Best software testing books according to Reddit

Reddit mentions of The Hacker Playbook 2: Practical Guide To Penetration Testing

Sentiment score: 15
Reddit mentions: 23

We found 23 Reddit mentions of The Hacker Playbook 2: Practical Guide To Penetration Testing. Here are the top ones.

The Hacker Playbook 2: Practical Guide To Penetration Testing #2
    Features:
  • ISBN13: 9781449381653
  • Condition: New
  • Notes: BRAND NEW FROM PUBLISHER! 100% Satisfaction Guarantee. Tracking provided on most orders. Buy with Confidence! Millions of books sold!
Specs:
Height10 Inches
Length7 Inches
Number of items1
Weight1.9 Pounds
Width0.81 Inches
#1 of 30

idea-bulb Interested in what Redditors like? Check out our Shuffle feature

Shuffle: random products popular on Reddit

Found 23 comments on The Hacker Playbook 2: Practical Guide To Penetration Testing:

u/iownahorseforreal · 29 pointsr/hacking

For a practical top-down approach to pentesting, this book was monumental for me learning the process of pentesting. I have mentioned the OSCP, and while that is an advanced course, it has benefited me greatly to excel at what I do. It's difficult to give you a starting point now, since when I started the security field was very different. I would say here and netsec are solid communities to get help on something specific, but you definitely want to have working knowledge before asking about it.

u/misconfig_exe · 24 pointsr/netsecstudents

Also I highly recommend THP2 (pentesting focused) (you can skip THP, its contents are all included and better organized in THP2) and THP3 (red teaming focused). Peter also hosts awesome trainings which I've leveraged into internships and jobs. more info at https://securepla.net/training

u/telnetrestart · 19 pointsr/blackhat

I'm taking it right now. The books I read through or started before the OSCP in no particular order:

u/_Skeith · 16 pointsr/AskNetsec

Hey man! I work as Security Analyst - about a year away from graduating with my Bachelors.

I suggest you pick up the CompTIA Security+ Certification, as well as start learning the basics of Networks and how they function. Learn ports and protocols, as well as how IDS/IPS/Firewalls function. This will get you an entry level role as a Jr Analyst. I suggest you use [http://www.professormesser.com/security-plus/sy0-401/sy0-401-course-index/](Professor Messers Security+ Videos) This will teach you the basics of security work, networking concepts, threats, etc.

At the same time start listening to podcasts like Paul's Security Weekly, Down the Security Rabbit Hole, etc. As well as start reading blogs on hacking to get a feel for whats done.

Get a home lab and learn a few tools like Wireshark and Nmap for basic Security Analyst work - to learn how packets work, how they are structured, and how to scan pc's for ports and services. At the same time, focus on learning about threats and vulnerabilities (which are covered in security+).

If you want to get into PenTesting then you need a wide range of knowledge. Pick up and learn a few languages (master the basics and understand what the code does and how to read/interpret it). You need to know: PHP, HTML, SQL, Python (or Ruby), and a basic language like C, or Java.

If you want to dig deeper into PenTesting then start reading: https://www.offensive-security.com/metasploit-unleashed/

Good way to get into the Kali Distro and learn how to run Metasploit against vulnerable VM's.

Take a look at https://www.vulnhub.com/resources/ for books, and vulnerable VM's to practice on.

https://www.cybrary.it/ is also a good place with tons of videos on Ethical Hacking, Post Exploitation, Python for Security, Metasploit, etc.

Pick up some books such as

The Hacker Playbook 2: Practical Guide To Penetration Testing

Hacking: The Art of Exploitation

Black Hat Python: Python Programming for Hackers and Pentesters

Rtfm: Red Team Field Manual

The Hackers Playbook and The Art of Exploitation are great resources to get you started and take you step by step on pen testing that will allow you to alter explore the endless possibilities.

Also a good list of resources that you can learn more about security:

Getting Started in Information Security

Pentester Labs

Awesome InfoSec

Awesome Pentest

Overall experience and certification are what will get you into the door faster. Most employers will look for experience, but if they see you have motivation to learn and the drive to do so, then they might take you. Certifications also are big in the infosec field, as they get you past HR. And having a home lab and doing side projects in security also reflects well.

u/iownahorsefurreal · 15 pointsr/hacking

Hacker playbook 2 is always my recommendation for reference and a good guide to PTES.

u/BasedBarry · 6 pointsr/AirForce

Alright man I was sort of in the same boat.

You don't have to rely on your Airforce job to be your only source of NetSec training. https://hireourheroes.org/veterans-training/

If NetSec is your passion you should start reading up on Blue team / Red Team type procedures. Get familiar with Firewalls and Cisco equipment. Work on getting maybe a CCNA Sec, work your way to a CISSP. Learn networking itself inside and out, to form a base for the security concepts. Practice Network Forensics, learn about write-blockers, legal procedures to work NetSec, that kinda stuff. If you find the time, learn Python.
https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1512214566/ref=sr_1_sc_1?ie=UTF8&qid=1474252248&sr=8-1-spell&keywords=the+hacker+paybook+2

If you have Linux experience, a well recognized PenTest OS is Kali Linux. You can use it to practice on a home network, or build your own virtual environment.

I'm finishing my Bachelors in Cyber Security here in May and testing for my CISSP, if you want any more info on programs/certs stuff like that feel free to shoot a PM.

u/recrudesce · 5 pointsr/HowToHack

Came here to say the same thing; you don't NEED Kali to pentest, it's really mostly used because it has a lot of tools already included. You can test from a Windows box if you really wanted to.

Kali won't magically make you a pentester, nor will it teach you how to be one as it's just a bundle of tools - there's no tutorials included with those tools. Read Hackers Playbook 2 and Penetration Testing: A Hands-On Introduction to Hacking and do some vulnerable VM's from places like Vulnhub

u/qasimchadhar · 3 pointsr/AskNetsec

Offensive Security's OSCP should be your goal if you wanna get into pentesting. Start with reading CEH material and The Hacker Playbook http://www.amazon.com/The-Hacker-Playbook-Practical-Penetration/dp/1512214566.

u/cloneruler · 3 pointsr/HowToHack

Network+,Security+,Linux+ = Good.

Udemy i'm not exactly sure about, I have no idea how good it is, however Cybrary does have penetration testing courses on there for free and they're decent.

Grey & Black hat python - Great books. I'm currently looking at black hat python, and it's awesome.

Some other books i'd recommend: Hacking: The Art of Exploitation The hacker playbook 2


While i'm not a professional pentester(YET :P) i've learned alot from the books I listed above as well as the cybrary videos. If you really have the money, I recommend the Penetration Testing With Kali Linux Course From Offensive Security It's fairly expensive, but I've heard it's worth it.

u/cquick97 · 3 pointsr/AskNetsec

Depends on what you want to learn.

Web Application Security?

Exploit Development?

"Pentesting" techniques?

Also check here for tons other of resources.

As for certs, if you are a beginner beginner, then probably stuff like Security+ and Network+. Unlike the guy behind me, I will never get, nor do I really recommend CISSP, unless you are going for strictly blue team (defense) work. I personally enjoy red team (pentesting, etc), so something like OSCP would be more useful.

Like I said in a post above, feel free to PM me with questions. I'm always happy to help others on their quest to learn more about the wide world of infosec :)

u/Sjoerder · 2 pointsr/netsec

A pretty recent general purpose hacking book is The Hacker Playbook 2, from June 2015.

u/Inji · 2 pointsr/Kalilinux

I've been working with the Hacker Playbook Ver 2. It's pretty good. Has helped me learn a lot.

u/roobixx · 2 pointsr/homelab

Sorry this has taken me so long to get too. Been busy.


First, understand that Kali is nothing mote than a collection of tools. Its those tools that you are actually wanting to learn.


KaliTutorials is one place you can start.


Also, there is an abundance of videos on YouTube and if you are serious about wanting to learn penetration testing/security makes sure you book mark Irongeek


Like I said earlier, by the time books are written, edited, and published, they can often be out of date.


If you do want to understand some of the basics, here are books you should look at:


Metasploit: The Penetration Tester's Guide


rtfm


btfm


Basic Security Testing with Kali Linux 2 I havent read this one but I have heard good things


The Hacker Playbook


[The Hacker Playbook 2] (https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1512214566/ref=pd_sim_14_4?_encoding=UTF8&pd_rd_i=1512214566&pd_rd_r=2HDYK8BDM5MR8PV03JG8&pd_rd_w=kiAl7&pd_rd_wg=fAjYi&psc=1&refRID=2HDYK8BDM5MR8PV03JG8)


Also a good list of resources can be found here: cybrary.it

u/GlennPegden · 1 pointr/securityCTF

Wow, the gold was an utterly unexpected and unnecessary move (you did something cool, for free, so YOU deserve the gold!), but Thank You anyway.

In return (now I've a little light OSSEC work on your Reddit account and twigged who you are ... probably) I'll make sure my next amazon order has a copy of this in it - https://www.amazon.co.uk/d/Books/Hacker-Playbook-Practical-Penetration-Testing/1512214566 . it's been on my list of possible purchases for a while.

u/maq0r · 1 pointr/vzla

Que mas quieres hacer? No saques mas nada Cisco si no estas pendiente de hacer networking y aun asi, Cisco no se esta usando tanto como otros (Palo Alto por ejemplo).

Si quieres hacer Incident Response y Pentest, lanzate estos libros

https://www.amazon.com/Blue-Team-Handbook-condensed-Responder/dp/1500734756/ref=sr_1_1?ie=UTF8&qid=1479171676&sr=8-1&keywords=blue+team+handbook

https://www.amazon.com/gp/product/1494295504/ref=pd_bxgy_14_img_2?ie=UTF8&psc=1&refRID=P8TB8XKCFAKNQBRS1EG5

https://www.amazon.com/gp/product/1512214566/ref=pd_bxgy_14_img_3?ie=UTF8&psc=1&refRID=P8TB8XKCFAKNQBRS1EG5

Tienes que definir un poco mas que quieres hacer. Que te atrae mas de cybser security?

u/zywrek · 1 pointr/Hacking_Tutorials

Kali is the way to go.

For resources I really recommend getting some proper litterature. The two books below are often recommended (i have them both) as a starting point. Preferably read in the order written.


  1. https://www.amazon.com/Basics-Hacking-Penetration-Testing-Syngress-ebook/dp/B005A3K4J4

  2. https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1512214566


u/yungbole · 1 pointr/hacking

What's Possible With Hacking?:

Things are more possible than you think; the more you know, the more you can do (hacking isn't just one thing to learn, it's a combination of different subjects).

Where can I learn about it?:

I recommend try to learn anything you can get your hands on, E-books, videos, etc. You should take the paid online courses later on, once you advance your knowledge.

!!TIP!!: Recommend reading some questions from him https://www.reddit.com/r/hacking/comments/4up17b/i_am_a_lead_penetration_tester_ama/

This book (recommended by a real pentester): https://www.amazon.com/Hacker-Playbook-Practical-Penetration-Testing/dp/1512214566

Video on Kali Linux: https://www.youtube.com/watch?v=7nF2BAfWUEg&list=WL&index=3
(i recommend Kali btw, install it on a virtual machine. )

I got all this just from the internet, the internet has all the information you need; just get it from the right places.

(I know basically squat, i am also starting off as of today) good luck!

u/dougsec · 1 pointr/computerforensics

Since this is the subreddit for DFIR, that's what you're going to end up with as far as suggestions go. For pentesting stuff, checkout:

-Web Application Hacker's Handbook: https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470 (this has some labs, but just reading through the various weaknesses in WebApps will be a great start)

-The Hacker Playbook: https://www.amazon.com/dp/1512214566/ref=pd_lpo_sbs_dp_ss_1?pf_rd_p=1944687742&pf_rd_s=lpo-top-stripe-1&pf_rd_t=201&pf_rd_i=1118026470&pf_rd_m=ATVPDKIKX0DER&pf_rd_r=1NSA1RZZ3WQTP374S9WK

Red Team Field Manual: https://www.amazon.com/Rtfm-Red-Team-Field-Manual/dp/1494295504/ref=pd_bxgy_14_img_2?ie=UTF8&psc=1&refRID=S7FG8F9TCMZMM9HVX2TN

Those two are good general pentesting books. You might also try /r/AskNetsec for other suggestions.