I’ve put off doing this review for too long. I was sent this book close to its release date, and made quick work of reading through it and making notes for the review. As you’ll see in this post, I don’t think much of it, and I wasn’t looking forward to making such a negative post about it. I would just let it slide, as I prefer to post reviews of books that I like and recommend at least to some extent, but Packt Publishing are heavily promoting this book and I’ve seen several people I know purchase or consider purchasing it. For that reason, I feel like it’s a good idea to warn the target audience of this blog away from it.
At a first glance, it’s easy to be skeptical of this book due to the fact that it had the misfortune of being a Backtrack 4 book published at almost the exact time Backtrack 5 came out. This doesn’t bother me so much. If it were written well, it could easily make up for any differences in the details between versions. Unfortunately, being dated is the least of this book’s problems.
The vast majority of the book is padded with a grocery list of what appears to be each and every tool in the Backtrack distribution. Comprehensive coverage is fine, though each tool is only given the very briefest of coverage, with almost no coverage or consideration to educating the reader on how the tools work or the background needed to effectively use them. New terms and concepts are thrown at the user relentlessly without introduction or explanation. This book falls into a useless “middle” state where a beginning user would be better served by a book that gives more depth of coverage for a handful of tools (see Web Application Hacker’s Handbook), while still failing to serve an advanced user that could find the same information quickly in a man page. The book falls well short of its goal of serving as a “single professional, practical, and expert guide to develop hardcore penetration testing skills from scratch”.
There are many instances of wasted space in the book as well. A straight copy-paste of /etc/services is the worst offender. The text doesn’t exactly live up to the promises of its table of contents either. A segment on “Writing exploit modules” simply takes the reader through the source code of an existing metasploit module, with only the barest of commentary that makes one wonder if the authors understand how it works, much less whether or not the reader will be able to write one (or even read one) in practice.
Aside from the “list of things” approach that takes up the majority of the book, there is a fair amount of text about the penetration testing process that, if executed properly, would make an excellent introduction to newcomers. Unfortunately, it’s written as though the authors intentionally wanted it to be impenetrable and difficult to understand. The following sentence is a representative example:
Since the exponential growth of an IT security industry, there are always an intensive number of diversities found in understanding and practicing the correct terminology for security assessment.
Some of it’s just plain wrong. A set of paragraphs equate “black hat” hacking with “black box” testing, and goes on the state the same about “white” and “grey”. It’s difficult to imagine that anyone in penetration testing believes that. The authors take the reader through overwrought descriptions of various testing “methodologies” (the OWASP top ten is not a methodology), and then throw them out in favor of an over-simplified “Backtrack Testing Methodology” that appears to be a simple depth-first traversal of the BT4 menu options.
While it may be tempting to buy this book as a quick reference or summary of all of the tools, I would not encourage it. I would strongly discourage anyone thinking to start out, or get up to speed in penetration testing from buying this book. It’ll just frustrate you. For more experienced readers, there are books that are far more worthy of your time and money.