I just downloaded a PDF of it. It's not my cup of tea. Half the book had the same "and this is how you use metasploit" writing style that can be seen in their other shittier books. The rest was the same old song and dance to me.
Using metasploit is about 25 pages out of the overall total of the book, and it's not for everyone... or people that already know a thing or two but it's a great learning resource (one of the reasons I'm using it as the text book).
metguru: The book isn't very high on the prerequisite skills because of the way it's written. It starts with background around ethics and law... then it does pen testing tools (metasploit and backtrack). From there it has a nice intro chapter on programming (C, Python, Assembly) but it is definitely a intro chapter. You'll know how memory works, about endianess and a few other basics... as well as a few commands in the above languages.
Following that it walks through buffer overflows, format string vulnerabilities and so forth in Linux... and then discusses shellcode. (including writing shellcode and automating it's usage with metasploit). Then there's a start to finish walk-through of exploiting a vuln on Windows.
After that you have vuln analysis, IDA Pro, reverse engineering (malware and other)... There's also a bunch on fuzzing, etc.
All in all it's a decent book to have laying around to learn a topic or to use as a guide when you need to reference something.
I have three stacks of computer books... it was good enough to make stack one, which is on my desk. (It's along side Nmap Network Scanning, RE Code with IDA Pro, Reversing: Secrets of RE, The Best of 2600, and the Intel IA-32 Reference books). My desk at work has another copy of RE Code with IDA Pro, the IDA Pro book by Chris Eagle, and a copy of the IA-32 Reference books (it's the newer edition so 64 and IA-32).
There's 3 other books in the room and then a couple shelves on my book shelf for some older stuff.
February 27th, 2009, 09:26 AM
Well I've printed it , all 500 pages and going to start the enduring read. What I like about it is that there is a chapter on ethics , some law etc. So its quite a good intro which it what I was looking for.
Spec man, what do you suggest for an intro / newbie book to get started?
February 27th, 2009, 03:51 PM
The books written by the guys over at rootkit.com are pretty good.
The Best of 2600
Have you ever noticed that the words "Computer" and "Technology" almost never appear on junk like 2600? What they have done is exactly what MTV and (music journalism as a whole) did to music. The key words these people use is hacking "scene".
My problem with people like that is one look at them and its like, jesus man... aren't you a little old for dressing up like a myspace hipster and trying to emulate what everyone else is doing online?
March 6th, 2009, 12:16 PM
Running through the book.
Excellent read I must say.
Im going through the META tutorial. I created a XP SP1 machine on a VM using vmware workstation. I then downloaded meta framework and updated but for some reason I am not getting the same output as in the tutorial. Could anyone help me on this?
I dont want to turn this into a meta thread so if you interested to help please PM me.