Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Hands-On Ethical Hacking Tactics
Hands-On Ethical Hacking Tactics

Hands-On Ethical Hacking Tactics: Strategies, tools, and techniques for effective cyber defense

eBook
€26.98 €29.99
Paperback
€37.99
Subscription
Free Trial
Renews at €18.99p/m

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Table of content icon View table of contents Preview book icon Preview Book

Hands-On Ethical Hacking Tactics

Ethical Hacking Concepts

Hackers and hacking are usually associated with criminal activity, but it wasn’t always that way. In the 1960s, learning and working on computers wasn’t readily available. They were difficult to work with and those that could get things working often hacked things together. In other words, hackers were innovators who could solve complex problems.

In the late 1970s, computers became accessible to the public through homebrew kits, and at that time, curiosity and innovation were still a part of the hacking community. It wasn’t until the 1980s that hacking took on a negative tone, with the release of movies such as WarGames and Hackers, and the image of a hacker changed from an enthusiast to a criminal. Since this time, the term hacker has been associated with criminal and malicious activity.

Fast-forward to today and we have a concept known as ethical hacking, meaning we take the concepts and techniques used by hackers and apply them for the benefit of organizations and individuals in an attempt to elevate their security posture. This is the first chapter in your journey to understand and apply the concepts of hacking in an ethical manner.

In this chapter, we’re going to cover the following main topics:

  • What is ethical hacking?
  • Elements of information security
  • Why do intrusions and attacks happen?
  • Types and profiles of attackers and defenders
  • Attack targets and types
  • The anatomy of an attack
  • Ethical hacking and penetration testing
  • Defensive technologies
  • Lab – setting up the testing lab

Technical requirements

Labs have been included to get the most out of this book. The labs are designed to enhance the subject matter by supplying tangible examples of what is covered. To be successful with the labs, the following minimum system settings are required:

  • 8 GB of RAM minimum (16 GB recommended)
  • 50 GB of disk space
  • The rights to install applications

What is ethical hacking?

Ethical hacking represents a group of skills within cyber security that manifests in a few distinctive roles, including pen testers, blue teamers, and purple teamers. Ethical hackers are also part of a larger group known as white hat hackers, whose focus is education and defense. We will discuss this in detail in the White hat hackers section later in this chapter.

What role does the ethical hacker play in organizational security? Unlike threat actors (black hats), who are motivated primarily by financial gain, ethical hackers align themselves on the defensive side of networks, attempting to secure networks by pointing out flaws and misconfigurations that malicious attackers would take advantage of. They are commonly associated with penetration testing but really can assume any role within an organization. Ethical hackers represent the apex of security practices within an organization. These practices start with core areas such as antivirus software and patch management and move on to more complex security issues such as remote automation and administration, as well as ingress and egress, encryption, and authentication.

Depending on their specific role, ethical hackers use a variety of tools and techniques to search for outdated software, misconfigured systems, and potential security weaknesses within the network. They use this information to not only bolster the overall organizational security but to find weaknesses and oversights that attackers would find by using the same techniques they use. Some other operations ethical hackers perform include discovering incomplete policies and procedures. They are also skilled in the tactics, techniques, and procedures (TTPs) of adversaries. This means they understand how attackers operate, what tools they use, how they find information, and how they use that to take advantage of an organization. Ethical hackers also realize security is an evolving discipline where learning and growth never end. One place to get a better understanding of attackers and the operations they perform is to review the MITRE ATT&CK framework, which lays out a matrix of 13 categories showing various attacks. For more information, see https://attack.mitre.org/.

How does one become an ethical hacker? There are several approaches that can be taken, including using this book, and courses covering hacking and cyber security that can get you started. There are also certifications, including the Offensive Security Certified Professional (OSCP), Certified Information Systems Security Professional (CISSP), and Certified Ethical Hacker (CEH). However, even with all these opportunities and paths that can be taken, the one thing needed more than anything else is just to be curious – about how all this technology works, how information is stored and communicated, and how technology interoperates with other machines and devices.

Now that we know what ethical hacking is, let’s take a look at what makes up information security.

Elements of information security

Information security and, subsequently, ethical hacking methodologies revolve around three core principles: Confidentiality, Integrity, and Availability (CIA). These core principles provide the framework for information security and are used by ethical hackers and security professionals to test security and security solutions. These principles can be described as follows:

  • Confidentiality: Data stored on networks in the form of databases, files, and so on carries a certain level of restriction. Access to information must be given only to authorized personnel. Some examples include nonpublic financial information that could be used to make investment decisions; this is also known as insider trading. Another example would be company patents or trade secrets.

    Ensuring this information is reserved for only those who need to know about it can be addressed through techniques such as encryption, network segmentation, and access restrictions, as well as practicing the principle of least privilege. These are the things ethical hackers check and test to make sure there are no gaps or exposure of information beyond what is authorized.

  • Integrity: Data that is accessed and viewed, whether part of an email or viewed through a web portal, must be trustworthy. Ethical hackers and security personnel ensure that data has not been modified or altered in any way; this includes data at rest as well as data in transit. Examples of integrity checks include showing and storing hash values and the use of techniques, including digital signatures and certificates.
  • Availability: The last principle is that of availability. Information that is locked down to a level where no one can access it not only defeats the purpose of having data but affects the efficiency of those who are authorized to access it. However, just like the other principles, there is a fine line between availability by authorized personnel and confidentiality. An ethical hacker tests availability in a number of ways. Some examples include remote access for employees, establishing hours of operation for personnel, and what devices can have access.

The concepts of CIA will be covered throughout the chapters as attack techniques are discussed and the principle(s) that are violated as part of an attack, as well as what practice (or practices) could be implemented to prevent/detect an attack. Next, let’s take a look at attackers and why they attack.

Why do intrusions and attacks happen?

Attacks do not operate in a vacuum, and as such, attacks and intrusions can be broken down into three core areas, sometimes referred to as the intrusion triangle or crime triangle. In other words, certain conditions must exist before an attack can occur. These core areas are Motive, Means, and Opportunity.

We’ll look at what each of these in the following sections.

Motive

An attacker must have a reason to want to attack a network. These motives include exploration, data manipulation, and causing damage, destroying, or stealing data. Motives may also be more personal, including financial, retaliation, or revenge. Examples include a disgruntled employee who wants to do damage based on some grievance with the company managers or coworkers. Another would be a cybercrime group targeting a company or industry to extort money through ransomware or some other means. Still, another would be a script kiddie who stumbled upon the network and thought it might be interesting to see what they could get access to. More on script kiddies in the Types and profiles of attackers and defenders section.

For investigators, it is also important to differentiate between motives for criminal activity and the operational goals and objectives associated with the larger crime. As an example, compromising user accounts is not the goal of an attack; gaining access to the corporate network and stealing data is. The account compromise is simply an operational goal.

It may also be important to understand the intensity of an attack and the motives behind it. People who are desperate are more determined to achieve their goals. The employee who is in a bad financial situation may see accessing and stealing company funds as the only means to alleviate the situation. And with that, the higher the pressure, the more likely it is that the employee will not only commit the crime but take larger risks to meet that goal.

Means

Once an attacker has a motive, they need the means to perform the attack. Means refers to the technology plus an individual’s or group’s skills, knowledge, and available resources. By understanding these requirements to commit a given crime, plus the potential motivations, investigators can narrow down attribution to individuals or groups and eliminate others. Additionally, investigators need to be aware of technological innovations as potential means of committing cybercrimes in relation to the crime committed. By way of example, a nation-state actor in China would not have the means to access and sabotage an electrical plant in the United States physically. However, once the electrical plant installed IoT sensors and connected them to the internet, the means would be made available.

Opportunity

The third part, completing the triangle, is opportunity. Used in conjunction with motive and means, an opportunity is that moment or chance where the attack can be completed successfully. For an opportunity to be available, it means that various protective mechanisms were either ineffective or non-existent. This means that human, technological, or environmental factors were conducive to the crime being committed. For example, a power failure might cause locked doors to fail open for safety but allow criminals free access to all areas of the company. Or, unpatched servers exposed to the internet might be discovered during a scan, informing attackers what exploit(s) will be successful in accessing the core network. You can see a visual representation of the crime triangle in the following figure:

Figure 1.1 – Crime triangle

Figure 1.1 – Crime triangle

Of the three areas, the ethical hacker has the most control over opportunity. As a defender, you cannot eliminate motive as that comes from the personal desires of the attacker, whether they are acting as an individual or a group. You also cannot eliminate means as knowledge is readily available, and skills can be acquired. This leaves opportunity as the area from which the odds of defending against and preventing most attacks are the most successful.

Now that we have looked at why intrusions happen, let’s take a look at the different types of people that make up the cyber security landscape, from attacker to defender.

Types and profiles of attackers and defenders

Now that we have spent time describing what is being protected and why attacks might occur, let’s look at our attackers and some of the areas where attacks take place.

The hacker community and the titles ascribed to or acquired by these groups have been a source of confusion furthered by movies and media. With all these names and titles, it can be challenging to understand who is on the good side, so to speak, versus the dark side. Let’s start by breaking these groups down, and defining what they do and where they operate.

Let’s start at the top, with Black Hats and White Hats. These monikers came from old Western movies where bad guys wore black hats, and the good guys wore white hats. The concept stuck, and from it, the black hat hacker was born, who uses their skills to perform criminal acts. On the other side is the white hat hacker, who uses their skills to help educate and defend companies and individuals from black hat activities. As with all groups and hats, for that matter, one size does not fit all, and as such, subgroups exist under these titles.

Let’s explore each of these in the following sections.

Black hat hackers

Black hat hackers are criminals who break into computer networks with malicious intent. Black hat hackers often start as novice script kiddies using purchased exploits and hacker tools – more on them in the Script kiddie section.

Their motivations lie in financial gain, revenge, or simply spreading havoc. Sometimes they might be ideological in nature, targeting industries and people they strongly disagree with.

How do black hat hackers operate? Well, they operate like any other big business; they have learned how to scale up campaigns and create distribution networks for their software. They have even developed specialties such as ransomware or phishing services they can sell or rent out.

Some even have call centers that they use to make outbound calls, pretending to represent organizations including Amazon, Microsoft, the IRS, and even law enforcement. In these scams, they try to convince potential victims to download remote control software allowing remote access. The attacker then uses their access to gather information from the victim including personal information, passwords, and banking information.

How do people end up becoming black hat hackers? Some will get a job from forums or other connections where they might be solicited and trained by organizations to make money quickly. Leading black hats are skilled hackers who may have formal training in the computer science or security fields.

Black hat hacking is extremely difficult to stop and a problem that is global in nature. The separation by geography, jurisdictions, and politics poses significant challenges for law enforcement.

Black hat hackers have several subcategories, including script kiddies, hacktivists, cyber terrorists, and cyber criminals, with slightly different motivations. Let’s look at these categories.

Script kiddies

Script kiddies, sometimes called skids or skiddies, are described as people who may be new to the area and have few skills, relying on the work of others to accomplish their goals. For their goals and motivations, this includes trading exploits, and attacking networks with well-known attacks that are in many cases easily thwarted. They may try to develop their skills or join other groups to gain experience, or possibly be used by criminal organizations. What makes this group dangerous is there are many of them and they do not necessarily have a core motivation, making them more difficult to profile.

Hacktivists

Hacktivism is where hacking meets political and/or social agendas. A hacktivist group has a clear focus on using their skills to target governments, corporations, and even individuals that fall into the agenda they support. Because of the nature of what they do, hacktivist groups can incorporate several other groups, including script kiddies and black hat hackers who agree with the agenda. Some of the most well-known hacktivist groups include Anonymous, LulzSec, and WikiLeaks.

Cyber terrorists/cyber warriors

This group tends to be more elite and includes cyber forces employed by their respective governments or powerful groups with the means, both financially and ideologically, to attract the people necessary to complete their tasks. These tasks cover several areas, including the following:

  • Disruption of major or significant websites
  • Disruption of critical infrastructure systems such as communications systems, electrical grids, and water resources
  • Espionage to spy on the target government to gain a strategic or an intelligence advantage

A term also synonymous with this group is cyber warfare since a large portion of this group involves nation-state activity.

Cyber criminals

This is a group that is motivated by profit and is composed of individuals or teams who use technology with malicious intent. This group may be involved in all types of crimes from credit card and identity fraud to bank account and medical record resale.

White hat hackers

This group is sometimes referred to as ethical hackers and is the opposite of black hat hackers. They defend computer systems and networks by identifying security flaws and making recommendations for improvements. Depending on their specific role, they perform a series of tests to check the efficiency of a security system. These tests can be simple security scans, policy and procedure tests, or attacker simulation tests. They can be performed by internal employees or third-party contractors attempting to find gaps in security.

How do white hat hackers operate? They use the same hacking methods as black hats; however, they have permission from the system owners to perform the operations and there are defined guidelines about what is being tested, which makes the process completely legal. So, instead of exploiting vulnerabilities and taking advantage of systems, white hat hackers work to help fix issues before actors with malicious intent discover them.

White hat hackers have a number of subcategories, including Pentesters (Red Team), Blue Team, and Purple Team, with slightly different duties. Let’s look that these categories.

Pentesters (red team)

This group is associated with pentesting and works in the offensive computing space. They are commonly third-party contractors who simulate an attack against a computer system to check for any exploitable vulnerabilities.

Blue hat hackers (blue team)

This group works in the defensive computing space and is commonly the internal employees in charge of various security systems, policies, and procedures. They establish the security measures for what needs to be protected and then monitor those measures, adjusting them based on their own tests and feedback from outside operations such as pentests and audits.

Purple team

There are times when the red team and blue team do not work well together. This can be caused by personalities and things such as ego and embarrassment. Other times, it can be caused by a disconnect between what the red team is testing and communicating to the blue team and how they might go about understanding and correcting the issues. Purple team members are there to bridge gaps in understanding and communication by having skills in both disciplines so they can ingest, distill, and translate information and details from one group to the other.

An example might be the results of a pentest showing that the dependence on legacy application frameworks opens an exploit vector that is easily taken advantage of with a simple buffer overflow to the authentication input screen. The blue team, not really knowing what to do with this information, turns to the purple team, who repositions the result to say something like “the outdated application has a buffer overflow vulnerability.” While it cannot be addressed directly with a patch to the system, it should be placed network-wise in a high-security group where, if the exploit is attempted, the attacker cannot gain anything further from it. This approach of understanding the problem, translating it, and offering potential solutions is what purple teams can do when working together or communications are not as effective as they could be.

There is one more group that does not really fit into any specific category, and that is gray hat hackers. Gray hat hackers are a peculiar mix of both black hat and white hat characteristics. They operate on their own, looking for network faults and hacks in networks, systems, and applications. They do so with the intention of demonstrating to owners and administrators that have networks, systems, and applications under their care and control that a defect exists in their security posture. Once they have validated that a vulnerability exists in a network or application, they may offer to help correct it, or in the case of an application, inform the company through responsible disclosure before publishing information publicly. In contrast, a black hat will exploit any vulnerability or tell others how to as long as they profit from it.

In many cases, gray hats are just curious and do provide beneficial information to companies about the security of their applications and services. However, many security professionals do not view their methods as ethical. The exploitation of a network is illegal, and they have not received permission from an organization to attempt to infiltrate their systems. Gray hats say they mean no harm with their hacking, and they are simply curious about high-profile systems operating without regard to privacy or laws. Regardless of the reasons, it is still illegal, and depending on what was done, it could land them in court or jail.

How do gray hat hackers operate? As stated earlier, gray hats work at the fringe of being black hats, but they look for opportunities to work their craft legally if they can. They look for companies that have bug bounty programs that encourage hackers to report their findings. In these cases, it is a win-win for the company as it gives an area for hackers to work in and helps to mitigate the risk of exploitation by a malicious actor. Once the hacker finds an exploit or vulnerability, they need to contact the organization and present their findings. The intent at this point is for the company to recognize the security flaw and begin the process of correcting it, and hopefully compensate the hacker for their time.

However, sometimes when organizations do not respond promptly or do not comply, the hacker may end up posting the vulnerability or exploitation method on the internet. This moral and ethical choice is what makes them gray hat hackers.

After exploring the different groups and their profiles, let’s look at the types of attacks that can be performed on networks and systems.

Left arrow icon Right arrow icon
Download code icon Download Code

Key benefits

  • Explore essential tools and techniques to ethically penetrate and safeguard digital environments
  • Set up a malware lab and learn how to detect malicious code running on the network
  • Understand different attacker types, their profiles, and mindset, to enhance your cyber defense plan
  • Purchase of the print or Kindle book includes a free PDF eBook

Description

If you’re an ethical hacker looking to boost your digital defenses and stay up to date with the evolving cybersecurity landscape, then this book is for you. Hands-On Ethical Hacking Tactics is a comprehensive guide that will take you from fundamental to advanced levels of ethical hacking, offering insights into both offensive and defensive techniques. Written by a seasoned professional with 20+ years of experience, this book covers attack tools, methodologies, and procedures, helping you enhance your skills in securing and defending networks. The book starts with foundational concepts such as footprinting, reconnaissance, scanning, enumeration, vulnerability assessment, and threat modeling. Next, you’ll progress to using specific tools and procedures for hacking Windows, Unix, web servers, applications, and databases. The book also gets you up to speed with malware analysis. Throughout the book, you’ll experience a smooth transition from theoretical concepts to hands-on techniques using various platforms. Finally, you’ll explore incident response, threat hunting, social engineering, IoT hacking, and cloud exploitation, which will help you address the complex aspects of ethical hacking. By the end of this book, you’ll have gained the skills you need to navigate the ever-changing world of cybersecurity.

Who is this book for?

Hands-On Ethical Hacking Tactics is for penetration testers, ethical hackers, and cybersecurity enthusiasts looking to explore attack tools, methodologies, and procedures relevant to today's cybersecurity landscape. This ethical hacking book is suitable for a broad audience with varying levels of expertise in cybersecurity, whether you're a student or a professional looking for job opportunities, or just someone curious about the field.

What you will learn

  • Understand the core concepts and principles of ethical hacking
  • Gain hands-on experience through dedicated labs
  • Explore how attackers leverage computer systems in the digital landscape
  • Discover essential defensive technologies to detect and mitigate cyber threats
  • Master the use of scanning and enumeration tools
  • Understand how to hunt and use search information to identify attacks

Product Details

Country selected
Publication date, Length, Edition, Language, ISBN-13
Publication date : May 17, 2024
Length: 464 pages
Edition : 1st
Language : English
ISBN-13 : 9781801818650
Category :

What do you get with eBook?

Product feature icon Instant access to your Digital eBook purchase
Product feature icon Download this book in EPUB and PDF formats
Product feature icon Access this title in our online reader with advanced features
Product feature icon DRM FREE - Read whenever, wherever and however you want
Product feature icon AI Assistant (beta) to help accelerate your learning
OR
Modal Close icon
Payment Processing...
tick Completed

Billing Address

Product Details

Publication date : May 17, 2024
Length: 464 pages
Edition : 1st
Language : English
ISBN-13 : 9781801818650
Category :

Packt Subscriptions

See our plans and pricing
Modal Close icon
€18.99 billed monthly
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Simple pricing, no contract
€189.99 billed annually
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts
€264.99 billed in 18 months
Feature tick icon Unlimited access to Packt's library of 7,000+ practical books and videos
Feature tick icon Constantly refreshed with 50+ new titles a month
Feature tick icon Exclusive Early access to books as they're written
Feature tick icon Solve problems while you work with advanced search and reference features
Feature tick icon Offline reading on the mobile app
Feature tick icon Choose a DRM-free eBook or Video every month to keep
Feature tick icon PLUS own as many other DRM-free eBooks or Videos as you like for just €5 each
Feature tick icon Exclusive print discounts

Frequently bought together


Stars icon
Total 117.97
The Ultimate Kali Linux Book
€41.99
Hands-On Ethical Hacking Tactics
€37.99
PowerShell for Penetration Testing
€37.99
Total 117.97 Stars icon

Table of Contents

19 Chapters
Part 1:Information Gathering and Reconnaissance Chevron down icon Chevron up icon
Chapter 1: Ethical Hacking Concepts Chevron down icon Chevron up icon
Chapter 2: Ethical Hacking Footprinting and Reconnaissance Chevron down icon Chevron up icon
Chapter 3: Ethical Hacking Scanning and Enumeration Chevron down icon Chevron up icon
Chapter 4: Ethical Hacking Vulnerability Assessments and Threat Modeling Chevron down icon Chevron up icon
Part 2:Hacking Tools and Techniques Chevron down icon Chevron up icon
Chapter 5: Hacking the Windows Operating System Chevron down icon Chevron up icon
Chapter 6: Hacking the Linux Operating System Chevron down icon Chevron up icon
Chapter 7: Ethical Hacking of Web Servers Chevron down icon Chevron up icon
Chapter 8: Hacking Databases Chevron down icon Chevron up icon
Chapter 9: Ethical Hacking Protocol Review Chevron down icon Chevron up icon
Chapter 10: Ethical Hacking for Malware Analysis Chevron down icon Chevron up icon
Part 3:Defense, Social Engineering, IoT, and Cloud Chevron down icon Chevron up icon
Chapter 11: Incident Response and Threat Hunting Chevron down icon Chevron up icon
Chapter 12: Social Engineering Chevron down icon Chevron up icon
Chapter 13: Ethical Hacking of the Internet of Things Chevron down icon Chevron up icon
Chapter 14: Ethical Hacking in the Cloud Chevron down icon Chevron up icon
Index Chevron down icon Chevron up icon
Other Books You May Enjoy Chevron down icon Chevron up icon

Customer reviews

Rating distribution
Full star icon Full star icon Full star icon Full star icon Full star icon 5
(5 Ratings)
5 star 100%
4 star 0%
3 star 0%
2 star 0%
1 star 0%
Savvy Shopper Aug 13, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book offers a well-rounded overview of cybersecurity principles with hacking and defending of some of the hacks. One of the standout features is the inclusion of live links to example code files, along with access to an extensive library of books and videos from Packt, which adds significant value to the learning experience. The quizzes provided throughout are reasonable, allowing folks to test their understanding of the material as they progress. However, while the reconnaissance section is informative, it could benefit from incorporating more modern techniques, such as using data brokers to gather information.The book provides a broad yet shallow dive into various sub-topics, making it accessible but sometimes lacking in depth. The illustrations are straightforward, though some feel slightly outdated. While the vulnerability scanning tools discussed are useful, the book would benefit from updating these tools, particularly those that are not open-source or free. The section on incident response raises a valid point about the use of out-of-band communications, though the suggestion to use Signal may be legally questionable in cases where litigation is likely. Additionally, the threat-hunting diagram could be improved by including a lifecycle component for situations where no threat is detected, suggesting a report on the frequency of alerts before converting them into an active alert.The discussion on social engineering defenses misses the crucial point that social media activity can make individuals more susceptible to attacks, although this might fall under the umbrella of awareness training. The content on AI’s role in social engineering feels lacking, particularly in the absence of exercises or tools. Moreover, more coverage of cloud security tools would have been beneficial. Overall, the book is reminiscent of the Certified Ethical Hacker (CEH) curriculum but more focused and concise, providing enough information to give folks a solid understanding without overwhelming them.I would recommend this book for those whom from an understanding are between security + and CEH. If you already have many years of cyber security experience taking CEH, SANS Classes, etc this will be known content.
Amazon Verified review Amazon
Brandon Lachterman May 28, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
So I absolutely recommend this to be added to your day to day library. Lets be real, there are so many general Ethical Hacking books out there, but this one finally isnt just for beginning tactics, it goes into detail where its needed to help the hungry ethical hacker progress their skills. Nice Job!
Amazon Verified review Amazon
Tomica Kaniski Jul 09, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
Really liked the hands-on, and to-the-point approach of this book! If (ethical) hacking is something you wanna learn about, or become better at, maybe you should take a look at this book. It explores everything that should be important for (ethical) hacking, does it well, and does it also hands-on. I'll keep this book near me, for sure. The best part - other than hacking, there is a considerable amount of the book related to defending yourself - so, maybe you will not start hacking, but maybe someone will hack you - learn how to protect yourself from this book. Did I mention labs?! I really liked doing the labs, and in practice testing what I learned.
Amazon Verified review Amazon
Glen Aug 10, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
After getting my hands on a printed copy and going through all the chapters, I can definitely say its a good resource to have when starting your journey in ethical hacking. The books covers a lot of essential topics and practical exercises to assist both aspiring and seasoned professionals in the industry.
Amazon Verified review Amazon
Seth Keyser Aug 07, 2024
Full star icon Full star icon Full star icon Full star icon Full star icon 5
This book does a wonderful job of laying the foundation for the everyday cybersecurity professional. The author does a tremendous job of explaining the core concepts of Ethical Hacking. This book is a great resource for learning, applying, and understanding Ethical Hacking. You will enjoy this book from start to finish!
Amazon Verified review Amazon
Get free access to Packt library with over 7500+ books and video courses for 7 days!
Start Free Trial

FAQs

How do I buy and download an eBook? Chevron down icon Chevron up icon

Where there is an eBook version of a title available, you can buy it from the book details for that title. Add either the standalone eBook or the eBook and print book bundle to your shopping cart. Your eBook will show in your cart as a product on its own. After completing checkout and payment in the normal way, you will receive your receipt on the screen containing a link to a personalised PDF download file. This link will remain active for 30 days. You can download backup copies of the file by logging in to your account at any time.

If you already have Adobe reader installed, then clicking on the link will download and open the PDF file directly. If you don't, then save the PDF file on your machine and download the Reader to view it.

Please Note: Packt eBooks are non-returnable and non-refundable.

Packt eBook and Licensing When you buy an eBook from Packt Publishing, completing your purchase means you accept the terms of our licence agreement. Please read the full text of the agreement. In it we have tried to balance the need for the ebook to be usable for you the reader with our needs to protect the rights of us as Publishers and of our authors. In summary, the agreement says:

  • You may make copies of your eBook for your own use onto any machine
  • You may not pass copies of the eBook on to anyone else
How can I make a purchase on your website? Chevron down icon Chevron up icon

If you want to purchase a video course, eBook or Bundle (Print+eBook) please follow below steps:

  1. Register on our website using your email address and the password.
  2. Search for the title by name or ISBN using the search option.
  3. Select the title you want to purchase.
  4. Choose the format you wish to purchase the title in; if you order the Print Book, you get a free eBook copy of the same title. 
  5. Proceed with the checkout process (payment to be made using Credit Card, Debit Cart, or PayPal)
Where can I access support around an eBook? Chevron down icon Chevron up icon
  • If you experience a problem with using or installing Adobe Reader, the contact Adobe directly.
  • To view the errata for the book, see www.packtpub.com/support and view the pages for the title you have.
  • To view your account details or to download a new copy of the book go to www.packtpub.com/account
  • To contact us directly if a problem is not resolved, use www.packtpub.com/contact-us
What eBook formats do Packt support? Chevron down icon Chevron up icon

Our eBooks are currently available in a variety of formats such as PDF and ePubs. In the future, this may well change with trends and development in technology, but please note that our PDFs are not Adobe eBook Reader format, which has greater restrictions on security.

You will need to use Adobe Reader v9 or later in order to read Packt's PDF eBooks.

What are the benefits of eBooks? Chevron down icon Chevron up icon
  • You can get the information you need immediately
  • You can easily take them with you on a laptop
  • You can download them an unlimited number of times
  • You can print them out
  • They are copy-paste enabled
  • They are searchable
  • There is no password protection
  • They are lower price than print
  • They save resources and space
What is an eBook? Chevron down icon Chevron up icon

Packt eBooks are a complete electronic version of the print edition, available in PDF and ePub formats. Every piece of content down to the page numbering is the same. Because we save the costs of printing and shipping the book to you, we are able to offer eBooks at a lower cost than print editions.

When you have purchased an eBook, simply login to your account and click on the link in Your Download Area. We recommend you saving the file to your hard drive before opening it.

For optimal viewing of our eBooks, we recommend you download and install the free Adobe Reader version 9.