Gray Hat Hacking the Ethical Hackers Handbook

I just got done reading this book and I was quite impressed. I've read many other books on the same subjects and this handbook delivers the material without all the fluff. It shows the most popular (some of the most effective) tools and how they are used. I really love Ch. 6 about the "Insider Attacks" as it shows from start to finish how an attacker could leverage themselves as a domain admin with relative ease. While there are books alone written for each chapter this handbook sums each chapter up in a clear concise way especially if you are already a bit familiar with the tools and techniques. I would say that this book isn't written for a novice or someone who hasn't already have great understand of basic networking (TCP/IP) or systems experience.There are excellent chapters about exploits, shellcodes and how to write and use them as well as some excellent examples of each. As with any book like this it is important to practice the techniques in a lab to have the info "stick". Overall, one of the more interesting books I've read that is not like the typical chapters you would see in a book related to becoming a "Certified Ethical Hacker".

I picked this up for class but it is one of the better books I have on the subject. Will be reading the chapters my class did not cover and probably revisiting stuff we did.

Excellent book for those wanting to get into information security. It starts off slow then quickly jumps into the highly technical aspects of hacking. The only downside of this book is that it is difficult to read at times and certain chapters must be re-read a few times to fully understand what the author is trying to convey.

This is a good book on hacking that covers most all aspects, including social engineering. This particular edition may be dated by now.

This book was perfect for my class. I was able to find what I needed to help me through it.

Let me start by saying that my background is in enterprise configuration, system configuration and trouble-shooting, and information security policy. With that said I would heartily recommend that anyone working in the IT field would benefit from the lessons and skills which can be learned from this epitome of concise writing. Thank you for a wonderful read full of things which can never be learned to well!

This book is the best book of hacking. It provides an excepcional stuff for any beginner who wants to learn about security from attacker's point of view.It's complete, updated, show a lot of examples and clear explanations. Much better than Hacking Exposing series. It's interesting read it with an Windows and Linux near. All chapter are so organized and explain the best of hacking stuff for anyone who like so much of security.After this book, the reader can try another titles like  Metasploit: The Penetration Tester's Guide .Conclusion: I recommend this book. Certainly, you will enjoy it.

I had this as a supporting text along with "legend" (William Stallings) "Internetworking with TCP/IP" text for a graduate course on Advanced Networks and Network Security.I agree with many of the reviews that several of the chapters needed some more significant editorial review just to deliver topics in a clear and concise manner. That said I also completely disagree with the "for white hats by white hats" characterization. The book offers reasonably good overviews of numerous topics plus realistic examples of how most penetration attempts unfold. It also offers an appropriate discussion without "rendering judgement" about the nuances and conflicting interests surrounding defect disclosures and/or remediation (patches).While versions constantly evolve, GHH would do well to include/add/expand on Linux "pen testing" distributions (BackTrack, Network Security Toolkit, security tools distribution, etc.), but not really spend much time on the mundane (installing, Live images, etc.) and more on which tools prove the most effective (The powers Metasploit can unleash should scare just about anyone!).I also find it somewhat surprising with the pervasiveness of malware that only two chapters of the book focus on malware. Likewise I find it amazing that the book has a "one-chapter 'chat' on programming" (so often poor code exposes/provides the exploitation vector), but doesn't even mention CWE (Common Weakness Enumeration), etc. except as a footnote/reference.As always the "Kindle edition" of a book leaves much to desire (especially the PC/Tablet "version" of the reader software). Someday someone at Amazon will look at an well-designed Adobe PDF and say, "Oh! I get it."SenseiC bows out.

Interesting book for those unfamiliar with the concepts relating to IT/Cyber security according to the ethical hacker perspective. Readers will find relevant and up-to-date information with practical implications.

Exactly what you would expect

Recommended text for level 3, this is worth having a few copies around college for the interested students.

I thought security audits were paper exercises until i read this book and it opened my eyes to a whole new world. This is a must have for security professionals. Very easy to read and great examples to follow.

Incredible book. Well worth getting!