refabr1k

refabr1k

Georgia Weidman’s PenTest book (Part 1)

1 minute read

After diving into reddits and blog after blogs on tips for starting out in Penetration Testing, this book Penetration Testing: A Hands-On Introduction to Hacking had just too many honorable mentions to give me an Itch I have to scratch - Bought the kindle version to follow through it and the Itch had subsided.

Sharing a little bit after going through a few chapters into this book, its really suitable for beginners (that said by a beginner being able to follow through it easily and not feel like “huh what are you talking about?!” insert horrified face). Having some linux/unix and programming knowledge does helps. The author Georgia Weidman is this hacker girl who definitely knows what she is doing - I also learnt my first memory buffer overflow using gdb from her youtube videos when trying to break into one of my first vulnhub machines.

One side note: this book had been written few years back and some people online are saying that it may not be relevant anymore (eg. outdated) but I think there is still something good to get out of it. I did have some challenges setting the environment up as some tools/software were not able to downloaded with its given url in the book - these are required for setting up the environment (using Virtual Machines) for following through all the examples in the book front to back. However, you may follow the author Georgia Weidman’s tweet below for given instructions how to get the updated repo link (email her and she replied me! :D)

For those working through Penetration Testing: A Hands-On Introduction to Hacking having trouble getting the vulnerable apps, getting the torrent to work, finding ISOs etc. I have a repo with everything in it. Email me at georgia at shevirah . com and I’ll send it to you.

— Georgia Weidman (@georgiaweidman) September 4, 2018

If you are following this book and can’t wait to start on this book: see if theres anything you need here : https://github.com/refabr1k/GeorgiaWeidmanBook-Pentesting

Will share in details in following posts!

You may also enjoy

SANS Kringlecon 2022 - Jolly CI/CD

7 minute read

Merry Christmas! Someone told me about SANS holiday hack challenge (KringleCon 2022!) https://www.sans.org/mlp/holiday-hack-challenge/ and I’ve been having a...

HTB - Freelancer

3 minute read

This HTB challenge is great for learning SQL injection! While you could also do it easily with SQLmap, I prefered doing it with Manual approach. Though time ...