f you are working in the “information security” field, you must know the BackTrackdistribution (otherwise you must be an alien coming from a far away planet!). If you search for the word “backtrack” on Amazon, you will find lot of references but only one book is fully dedicated to the Linux distribution: “BackTrack 4: Assuring Security by Penetration Testing“. I received a copy directly from the publisher and here is my review.
Just for those who are not familiar with BackTrack, it’s a Linux distribution made by security professionals for security professionals: It contains hundreds of tools to perform security assessments and penetration tests. Some of them are well-known like Metasploit, WebScarab or sqlmap and others are real gems (example: ua-testerwhich was added recently) and increase the quality of the toolbox version after version.
Even if BackTrack 5 was released a few weeks ago, it does not reduce the book quality. There are so many tools that a single volume is not enough to cover all of them.The following chapters covered the classic penetration testing schema:- Target scoping
- Information gathering
- Target discovery
- Enumerating target
- Vulnerability mapping
- Social engineering
- Target exploitation
- Privilege escalation
- Maintaining access
- Documentation and reporting
So, who’s need this book? The author’s goal is certainly not to give recipes on “how to hack a website“. The book must been see as a reference for those who already know the BackTrack distribution or who want to learn it. Don’t forget: this is just a toolbox, it does not prevent you to use your brain!
No comments:
Post a Comment