.uk/Penetration%20Test.html

Current thread:

Re: Penetration testing books, (continued)
- Re: Penetration testing books p3dRø (Dec 23)
  - RE: Penetration testing books Craig Wright (Dec 30)
- Re: Penetration testing books Taras P. Ivashchenko (Dec 23)
- Re: Penetration testing books Jon Kibler (Dec 24)
- Re: Penetration testing books Vedantam sekhar (Dec 30)
  - Re: Penetration testing books gmail (Dec 30)
    - Vuln Scan vs. Pen Test -- WAS: Re: Penetration testing books Jon Kibler (Dec 31)
    - Re: Vuln Scan vs. Pen Test -- WAS: Re: Penetration testing books gmail (Dec 31)
    - Re: Vuln Scan vs. Pen Test -- WAS: Re: Penetration testing books Adriel Desautels (Dec 31)
- Re: Penetration testing books paavan . shah (Dec 23)
- Re: Penetration testing books krymson (Dec 23)
- Re: Penetration testing books aloha (Dec 23)