Coding for Penetration Testers: Building Better Tools
by Jason Andress (Goodreads Author), Ryan Linn
4.0 of 5 stars
4.00 · rating details · 16 ratings · 0 reviews 23
Tools used for penetration testing are often purchased or downloaded from the Internet. Each tool is based on a programming language such as Perl, Python, or Ruby. If a penetration tester wants to extend, augment, or change the functionality of a tool to perform a test differently than the default configuration, the tester must know the basics of coding for the related programming language. Coding for Penetration Testers provides the reader with an understanding of the scripting languages that are commonly used when developing tools for penetration testing. It also guides the reader through specific examples of custom tool development and the situations where such tools might be used. While developing a better understanding of each language, the reader is guided through real-world scenarios and tool development that can be incorporated into a tester's toolkit.
Discusses the use of various scripting languages in penetration testing Presents step-by-step instructions on how to build customized penetration testing tools using Perl, Ruby, Python, and other languages Provides a primer on scripting including, but not limited to, Web scripting, scanner scripting, and exploitation scripting
Jason Andress is a seasoned security professional with a depth of experience in both the academic and business worlds. In his present position, he carries out global information security oversight duties, performing penetration testing, risk assessment and compliance functions to ensure that the company's assets are protected.
Dr. Andress has taught undergraduate and graduate security courses since 2005 and holds a Doctorate in Computer Science, researching in the area of data protection. He has authored several publications on topics including data security, network security, penetration testing, and digital forensics and several books, including: Coding for Penetration Testers: Building better Tools (2011), Cyber Warfare: Techniques, Tactics and Tools for Security Practitioners (2011), The Basics of Information Security: Understanding the Fundamentals of InfoSec in Theory and Practice (2011) and Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques (2010).