Wednesday, January 27, 2010

Review of Professional Penetration Testing Posted

Amazon.com just posted my three star review of Professional Penetration Testing by Thomas Wilhelm. From the review:

I had fairly high hopes for Professional Penetration Testing (PPT). The book looks very well organized, and it is published in the new Syngress style that is a big improvement over previous years. Unfortunately, PPT should be called "Professional Pen Testing Project Management." The vast majority of this book is about non-technical aspects of pen testing, with the remainder being the briefest overview of a few tools and techniques. You might find this book useful if you either 1) know nothing about the field or 2) are a pen testing project manager who wants to better understand how to manage projects. Those looking for technical content would clearly enjoy a book like Professional Pen Testing for Web Applications by Andres Andreu, even though that book is 3 years older and focused on Web apps.

This is my 300th Amazon.com book review. I wish I had planned the review schedule such that I reviewed a five star book for number 300.

I reported my 200th book review for Building an Internet Server With FreeBSD 6 in August 2006.

6 comments:

DK said...

I had purchased that book with expectations of catching up on some new techniques, and was somewhat disappointed. Its a well written book, but as you say the technical detail is very lacking.

Wish I'd seen your review beforehand.

higB said...

I've met a lot of professional pentesters who cant construct a proper email, get a status update out on time, or never read the SOW. Maybe this book is more needed than people know. ;)

MPayette said...

I am a beginner in pentesting and I have bought this book too.
I was looking for technical details (for operational use). I was very disapointed.

Is there any good technical books regarding network pentesting?

Anonymous said...

I've looked at you lists on amazon are there any updates to these list ? Some of the recommendations seem quite dated.

Richard Bejtlich said...

Yeah, I need to review those recommendations and update them.

Smith said...

Hey Richard Bejtlich,Thanks for sharing your views ,I am a beginner in pen-testing and I have bought this book too,but i am very much disappointed with it, for more information on Penetrating Testing check this link http://www.eccouncil.org/certification/licensed_penetration_tester.aspx