Table of Contents

Foreword by Peter Van Eeckhoutte
Acknowledgements
Introduction
Penetration Testing Primer
Part 1: The Basics
Chapter 1: Setting Up Your Virtual Lab
Chapter 2: Using Kali Linux
Chapter 3: Programming
Chapter 4: Using the Metasploit Framework
Part 2: Assessments
Chapter 5: Information Gathering
Chapter 6: Finding Vulnerabilities
Chapter 7: Capturing Traffic
Part 3: Attacks
Chapter 8: Exploitation
Chapter 9: Password Attacks
Chapter 10: Client-Side Exploitation
Chapter 11: Social Engineering
Chapter 12: Bypassing Antivirus Applications
Chapter 13: Post Exploitation
Chapter 14: Web Application Testing
Chapter 15: Wireless Attacks
Part 4: Exploit Development
Chapter 16: A Stack-Based Buffer Overflow in Linux
Chapter 17: A Stack-Based Buffer Overflow in Windows
Chapter 18: Structured Exception Handler Overwrites
Chapter 19: Fuzzing, Porting Exploits, and Metasploit Modules
Part 5: Mobile Hacking
Chapter 20: Using the Smartphone Pentest Framework
Resources
Index

About the Author

Georgia Weidman is a penetration tester and researcher, as well as the founder of Bulb Security, a security consulting firm. She presents at conferences around the world, including Black Hat, ShmooCon, and DerbyCon, and teaches classes on topics such as penetration testing, mobile hacking, and exploit development. She was awarded a DARPA Cyber Fast Track grant to continue her work in mobile device security.

Reviews

"The explanatory subtitle of this book is 'A Hands-On Introduction to Hacking,' and it's exactly what you'll get. This is the best book for pentesting beginners that I ever had the pleasure of reading."
—Help Net Security

"An excellent resource into the realm of penetration testing."
—Ethical Hacker

"Practical, useful and insightful. How hackers work and how you can use the same methods and tools to guard your systems against attack."
—Sandra Henry-Stocker, IT World

"Weidman's presentation has much to recommend it to the technical security professional. Definitely a recommended read."
—Richard Austin, IEEE Cipher

"An excellent resource into the realm of penetration testing."
—Xavier Mertins, TrueSec

"A sound introduction to pentesting."
—ACM Computing Reviews

"A great book on infosec, detailing a large sum of computer penetration testing and exploitation."
—Dan Borges, Lockboxx

"A great introduction to finding vulnerabilities in your system penetration testing made accessible, and well illustrated too."
—MagPi Magazine

"This is one of the top books you must read if you are new to penetration testing . . . Not only is the book still relevant to the community, new courses are being created that center around this book. Including a new one taught by Georgia herself! And although Georgia is currently working on a new version, this book is still a must have in any hacker’s collection."
—Davin Jackson, Alpha Cyber Security, Books to Start Your Penetration Testing Journey

"Arguably, one of the best books I have ever read as a beginner. I learned about different domains of security and penetration testing, and the author never slipped from the point and got distracted. Overall, an excellent informational resource, a great introduction to penetration testing."
—Sudo Realm

"Penetration Testing: A Hands-on Introduction to Hacking, by Ms. Georgia Weidman, is one of the best book for to start with and for advancing the career in the field of penetration testing. I personally suggest the learners to start with this as the use of words are very simple which makes learning easy, also the methods are well explained for novice to grasp."
—Kamal Dev, KamalDev.me

"The Bible for IT-based testing."
—Dave, @CyberOutsider