BackTrack 4: Assuring Security by Penetration Testing and over one million other books are available for Amazon Kindle. Learn more
CDN$ 54.59
  • List Price: CDN$ 55.81
  • You Save: CDN$ 1.22 (2%)
Usually ships within 4 to 7 weeks.
Ships from and sold by Amazon.ca.
Gift-wrap available.
Quantity:1
Backtrack 4: Assuring Sec... has been added to your Cart
Have one to sell?
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See all 2 images

Backtrack 4: Assuring Security by Penetration Testing Paperback – Mar 1 2011


See all 2 formats and editions Hide other formats and editions
Amazon Price New from Used from
Kindle Edition
"Please retry"
Paperback
"Please retry"
CDN$ 54.59
CDN$ 54.59 CDN$ 47.94

Best Books of 2014
Unruly Places is our #1 pick for 2014. See all

Frequently Bought Together

Backtrack 4: Assuring Security by Penetration Testing + Metasploit: The Penetration Tester's Guide
Price For Both: CDN$ 87.51

One of these items ships sooner than the other.


Customers Who Bought This Item Also Bought



Product Details

  • Paperback: 1 pages
  • Publisher: Packt Publishing (March 1 2011)
  • Language: English
  • ISBN-10: 1849513945
  • ISBN-13: 978-1849513944
  • Product Dimensions: 21.6 x 2.3 x 27.9 cm
  • Shipping Weight: 1.1 Kg
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (4 customer reviews)
  • Amazon Bestsellers Rank: #326,007 in Books (See Top 100 in Books)

Inside This Book (Learn More)
Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Back Cover
Search inside this book:

Customer Reviews

4.5 out of 5 stars
5 star
2
4 star
2
3 star
0
2 star
0
1 star
0
See all 4 customer reviews
Share your thoughts with other customers

Most helpful customer reviews

1 of 1 people found the following review helpful By JAMES D MURRAY on May 24 2011
Format: Paperback
This book is not just about learning a bunch of command line tools for p0wning a few poorly-maintained systems. In this book, the authors do a good job exposing the reader to the many facets of pen testing, and present the readers with the opportunity to try a few new things along the way, including virtualization, Linux, and BackTrack itself.

The authors introduce the idea that pen testing is not about randomly using a collection of tools to plink around a network. Instead, a structured, procedural methodology should be used to achieve timely, thorough, and reportable results. The authors also provide a detailed description of a security testing methodology to be used with BackTrack itself.

Each step in this methodology represents an element in the penetration testing life cycle management performed for each customer. The authors describe how this organized progression allows pen testers to determine their course of action, plan for needed resources, and not waste time and resources by duplicating effort. My only complaint is that this section is too small, and deserves expanding using actual case studies.

A considerable number of pen testing tools for each step in the methodology are covered with examples and instruction. Popular tools covered include Metasploit (Meterpreter), Maltego, NMap, NetXpose, and Nessus. Tools for exploiting (uh, testing) Web servers, databases, applications, and even Cisco devices are also covered.

I was very happy to see a chapter on Social Engineering. Experienced pen testers often remark that the most penetrable area of any system are the people who use and control it.
Read more ›
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
1 of 1 people found the following review helpful By Richard J. Wagner on May 11 2011
Format: Paperback
I suppose these tools are going to be in the public domain anyway, so we might as well educate white hats as well as the black hats that may know them already. This book is a complete guide to penetration testing, aimed at potential security consultants. (That's the good part.) The bad part is that this book in the wrong hands can wreak all kinds of havoc-- it makes hacking way too easy. The authors do a good job of providing the right level of detail in all sorts of IT disciplines (networking, protocols, remote access, etc.), not spending too much time because there's just too many tools to introduce.

Frightening, yet useful in the right hands. If you are a security testing professional, you really need a copy of this book.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
1 of 1 people found the following review helpful By W Boudville on April 27 2011
Format: Paperback
The authors tackle a persistent danger to many websites and networks that hang off the Internet, where often the complexity of the operating systems and applications and the interactions between these can open doors to attackers. So the basic idea of penetration testing is to preemptively probe ('attack') your system. Find the weaknesses first, before others do so.

In part, the text offers a good overview of the field, separate from the usages of BackTrack. So you get a summary of several common security testing methodologies. Including the Open Source Security Testing Methodology Manual. If you have a background in science experiments, you'll see clear parallels in how this OSSTMM approach investigates an unknown system.

As far as BackTrack is concerned, its capabilities are explored in depth through most of the text. It does seem to have covered all the bases. Like checking/scanning for open TCP and UDP ports on target machines. Or looking for live machines on a network. One thing that becomes clear is that you can treat BackTrack as a repertoire of free tools. And you can pick just a subset of these tools to initially use against your network, if you have specific needs or suspicions,

To be sure, the recommended usage is a top down one, where you treat BackTrack as an integrated whole and you systematically first plan out your entire testing. No argument from me. You should do this, if you decide to use BackTrack in the first place. But a pragmatic incremental approach might still have some merit. Where you can just choose a tool and look up its usage in the text and run it. Easy to get some experience and confidence.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.
Format: Paperback
It is one of the best penetration testing guides that helps you to understand and plan the security assessments in accordance with BackTrack testing process. It also provides powerful and practical insights of various security standards such as OWASP, OSSTMM, WASC-TC, and ISSAF. The book also allows an open alignment for test execution with any of the chosen methodological approach. This brings "BackTrack 4: Assuring Security By Penetration Testing" to be the best manual written so far. The chapters gradually covers each and every single piece of information that is must to know for professional penetration testers. I would highly recommend this book to industry professionals working either as a security consultant, architect or analyst. The book itself is an open call for BlackHat, GrayHat and WhiteHat pros to learn an extra mile.
Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again.

Most Helpful Customer Reviews on Amazon.com (beta)

Amazon.com: 58 reviews
64 of 67 people found the following review helpful
For people who want to know what it's like to be a pen tester June 18 2011
By JAMES D MURRAY - Published on Amazon.com
Format: Paperback
This book is not just about learning a bunch of command line tools for p0wning a few poorly-maintained systems. In this book, the authors do a good job exposing the reader to the many facets of pen testing, and present the readers with the opportunity to try a few new things along the way, including virtualization, Linux, and BackTrack itself.

The authors introduce the idea that pen testing is not about randomly using a collection of tools to plink around a network. Instead, a structured, procedural methodology should be used to achieve timely, thorough, and reportable results. The author's also provide a detailed description of a security testing methodology to be used with BackTrack itself.

Each step in this methodology represents an element in the penetration testing life cycle management performed for each customer. The authors describe how this organized progression allows pen testers to determine their course of action, plan for needed resources, and not waste time and resources by duplicating effort. My only complaint is that this section is too small, and deserves expanding using actual case studies.

A considerable number of pen testing tools for each step in the methodology are covered with examples and instruction. Popular tools covered include Metasploit (Meterpreter), Maltego, NMap, NetXpose, and Nessus. Tools for exploiting (uh, testing) Web servers, databases, applications, and even Cisco devices are also covered.

I was very happy to see a chapter on Social Engineering. Experienced pen testers often remark that the most penetrable area of any system are the people who use and control it. The authors provide a detailed description of the psychology, tactics, and objectives of social engineering and how it is used to penetrate the "fleshy" parts of information systems.

This book is intended to educate both novice and experienced pen testers on how to successfully use BackTrack 4. I am sure not every professional pen testing will agree with everything in this book, as it represents the personal experience of only a few people in the profession. However, novices will find a tremendous amount of hands-on practice and enlightening information related to the pen testing profession in clear and readable instructions. Pros should a few things about becoming an even more efficient and versatile pen tester too.
44 of 45 people found the following review helpful
Good stuff! June 11 2011
By L. Fesenden - Published on Amazon.com
Format: Paperback
Right after I got this book, Backtrack 5 was released. My intention was to go through the book and compare/contrast things to Backtrack 5. Well, we all know the saying about the best layed plans...
That being said, I believe the information in this book to be directly applicable to Backtrack 5 and a good reference for it!

The book is a great tutorial and walk-through on how to use Backtrack for security and penetration testing, but, more than that, it offers good information about the field in general. You will go through software installations, software overviews, methodologies, tests / testing, and my favorite part, reporting and deliverables, a MUST for professional computer people.

I think this is an excellent book to add to your knowledge arsenal and you may be surprised at just how much you didn't know. I know I was. This really is an important subject for computer professionals and I cant think of a better way to brush up than by grabbing a copy today. Thumbs up!
50 of 52 people found the following review helpful
Very Good For Backtrack Beginners June 12 2011
By Mathew R Burnett - Published on Amazon.com
Format: Paperback Verified Purchase
This book was written very well for any BackTrack Beginners. Note going into this book though that BackTrack 5 is now available for free download. The chapters go over a lot of the tools, and you delve into Metasploit and some other Vulnerability Tools as well, though it sometimes seems rushed (which is why I am giving it a 4star instead of 5star rating). I think this book would have been amazing if it had a DVD with extra stuff, or even with the Backtrack ISO on it.

I would recommend this to anyone who doesn't know very much about BackTrack, or anyone who just wants a reference for it. This is also a great book for beginner Pen Testers.
53 of 56 people found the following review helpful
BackTrack 4: Assuring Security by Penetration Testing July 11 2011
By Mat - Published on Amazon.com
Format: Paperback
I've always had an interest in BackTrack since version 4, however it seemed to be the one distribution that you couldn't find a recent (or decent) book for. There are a few out there, but both several versions old leaving tidbits and tutorials from assorted websites and youTube as the sole source of information on the distribution and the toolset contained within. I was fortunate to come across this book from Packt Publishing. BackTrack 4: Assuring Security Testing by Penetration Testing was the book I've been looking for.

This book did wonders for me. Not only did it begin talking about the process and procedures for for planning and mapping out your testing, but also goes in-depth detailing and demonstrating the tools following that process. Those are: Target Scoping, Information Gathering, Target Discovery, Enumerating Target, Vulnerability Mapping, Social Engineering, Target Exploitation, Privilege Escalation, and Maintaining Access.

I went through this book with the latest distribution, BackTrack 5. Although majority of the information was applicable, i still had to pop over to a BackTrack 4 virtual for some of the exercises. Overall, I found this book extremely useful and would definitely recommend it to anyone wanting to learn about penetration and network security or test their home defenses. While not a complete or definitive volume by any means, it is a great foundation for those wanting to start down the path of penetration testing.
43 of 45 people found the following review helpful
Very useful manual for security consultants July 20 2011
By D A Hutson - Published on Amazon.com
Format: Paperback
I am one of those security consultants who deal with number of Fortune 500 companies and government agencies. While engaging in security assessment and auditing projects, the book like "BackTrack 4: Assuring Security by Penetration Testing" values more than just a handful key to recall and play with number of pen-testing tools. It is a great resource for penetration testers as a reference manual. It has also highlighted all the basic and advanced features of how the pen-testing should be conducted logically. I wish the new version of this book should come out soon to reflect changes within Backtrack v5.

Look for similar items by category


Feedback