The Hacker Playbook 2: Practical Guide To Penetration Testing

This book was a great sequel to the first Hacker Playbook. I've always enjoyed how the methods that are presented in this book stray away from simple penetration testing methodology into more targeted and smart hacking, with varying emphasis on how loud or silent to be in an engagement. Furthermore, the tools presented in this book as alternatives to the industry standard (e.x, Masscan as opposed to Nmap), are all tools I now include in my arsenal for engagements. Plus, instead of just looking at the same methods of attacking machines and different computing technologies, there are relevant vulnerabilities that are illustrated from an entire year of security research from various hackers (Heartbleed, Shellshock, etc.), making the skills you can acquire from this book relevant to the things you would normally see deployed in today's environment. Most noticeably, the practical approach to this book, the setup of a legitimate testing environment, and illustrated examples of techniques that are based off of real engagements make this book a must have for beginners and experts alike. All in all, 10 out of 10. I highly recommend purchasing this book if you are a penetration tester or looking to get into the security field.

I gave to my son this book because he will study in the university informatics with option in cybersecurity. It has a good approach and simple explanations to use with Kali Linux and It got the interest of my son.I think that it has a good written with compact explanations for security IT terms and if you do a lab with equipments in a small LAN this will be a good book for everyone that feels passion for cybersecurity. Only a bad situation is the paper that it is similar to a copy in low resolution but I think this one is about the low price. The author has good approach for a young student.

Security professional with 5-6 years of high level incident response and threat intel work here. These (THPB 1 and 2) are my go to books for pen testing / offsec. I like Kim's writing style and approach to covering the topics so I always pick up these books at some point. It's a nice and easy light read but has enough technical info and insight by the author to be useful to any information security professional from day onward. It's also worth noting that the author is actively engaged in the security community and working as a very successful penetration tester. Between that and updating the corresponding website ([...]) it's a good value.At the price of less than a pizza delivery and generally in the list of my top 10 security books/series, it's an easy choice to pick these up.

I'm torn on how to rate this book. I've only had it for a day, but I think the content is awesome. There is a ton of information to learn from, and I especially like the info on how to set up pentest boxes. However, I'm very disappointed in the physical book itself. It looks like it was printed in someone's basement, on a low end laser printer that was running out of toner! Many of the section headers have lots of white running through the black text - not sure if that is intentionally done or not, but it's not a good look. I also have to say that the binding and gluing is poorly done - glue oozing out and making it hard to turn the pages.So, 5 stars for content, 1 star for the physical presentation of the book.Edit: After seeing my review, the author contacted me and offered to send me a new copy of the book. The new book arrived and is in much better physical condition. The gluing is much better - no glue oozing out, making it easy to actually turn the pages. The print is similar to my original copy, so I'm assuming that it's supposed to be that way. I'm not crazy about the font, but I can deal with it. Now, 5 stars for content, 4 stars for the physical presentation of the book.

TL;DR: Excellent book for infosec practitioners, and a good read for application developers, system and network admins.The book tries to cover many of the tools which could be used during a technical assessment "pentest or vulnerability assessment"; what makes this book stand out from other similar books is that every single tool listed and explained in the book actually work and are relevant in modern environments, with excellent coverage of powershell as an offensive platform.The book explains how to achieve pentesting tasks in a very straight forward way, along with a brief part about setting up a test environment;It explains many of tools available in kali, passive discovery, creating password lists, scraping open source information, brief web application pentesting class, sqlmap and touches on more advanced topics, like evading AV and executing payloads remotely from memory, just to name few.This is, hands-down, one of the most useful technical assessment books I’ve purchased to date.

The book ROCKS i get like 5 , and this one . Have good data.More than the CODES or tools this book give a way of thinking very interesting.You will never be the same after you red this.Is hard to belive this info is public just for some bucks.You can feel the autor in each line , he love github and use code , easy to start.He say this book is not for beginers but i belive this book is a godd book even if you are not interested in computers but you learn how easy the sistem can get down.This is one of the best books i ever get....and i use many triks to make safe my sites like fraguas.com.ar

The hacker playbooks are all worth having, buy them now! i have read all three of these and i have gained so much valuable knowledge, i highly recommend investing in all 3 if you can.

A lot of detail, and depth. Still have this book 5 years later

Es un buen libro para iniciar en el pentesting, pero dada la naturaleza del libro y la referencia a diversos links y a que lo vas a estar usando junto con las máquinas virtuales yo te recomiendo que mejor lo compres DIGITAL y te evitas de estar escribiendo las URL's a mano.

Delivery was before the date.. Book condition is good.. Go for it if you want to do pentration testing basics

I haven't readed yet, but I do know it's an old I.T book.

Una premessa: non è semplice.E' un libro completo con una descrizione approfondita di diverse tecniche di hacking (e, ovviamente, tecniche di protezione da hacking).Se interessa avere dei racconti di hacking non è il libro giusto. Va bene per chi vuole/può prepararsi una bella macchina Linux (kali Linux, per la precisione) e fare prova sul campo (ci sono dei siti che ti permettono di "giocare" senza il rischio di essere arrestato!!!).