Reddit Reddit reviews Gray Hat Hacking the Ethical Hackers Handbook

We found 11 Reddit comments about Gray Hat Hacking the Ethical Hackers Handbook. Here are the top ones, ranked by their Reddit score.

Computers & Technology
Networking & Cloud Computing
Computer Network Security
Gray Hat Hacking the Ethical Hackers Handbook
Check price on Amazon

11 Reddit comments about Gray Hat Hacking the Ethical Hackers Handbook:

u/me_z · 15 pointsr/netsec

If you're a novice, as most people start out as, then I would recommend the following:

The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy

Hacking For Dummies

Grey Hat Hacking

Hacking Exposed - 5th Edition - May be outdated

Network Security Bible

So now people here may disagree on the books I've suggested, and that's fine, but it definitely depends on what you're trying to learn and/or accomplish. Google is a great place to start as well without spending a fortune on books.

Some great websites:

Dark Reading

I'm sure you can find plenty more.

And always ask questions, even if you think its a stupid question. Being on Reddit and having the luxury of anonymity, you can ask away without worrying about getting personally ridiculed.

As far as hackerspaces and defcon, they were just a suggestion. If you ever are able to get to a hackerspace though, I highly recommend it.

u/jradd · 5 pointsr/netsec

The first rule of "learning the basics of hacking" is that you don't ask or talk about "learning the basics of hacking". I learned this the hard way when I was about 12 years old on irc.

And there is really only one shade of hacking, and that is 'gray'. You may become a white hat, or a black hat depending on your motivation. But I personally do not look at anything in absolute contrast. The world is gray, hacking is gray, your mother is gray.

Speaking of 'gray', if I were you I would check out this book

I have not read it myself, only skimmed through it over coffee at barnes&noble. Looks like it covers a very broad spectrum of hacking and seems 'user friendly' enough. Also start reading 2600, and check out

u/nicklauscombs · 3 pointsr/netsec

best advice i can give is to start reading anything and everything you can get your hands on related to programming, operating systems, networking, security, etc......

a few books i'm reading/have read/on my list to read and all are excellent starting points:

BackTrack 4: Assuring Security by Penetration Testing (this book was just released and still relevant when using BackTrack5)

Metasploit: The Penetration Tester's Guide

Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques

Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition

plenty of links to keep you busy for awhile:
Open Penetration Testing Bookmarks Collection

u/Kadover · 3 pointsr/netsec

Ok - Here's a list of books I've read in the last few years

  • Gray Hat Hacking - The Ethical Hacker's Handbook - Really good intro to Software Sec / Reverse Enginering / Disclosure
  • Counter Hack Reloaded - A 'bible' of phased attacks - classic book.
  • Guide to Network Defense and Countermeasures - Technically designed as a 'prep' book for the SCNP, it's still a great read about IPS, IDS, NetSec Policies, Proxies, firewalls, packet filtering, etc
  • Hacking Wireless Exposed - Great intro read on 802.11 sec.
  • CWNA/CWSP Exam Guide - Assumes 0 knowledge about RF. More intense than Hacking Wireless Exposed, but also easier to learn from. I went into this book knowing very little about RF, left it feeling confident. Well written.
  • Snort 2.1 - Self explanatory, but a book about the IDS system Snort. Not perfect, but again, great starter book.
  • The Web Application Hacker's Handbook - The best for last. The holy grail of web hacking. Second edition SHOULD be coming very soon, depending on the drop date may be worth it to wait.

    As you can tell, I'm big on the technical books, and even exam prep books. This is just a selection, but I think it's a good starter pack to some different fields.
u/masturbathon · 3 pointsr/AskNetsec

Penetration testing is a really broad term. If you want the overview i would suggest picking up a book like Gray Hat Hacking.

Metasploit is a fun tool, but learning to use it without understanding the basics will not really lead to anywhere.

u/f0nd004u · 2 pointsr/techsupportgore

Maybe if you look at the Wikipedia page which cites a Red Hat 3 manual about computer security from 12 years ago. I will leave this book in evidence as a modern definition of Gray Hat hacking; it contains a full definition.

u/TheFakeITAdmin · 2 pointsr/sysadmin

Don't get me wrong- BackTrack, Kali, Pentoo, etc. are all amazing tools but to recommend this to someone coming from a helpdesk role might be a bit much to grasp.
Learning how to work with the distros and the wide range of tools is great but you have to learn about the theories behind analyzing protecting the infrastructure and software.

OP, you might start with some books (these have helped me a lot in my career in security)-

CompTIA Security+ Study Guide (not a bad book and the cert is easy, provides the basics of IT security)

The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice (an easy read)

Gray Hat Hacking The Ethical Hackers Handbook (is an intro to the security world and a lot of info, more in-depth)

IT Security is an awesome field and like most IT is has many separate areas within it to learn.
Check out the links below for more info on training (there are others available these are just ones I've used and SANS has a lot of additional resoures)-

SANS Institute

InfoSec Institute

u/ak_z · 2 pointsr/AskNetsec

> and pentesting isn't an entry level job

WRONG. I know lot of companies who posts pentest positions for fresh grads, because there is a big need for these people.

Do download a kali copy and play around with it. Read books I recommend Gray Hat Hacking The Ethical Hackers Handbook

forget CISSP and CCNA (and don't even mention Ethical Hacker Cert) .. go for OSCP!

u/OrderZero · 2 pointsr/netsec

I've read a lot of these but I'm glad to see not all of them :) Adding to my reading list for sure.


EDIT: forgive me if these are already listed but just in case...

Bug Hunter's Diary -
Gives real hands on real-life experience in a "diary" format and covers some great bugs

Gray Hat Hacking -
Despite a bad generic "ethical" title this book goes really in-depth on a lot of subjects (almost to the point of rambling actually) including fuzzing, client-side exploits (mostly browser-based), and much more.

Hacking Windows Exposed -
Another generic title but this book has small good parts scattered throughout, really written more for pentesters it has some very common red team methods but also has a few hidden gems hidden within the various subjects it tries to cover.

Also for anyone looking to get TAOSSA (The Art of Software Security Assessment) it's absolutely huge and WILL split down the middle while's sitting on my bookshelf right now in its ripped state but I've read it 4 times and still don't feel like all the material has sunken in, if you're going to buy any book at all it should be that one as it will provide countless hours/days/weeks/months of reading.

u/steveeq1 · 2 pointsr/netsec

For people who want to get into network security and have have a moderately good grasp on programming, I nominate Gray Hat Hacking . Each chapter in the book is basically devoted to a certain aspect of hacking (windows exploits, xss attacks, metasploit, etc). It's a good all around introduction to pretty much all the important aspects you need to know.

next, I recommend getting familiar with metasploit as it can save you a lot of time with a lot of different types of attacks. The guys from offensive security have a website , but there is also an ebook available if you want it.

It's important to understand security from both an offensive and defensive side of things.