Product: 1783982144

Chapter 1: Getting Started
Good detailed coverage of setting up VMWare Player (Windows) or VMWare Fusion (Mac OS X). I would have seen the author at least cover VirtualBox as it works on Windows, OS X and Linux.

The discussion on having vulnerable targets to work with covers Metasploitable which is an excellent choice. I am glad the point was stressed to not expose a Metasploitable system to any untrusted network. While I appreciate learning on Windows XP I would have expected a cook book to focus on either the latest Windows OS (8.1) or the most used Windows OS (Windows 7).

Chapter 2: Discovery
For some IT professionals the review of the OSI model is potentially redundant, but for many it is essential to truly understand the process of scanning a network. The discussion on layer 2 vs layer 3 vs layer 4 discovery was very clear and effective.

I like the depth given for each of the chosen tools (Scapy, ARPing, Nmap, NetDiscover, Metasploit, ICMP ping, fping, and hping3). I have not made much use of Scapy, but I think I will be adding it to my tool bag due to the excellent python examples given making use of it.

Chapter 3: Port Scanning
This chapter was well done with coverage of Scapy, Nmap, Metasploit, Hping3, Dmitry and Netcat. Nmap is always a favorite of mine, but I was particularly impressed by the coverage of Scapy scripts used for scanning for zombies.

Chapter 4: Fingerprinting
The tools covered in this chapter are Netcat, Python sockets, Dmitry, Nmap NSE, Amap, xProbe2, pOf, Onesixtyone and SNMPwalk. I think the best part about this chapter is the explanation of how the various programs identify (fingerprint) the target. In particular explaining how xProbe2 can claim that several identifications are 100% when there can obviously really be only one that is accurate.

Chapter 5: Vulnerability Scanning
This chapter covered Nmap scripting Engine, MSF auxillary modules, Nessus, HTTP interaction and ICMP interaction. I liked the python scripts and use of wget in the sections of HTTP interaction. I would have liked to see the chapter deal with openVAS in addition to Nessus.

Chapter 6: Denial of Service and Chapter 7: Web Application Scanning are both covering areas I do not have much opportunity to play with. I did like the coverage of the Burp Suite. For people interested in looking at these areas there is a wealth of knowledge here.

Chapter 8: Automating Kali Tools
This is the chapter that reveals the pay off of using a Linux based security tool. The ease of scripting each process. I particularly liked the discussion on how to analyze Nmap output with grep.

Overall, I feel the book is a solid addition to the libraries of Systems Administrator and Penetration testers from novice to intermediate.
Rating: 4
1783982144
Count: 5