Mastering Kali Linux for Advanced Penetration Testing: Become a cybersecurity ethical hacking expert using Metasploit, Nmap, Wireshark, and Burp Suite, 4th Edition

As a professional Web Application Penetration tester with over 20 years in the security field. I would highly recommend this book. The book itself is tailored towards intermediate to advanced users. I personally have been using Linux as my daily driver since 1996 and can spot poop immediately. That is not the case here. This book is extremely well done and covers a vast majority of main points in a daily use case scenario.One major highlight that I noticed immediately ( this really stood out ) was the coverage of virtualization which is how the modern security field operates. Penetration tests are done virtualized in some capacity and highly recommended so the host environment is not contaminated or compromised itself. The image can be compressed and used in forensics if required. I personally use Docker, Vagrant and Qemu daily. I have not seen this in other penetration testing related releases. It not only covers one but covers a multitude of different virtual platforms to get you up and running quickly with a fair understanding of the baseline technology. There are books just for virtualization. I surely wouldn't expect that here.As far as daily usage is concerned. You definitely could use this book as a quick reference guide as I do with most my books. You could hands on use this book in that capacity. Which in my opinion makes the book worthy of having on the shelf and having a copy on your machine for quick reference ( copy / paste ). It is heavily imaged which certainly is great. Visualization can definitely help when learning or comparing expected results. Sometimes seeing it makes all the difference.I was impressed enough I recommended it to the pen-test team at work. It's a keeper. In my opinion I believe the author did a fantastic job. Kudos to him and Packt for releasing this.

This is an Excellent Resource. I am a Cybersecurity Instructor and am Net+, Sec+ and Pentest+ Certified, and have to say it is a great read. If you are new to Cyber, it has a ton of information, but more for Intermediate and advanced users, it covers newer tools and techniques in great detail.It shows how to set up a virtual cyber lab, working with Docker, cloud security, good up to date material that is relevant to all students.The Book starts off with an overview, brief introduction of some basic concepts like discussing the various categories of threat actors, an overview of pentesting, OSINT, SE, etc., which is important to cover but then gets into some great topics for the more advanced. Customizing NSE Scripts, (personal favorite), RFID hacking, Raspberry Pi, Chameleon, and other advanced topics I have not seen in other material.It is a great book whether you are new to pentesting or looking to update your skill set with some of the newer TTP’s out there. Highly recommended.

Having been in the IT and Cyner industry for 21 years now, I have done a lot. With doing a lot means that sometimes you forget the basics or get stuck in a loop of comfort. I bring this up because from front to back, this was a solid and easy to follow read and refresher in most cases. I mean, look at the Author, that should alone tell you the quality.I have already this week adopted some of the new things or forgotten techniques within my Firmware testing. The Google Dorking and Web Scraping were what I enjoyed the most. Having a quick reference on hand with ear marks is sometimes quicker than a google search.The only con I seen, was that Threat Modeling was nowhere in depth as the other topics. I say this as a Purple Team enthusiast though.Packt, keep lining these amazing author practicioners up!

This book is absolute garbage. First and foremost, there is ZERO mention of any recommended system requirements, which is absolutely necessary considering the incredibly large lab environments the author has you set up in Chapter 1.... If you set up Kali in a VM as instructed by the author (I don't, I'm running a dual boot system), you will have FIVE VM's running! One for Kali, one for a Microsoft Server 2016 Active Directory, one for a Microsoft Exchange Server, one for a Metasploitable Windows 2008 environment, and one for a Metasploitable Ubuntu 14.04 environment. Just the first AD server is over 30GB, and if you aren't running at least 16GB of RAM, your setup might just not be able to handle it.My frustration hit its limit when trying to get the Exchange Server running. No guidance was given on recommended settings for the VM, and I had to expand its hard disk storage twice (I started at 20GB). For a virtual box I'm going to hack, this is an insane amount of space... And as I mentioned before, there are 4 VM's you need to set up to pen test (excluding the Kali VM if that's how you're running it). In addition to this, prerequisites needing to be installed were missing from the setup steps, some steps were completely missing, and in one instance, a prereq was WRONG!On the Exchange Server setup, before promoting the box to an actual exchange server, the author has you install .NET Framework 4.5 (among other prereqs). When I went to install the exchange server ISO after the prereqs, I was given an error saying that .NET Framework 4.7.1 was required, along with a number of security updates, before I could continue with the installation. I ran into another instance of this during the installation of the Mailbox role as well.All of this leaves me wondering if the exploits in this book will even work anymore. Most exploits are very specific to the versions of software and firmware installed. Since I was forced to install patches on the lab environments that are clearly not mentioned in the book itself, I have no idea if the exploits will still be valid. Given the absolute headache I had just setting up the lab environments, I have serious doubts that the theory and procedures for carrying out these exploits will be complete as well (even if they are still valid).After doing some research on Packt Publishing itself, I have found out that this is pretty much par for the company. Learning is supposed to be challenging and invigorating for your mind. It isn't supposed to leave you frustrated and dreading what's on the next page. I will be seeking a refund, and will never again purchase a product from Packt Publishing.