Kali Linux – Assuring Security by Penetration Testing

Had some time over the holiday to finish my review copy of Kali Linux – Assuring Security by Penetration Testing, which is Ppobably one of the better beginner/intermediate Kali books. 

This book covers a lot of ground and lays down a solid foundation for discovery, enumeration, vulnerability assessment, exploitation, persistence, and reporting.  It covers a lot of the basic tools like nmap, wireshark, metasploit, openvas,and  burp as well as going into some of the fuzzers, MITM attacks, escalation and more.  

The only thing that would make this book perfect is if the author got rid of the first two chapters (downloading,installing,configuring, etc) and condensed the chapters on penetration testing methodologies and reporting together. 

You can read more about it here.

Expert Metasploit Penetration Testing [Video Course]

I took some time and looked through Packt’s ‘Expert Metasploit Penetration Testing’ Video course higher expectaions due to the work “Expert” being in the title.  Before we begin, let me say this:  the course isn’t bad at all.  It’s great— but geared more toward people who haven’t been exposed to metasploit (or Linux) at all.

For example— the first few parts of course go over basic use of nmap, how to view command line parameters— not something I would really expect in an “expert” course.  The material takes you through the basics of a nmap and nessus scan, basic uses of the msf suite (msfpayload, msfencode, meterpreter, etc) as well as covering some basic post exploitation tactics. 

Another thing that didn’t set well with me as the material is over two dead distributions— Backtrack 5 and Windows XP SP2.  It’s time to move on to Kali and Windows 7 or 8.  ms08_067_netapi is great as an academic demonstration, but it would be nice to see material that covered more modern operating systems.

All-in-all, this isn’t a bad course at all.  If you’re new to the penetration testing scene and have never used some of the tools demonstrated, I would highly recommend taking the time and going through this course.

You can read more about it here:

You can view a sample of the course on pivoting on YouTube here:

Network Security Through Data Analysis

Understanding your logs and traffic flows are critical to identifying and remediating threats to (or in) your environment.   While the author does not go to any great lengths of depth, he does provide a solid high-level approach to the multitude of ways you can sift through your data and detect anomalies.  

Overall, this book was alright.  I wish it went into greater depth on some of the topics (perhaps the author would make an intermediate-advanced volume??? :D )   I would recommend this for anyone looking to get a solid foundation collection, detection, and correlation.  

You can read more about the book here:

Web Services Testing with soapUI

I received my review copy of Web Services Testing with soapUI a few days ago and I’m pretty much indifferent with this book.  On one hand, there isn’t a lot of books out there dealing with soapUI, so it’s hard to compare it to others on the market.  The book is alright— it covers the basics of installation and configuration as well as conducting some discussion surrounding webservices in general.  If you’re new to webservices or soapUI, this book could provide some value with you.

You can read more about it here.

Malware Forensics Field Guide for Linux Systems

Much like it’s Windows counterpart, the Malware Forensics Field Guide for Linux Systems does not disappoint.  With this book, some Linux fundamentals, a few open source tools, and a suspect piece of software you can begin the incident handling process for a suspect piece of software found on a Linux system.

This book also comes with some best practices and cheat sheets for every step of the process.  Not only does it tell you what do to, but it also tells you what you shouldn’t do in order to maintain the integrity of the collection.

Overall, the MFFGfLS is a great addition to your incident response/malware analysis collection. 

You can read more about it here.

Regular Expressions Cookbook

I’ve always been a fan of the ‘Cookbook’ series of books: it’s the information I want, when I want it, without the fluff.  This book definitely does not disappoint.  Here’s how the book is laid out:

1.  Present the problem.
2.  Present the solution
3.  Present the solution if it’s different in .net, java, pcre, etc.

While the earlier chapters deal with the basics and some theory, this book is geared more to regex veterans.  Regardless, it’s a great addition to my ‘essentials’ shelf.  Highly recommend to any professional who deals in regular expressions daily.

You can read more about it here.

image

Malware Forensics Field Guide for Windows Systems

While not a in-depth as Practical Malware Analysis or the Malware Analysts Cookbook, Malware Forensics Field Guide for Windows Systems provides a great guide for those looking to either create or compliment their incident response process by detailing industry standard techniques for reversing malware. 

That being said, where this book shines is it’s aptly-named field guide look and feel which allows you to quickly get to information pertinent to your incident.  The book is littered with analysts tips, screenshots, and checklists that streamline the IR process.

If you’re looking to compliment your IR processes and procedures, you can’t go wrong with this book.   Once you have an established process and are familiar with the tools, I’d also recommend picking up the other two books mentioned as they are more hands-on with labs that will put the foundations learned in this book to use.

You can read more about it here.

image

The Linux Programming Interface

If you’re looking to do some low-level Linux API/Kernel development, this is the book you want close by.  This book has it all— from file IO, to processes, threading, memory management, socket programming, you name it.  All with well explained examples in C. 

This book is incredibly well structured and the authors delivers well explained concepts with code examples that makes this a vital reference book to any Linux system developer or software engineer. 

Another great aspect of this book is that every system call comes with a complete, fully functional example program.  This is unlike a lot of development books that just highlight particular methods or calls. 

Definitely of the the best Linux reference books I’ve read.  Highly recommend.

You can read more about it here.

The Tangled Web

The Tangled Web provides an in-depth academic approach to web security to examine the current threat landscape, how we got here, and how to better secure your applications.

One thing I really enjoyed about this book is that it conveys technial content without having you do any real labs or follow along with code examples. To sweeten the deal even further, there’s some handy cheat sheets at the end of each chapter that you can utilize as a checklist for your applicaitons.

Overall, I think this is a great book for security engineers or web developers who want to understand how their applications are under attack.

You can read more about it here.