Quote Originally Posted by The-Spec View Post
I just downloaded a PDF of it. It's not my cup of tea. Half the book had the same "and this is how you use metasploit" writing style that can be seen in their other shittier books. The rest was the same old song and dance to me.
Using metasploit is about 25 pages out of the overall total of the book, and it's not for everyone... or people that already know a thing or two but it's a great learning resource (one of the reasons I'm using it as the text book).

metguru: The book isn't very high on the prerequisite skills because of the way it's written. It starts with background around ethics and law... then it does pen testing tools (metasploit and backtrack). From there it has a nice intro chapter on programming (C, Python, Assembly) but it is definitely a intro chapter. You'll know how memory works, about endianess and a few other basics... as well as a few commands in the above languages.

Following that it walks through buffer overflows, format string vulnerabilities and so forth in Linux... and then discusses shellcode. (including writing shellcode and automating it's usage with metasploit). Then there's a start to finish walk-through of exploiting a vuln on Windows.

After that you have vuln analysis, IDA Pro, reverse engineering (malware and other)... There's also a bunch on fuzzing, etc.

All in all it's a decent book to have laying around to learn a topic or to use as a guide when you need to reference something.

I have three stacks of computer books... it was good enough to make stack one, which is on my desk. (It's along side Nmap Network Scanning, RE Code with IDA Pro, Reversing: Secrets of RE, The Best of 2600, and the Intel IA-32 Reference books). My desk at work has another copy of RE Code with IDA Pro, the IDA Pro book by Chris Eagle, and a copy of the IA-32 Reference books (it's the newer edition so 64 and IA-32).

There's 3 other books in the room and then a couple shelves on my book shelf for some older stuff.