Spotlight customer reviews:
|
Customer Rating: 
Summary: i love GHH
Comment: i have read tonnes of books on this subject.starting from secrets of a super hacker by knightmare(published way back in 94, trust me dat was a great read n even 2day i find myself glued to da back as the first time i read it.now coming back 2 gray hat hacking.this is wat i would like 2 call the hacking reference book for the next generation.every one concerned about security should consider picking up this book.u might as well save some money n picking up more knowledge than any of the hacking exposed books in the market.no this book is not for button clicking script kiddies who play around wid trojans n claim to be hackers or web defacers(lamers).if u belong to da breed of script kiddies pick up this disgustin book by ankit fadia (oh by the way ive reviewed it).i wouuld liek to congradulate the authors for the outstanding work put into this book.howeever it would be great to see expanded materials on various topics and a little more detail in tool description.its not bad but it could still be better.so as i said before get dis book u wont regret it.so kiddies grow up keep those hacking exposed n ankit fadias books apart throw em in da firplace burn em do anythin .but go get dis one
laterzzzzzz
Customer Rating: 
Summary: Covers more than the typical hacking book
Comment: "Gray Hat Hacking - The Ethical Hacker's Handbook" is not your normal hacking book. This book should not be lumped in with the "Hacking Exposed" series nor the likes of "Counter Hack". What differentiates Gray Hat Hacking (GHH) from other books is the amount of code the book offers. This book is not for script kiddies, but instead shows how to advance to the next level of hacking (and, more importantly, prevention) by devoting over 100 pages to developing programming skills for both Linux and Window exploits. I had not encountered a book that dedicated this much space to scripting.
The authors take a delicate balance at discussing tools that are well documented in other publications (ettercap, xploit2 & p0f), and mentioning some lesser known tools (sharefuzz, RATS and valgrind). While I believe there is no doubt that the authors know their material, I do agree with other reviewers in wishing GHH was simply expanded. I also like that GHH offers many referrences. Page for page, this book probably received more highlights than any other hacking book I own.
I give this book 4 pings out of 5:
!!!.!
Customer Rating:
Summary: Great buy for every IT dept.
Comment: I bought this book from a store in D.C, and read it on my way back to India. I was impressed. Never found any book that deals with computer security and software vulnerabilities written so well. The reason I like this book is than others is because it does not only give you information that can help you in assessing your network security, but also gives you a basic introduction to the laws and legal technicalities. The contents of this book cover most of computer/network security related areas including technical implementation, planning, and defense. Therefore, it is not only for system engineers, but also for people managing IT departments.
My favorite chapters were those which discussed about reverse engineering, programming survival skills, and legal aspects of hacking. However, I do agree with one of the reviewers on the definition of "Grey Hat Hackers", I do agree that the authors were wrong here, and should have chosen a different title. Otherwise, the book is great and the reason it has something for everyone who deals with IT security is, because it took five authors to write this book and all of the specializes in different segments of IT security. The book is not expensive, I bought it for $45, and you can get it from Amazon for $33 and believe me that's nothing. I have spent more money on books those have attractive titles but actually are crap. Have a look at those written by Ankit Fadia, and you will know what I mean.
Customer Rating:
Summary: Excelent
Comment: The best book of ethical hacking that you can buy
Customer Rating:
Summary: Fun and useful security book
Comment: Yet another general "security-hacking" book which is good - you've got to be kidding? However unbelievable it might sound, a weirdly titled "Grayhat Hacking" (I guess, in this context it means "semi-criminal" : - ) ) is a remarkable book on vulnerability discovery, exploit writing and pentesting. I would treat this book as less of a "tool book" (which I generally hate), but more of an "approach book".
I does contain sections on tools useful during the penetration testing, but with different highlights. For example, I liked that in the necessary section on scanning, the authors did not fell into "hey-I-know-all-the-nmap-flags" trap (common in security books) and described `scanrand' and other fun tools for network discovery. I loved their overview of exploitation frameworks (CANVAS, Impact and Metasploit), although would have preferred a bit more details (maybe an use case for discovering a vulnerability with CANVAS, for example)
While this book's coverage of software exploitation is not as in-depth as, say, `Exploiting Software', I still liked the way it is presented. I suspect it will appear to less hard-core people who do not write exploits daily. Windows and Linux shellcode and exploit tips are nicely separated, which avoids a confusion sometimes seen in other books.
The book is mostly focuses on the attacking side (however ethical it might be...), but also has some tips for the defending side (for example, a somewhat light-weight section on patching software).
Overall, I think the book is really useful for just about any technical security professional, especially those starting to do more in-depth pentesting.
Anton Chuvakin, Ph.D., GCIA, GCIH, GCFA is a Security Strategist with a major security company. He is an author of the book "Security Warrior" and a contributor to "Know Your Enemy II". In his spare time, he maintains his security portal info-secure.org
|
|
|
