Gray Hat Haking The Ethical Hacker's Handbook

Part One of the book addresses the ethics and legal aspects of hacking. However, after this introduction, the book quickly delves into the mechanics of its subject.

Part Two of the book deals with penetration testing and tools. Here, the authors intend to teach you how to use common hacking tools by providing concrete and reproducible examples. In Chapter 8, I felt a genuine rush of triumph when I got 'root' on a VM machine using Metasploit. This section concludes with a useful guide to managing a penetration test.

Part Three is concerned with exploits. Whether by design or accident, the progression of the book is almost that of rookie hacker. Whereas in the previous section you were, like a script-kiddie, getting easy gains using sophisticated tools, here you're flirting with Python, knee-deep in assembler, and wrestling with Linux shell code. This is the meatiest and most far-ranging part of the book. There's no escaping the fact that hacking at this level is a deeply technical exercise. And despite the best efforts of the authors you can find your head spinning. In the Windows Exploit chapter, you're introduced to Ollydbg, Ruby (the language of Metaspolit) and Immunity Debugger in short order. First installing them, then using them and then trying to keep track of what you're actually using them for!

With reference to this, there were a few instances where the instructions (which are generally very good) don't deliver exactly what is described. On page 368 when using 'owaspb' I wasn't able to log directly into the database with the user 'user' and had to do a little fiddling. Whether this was user error or a change in the distribution I don't know. When you're using so many tools that are in constant development I suppose this is to be expected.

Part Four deals with Vulnerability Analysis including passive analysis and reverse engineering, fuzzing and in depth exploration of exploiting the Windows Access Control Model. For me, from an operational security background, this was the toughest section. The authors must realise their readers' brows may be furrowing here as they include occasional chatty words of encouragement: 'See, that wasn't so hard'.
As you may have gathered, if you're looking for a high level overview of the subject, this isn't it.

This is a highly-detailed and wide-ranging guide to the nuts and bolts of the subject. Despite, the fact the book is written in a clear, accessible way reading it will require the full concentration of all but the most gifted IT professional. In summary, this is an excellent 'how-to' guide but you're going to have to clear quite a few evenings if you want to get the most out of it.