The goal of this book is to help produce more highly skilled security professionals who are dedicated to protecting against malicious hacking activity. It has been proven over and over again that it is important to understand one’s enemies, including their tactics, skills, tools, and motivations. Corporations and nations have enemies that are very dedicated and talented. We must work together to understand the enemies’ processes and procedures to ensure that we can properly thwart their destructive and malicious behavior.
The authors of this book want to provide the readers with something we believe the industry needs: a holistic review of ethical hacking that is responsible and truly ethical in its intentions and material. This is why we are starting this book with a clear definition of what ethical hacking is and is not—something society is very confused about.
We have updated the material from the first and second editions and have attempted to deliver the most comprehensive and up-to-date assembly of techniques, procedures, and material. Nine new chapters are presented and the other chapters have been updated.
In Part I of this book we lay down the groundwork of the necessary ethics and expectations of a gray hat hacker. This section:
• Clears up the confusion about white, black, and gray hat definitions and
• Reviews the slippery ethical issues that should be understood before carrying
out any type of ethical hacking activities
• Reviews vulnerability discovery reporting challenges and the models that can
be used to deal with those challenges
• Surveys legal issues surrounding hacking and many other types of malicious
• Walks through proper vulnerability discovery processes and current models
that provide direction
In Part II, we introduce more advanced penetration methods and tools that no other
books cover today. Many existing books cover the same old tools and methods that have…