Penetration testing basics is a small book, about 110 pages, that intends to give readers a quick start with penetration testing, in seven chapters.
The first chapter explains what penetration testing is. It is certainly worth pointing out the ethical side and the requirement to have a “get out of jail free” letter. It briefly discusses the objectives, the limitations, and various testing types. Finally, the well-known methodology for penetration testing is explained, which serves as an introduction to the following chapters that zoom into the steps of the methodology.
“Digging for Information” (12 pages) covers intelligence gathering and includes Google hacking, using social networking, and Internet registries.
The second step, scanning (16 pages), starts by looking at the domain name system. The more classical network protocol scanning, operating system, and version scanning are next. Grabbing system and service banners concludes this chapter.
Vulnerability scanning (14 pages) is the next step of the methodology. “Exploitation” (24 pages) goes beyond vulnerabilities to really break into systems. It uses the obvious tool, metasploit and its auxiliary modules, but also the social engineer’s toolkit, a nice plus.
“Breaking Web Sites” (24 pages) addresses a very important subset, often executed by dedicated testers. It presents a selection of common web application attacks: cross-site scripting, SQL injection, command injection, Extensible Markup Language (XML) external entity attacks, clickjacking attacks, and cross-side request forgery. Additionally, testing strategies and tools are discussed.
The last chapter, “Reporting” (8 pages), starts with what often matters most: the executive summary. The need to report on the methodology is covert. The expected report elements follow: finding, recommendation, evidence, and references.
The book does not go deep into any subject, as expected for an introduction. Each chapter ends with a summary and exercises.
The assumption that the reader still needs an introduction to the underlying technologies is somewhat of a concern. Using powerful tools on systems with shallow knowledge of how they work is not a proper start for penetration testing. The book provides a good quick start for de-mystification: an experience of what penetration testing looks like and what is involved.