Re: Best Book For The Penetration Testing Methodology

From: Eric (ewsat_private)
Date: Wed Sep 18 2002 - 14:50:02 PDT

Next message: Nick Jacobsen: "Re: Wardialing"

Previous message: Philippe Langlois: "Re: Application & Iplanet/Apache web server vulnerability and penetration testing"
In reply to: Julias P: "Best Book For The Penetration Testing Methodology"
Next in thread: Dominick Baier: "AW: Best Book For The Penetration Testing Methodology"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

understand that I'm biased...

Hacking Exposed, Third Edition.
Hacking Exposed, Windows 2000

and the best book is coming:
Special Ops: Internal Network Security Guide (Syngress)
by Erik Birkholz, et al
http://www.amazon.com/exec/obidos/ASIN/1931836698/qid=1032385711/sr=2-1/ref=sr_2_1/002-9870625-3449624



At 07:27 PM 9/17/2002 +0200, Julias P wrote:
>Hi,
>
>I am looking for any advise on the best book to go for, in order for one to
>better understand and practically apply the methodology for penetration
>testing.  I have read a couple of books on security/vulnerability assessment
>but I feel one need a little bit more than just security/vulnerability
>assessment in order to master penetration testing. I have also been
>following this listing for quite some time and now believe access to
>exploits is an added advantage for pen testing, especially if you are not a
>programmer, although this may be too dangerous. Which best sites for
>exploits would you recommend?
>
>Thanks
>
>PJ
>
>
>DISCLAIMER: The information contained in this communication is confidential
>and may be legally privileged or otherwise protected from disclosure. It is
>intended solely for the use of the individual or entity to whom it
>addressed. if you are not the intended recipient, you are hereby notified
>that any disclosure, copying, distribution or taking action in reliance of
>the contents of this information is strictly prohibited and may be unlawful.
>Commercial Bank of Zimbabwe Limited is neither liable for the complete
>transmission of the information contained in this communication, any delay
>in its receipt or damage that may be suffered by the unintended recipient.
>
>
>
>----------------------------------------------------------------------------
>This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
>Service. For more information on SecurityFocus' SIA service which
>automatically alerts you to the latest security vulnerabilities please see:
>https://alerts.securityfocus.com/



----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Next message: Nick Jacobsen: "Re: Wardialing"
Previous message: Philippe Langlois: "Re: Application & Iplanet/Apache web server vulnerability and penetration testing"
In reply to: Julias P: "Best Book For The Penetration Testing Methodology"
Next in thread: Dominick Baier: "AW: Best Book For The Penetration Testing Methodology"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Sep 19 2002 - 13:28:15 PDT