NOTE: We are upgrading our eBook operations; please allow up to 1-2 days for delivery of your eBook order.
»
Coding for Penetration Testers
 
 

Coding for Penetration Testers, 1st Edition

Building Better Tools

 
Coding for Penetration Testers, 1st Edition,Jason Andress,Ryan Linn,ISBN9781597497299
 
 
 

  &      

Syngress

9781597497299

9781597497305

320

235 X 191

Learn how to create custom penetration testing tools using a wide variety of development languages!

Print Book + eBook

USD 47.94
USD 79.90

Buy both together and save 40%

Print Book

Paperback

In Stock

Estimated Delivery Time
USD 39.95

eBook
eBook Overview

DRM Free included formats: EPub, Mobi, PDF

USD 39.95
Add to Cart
 
 

Key Features

  • Discusses the use of various scripting languages in penetration testing
  • Presents step-by-step instructions on how to build customized penetration testing tools using Perl, Ruby, Python, and other languages
  • Provides a primer on scripting including, but not limited to, Web scripting, scanner scripting, and exploitation scripting

Description

Tools used for penetration testing are often purchased or downloaded from the Internet. Each tool is based on a programming language such as Perl, Python, or Ruby. If a penetration tester wants to extend, augment, or change the functionality of a tool to perform a test differently than the default configuration, the tester must know the basics of coding for the related programming language. Coding for Penetration Testers provides the reader with an understanding of the scripting languages that are commonly used when developing tools for penetration testing. It also guides the reader through specific examples of custom tool development and the situations where such tools might be used. While developing a better understanding of each language, the reader is guided through real-world scenarios and tool development that can be incorporated into a tester's toolkit.

Readership

Penetration Testers, Information Security Practitioners, Network and System Administrators

Jason Andress

Jason Andress (ISSAP, CISSP, GPEN, CEH) is a seasoned security professional with a depth of experience in both the academic and business worlds. Presently he carries out information security oversight duties, performing penetration testing, risk assessment, and compliance functions to ensure that critical assets are protected. Jason has taught undergraduate and graduate security courses since 2005 and holds a doctorate in computer science, researching in the area of data protection. He has authored several publications and books, writing on topics including data security, network security, penetration testing, and digital forensics.

Affiliations and Expertise

(ISSAP, CISSP, GPEN, CEH) is a seasoned security professional with a depth of experience in both the academic and business worlds.

View additional works by Jason Andress

Ryan Linn

Ryan Linn (OSCE, GPEN, GWAPT) is a penetration tester, an author, a developer, and an educator. He comes from a systems administation and Web application development background, with many years of IT security experience. Ryan currently works as a full-time penetration tester and is a regular contributor to open source projects including Metasploit, The Browser Exploitation Framework, and the Dradis Framework. He has spoken at numerous security conferences and events, including ISSA, DEF CON, SecTor, and CarolinaCon.

Affiliations and Expertise

Ryan Linn (OSCE, GPEN, GWAPT) is a penetration tester, an author, a developer, and an educator. He comes from a systems administation and Web application development background, with many years of IT security experience. Ryan currently works as a full-time penetration tester and is a regular contributor to open source projects including Metasploit, The Browser Exploitation Framework, and the Dradis Framework. He has spoken at numerous security conferences and events, including ISSA, DEF CON, SecTor, and CarolinaCon.

Coding for Penetration Testers, 1st Edition

Foreword by Ed Skoudis

Chapter 0: Introduction 

Chapter 1: Introduction to Command Shell Scripting 

Chapter 2: Introduction to Python

Chapter 3: Introduction to Perl

Chapter 4: Introduction to Ruby

Chapter 5: Introduction to Web Scripting with PHP

Chapter 6: Manipulating Windows with PowerShell

Chapter 7: Scanner Scripting

Chapter 8: Information Gathering

Chapter 9: Exploitation Scripting

Chapter 10: Post-Exploitation Scripting

Appendix: Subnetting and CIDR Addresses

Quotes and reviews

"This book is definitely not for rookie coders, but rather a good starting point for people with a medium level of programming experience. It is also not suited well as a reference to quickly look things up in. But if what you’re looking for is a very practical guide with tons of pointers to further (and recommended) reading material and exercises Coding for Penetration Testers delivers what it promises."--Computers and Security

"Penetration testing is a profession that requires the mastery of dozens of tools; every job poses challenges that require these tools to be mixed, matched, and automated. The master penetration tester not only excels at using his or her toolbox, but also expands it with custom scripts and unique programs to solve the challenge of the day. This book provides a solid introduction to custom scripting and tool development, using multiple languages, with a penetration tester's goals in mind. This background can transform penetration testing from a manual, often repetitive task, to an efficient process that is not just faster, but also more accurate and consistent across large engagements."--HD Moore, Metasploit Founder and CSO of Rapid7

"Penetration testing requires that the tester understand the target as much as possible, and know how to perform various attacks while being as efficient as possible. Having the skill set to create and use a variety of scripts increases the penetration tester's efficiency and elevates him or her from the script kiddie to the professional realm. Ryan Linn and Jason Andress have created a guide that explores and introduces the techniques that are necessary to build the scripts used during a test. No matter the platform, this book provides the information required to learn scripting and become a world-class penetration tester. This is definitely a book that will remain close at hand for every test I perform!"--Kevin Johnson, Senior Consultant, Secure Ideas

"At 175 pages, the book does not kill many trees, but does give the reader an overview of all of the key principles around information security…For those looking to get their feet wet in the deep waters of information security, The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice is a great place to start."--RSAConference.com

"Overall this is an excellent book, which offers some clear and effective tutorials on the different languages and on efficient and effective penetration testing. It’s highly recommended for any testers who want to broaden their skills and move to the next level."--BCS.org

 
 
Discount on Science and Technology eBooks | Use code DRMFREE
NOTE: We are upgrading our eBook operations; please allow up to 1-2 days for delivery of your eBook order.