Professional Penetration Testing

Creating and Learning in a Hacking Lab


  • Thomas Wilhelm, ISSMP, CISSP, SCSECA, and SCNA, Associate Professor at Colorado Technical University

Professional Penetration Testing walks you through the entire process of setting up and running a pen test lab. Penetration testing-the act of testing a computer network to find security vulnerabilities before they are maliciously exploited-is a crucial component of information security in any organization. With this book, you will find out how to turn hacking skills into a professional career. Chapters cover planning, metrics, and methodologies; the details of running a pen test, including identifying and verifying vulnerabilities; and archiving, reporting and management practices.

Author Thomas Wilhelm has delivered penetration testing training to countless security professionals, and now through the pages of this book you can benefit from his years of experience as a professional penetration tester and educator. After reading this book, you will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios.

All disc-based content for this title is now available on the Web.

View full description


Penetration testers, IT security consultants and practitioners


Book information

  • Published: July 2013
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-993-4


"Wilhelmā€¦divides his book into three rough sections. The first covers setting up a penetration test lab or ā€˜pentest labā€™ā€¦The next section is on internal pentestingā€¦The final section covers personal skills such as presentation of results to clients and career opportunities as a professional hackerā€¦There are large numbers of b&w figures showing network diagrams and screenshots of the relevant programs."--Reference & Research Book News, December 2013
"I was impressed with the overall flow of information that was presented to the reader, as well as the interweaving of technical and soft skills that are required to successfully establish oneself as a penetration testerā€¦it is a solid resource for those new to the field and for those that may be looking to expand their skill set and understanding."--Journal of Digital Forensics, Security and Law, Volume 8(3), 2013
"Wilhelm has created the ultimate handbook for becoming a pen tester. This is going to help launch many a career."--Richard Stiennon, Chief Research Analyst, IT-Harvest
"Professional Penetration Testing covers everything from ethical concerns, to advance concepts, to setting up your own custom laboratory. It is the most comprehensive and authoritative guide at penetration testing that I have seen. Tom Wilhelm is a true expert in the field who not only is in the trenches on a daily basis, but also takes the time to instruct others on the ways and means of pen testing."--Frank Thornton, Owner, Blackthorn Systems

Table of Contents

PART I - Setting Up
Chapter 1: Introduction
Chapter 2: Ethics and Hacking
Chapter 3: Hacking as a Career
Chapter 4: Setting up Your Lab
Chapter 5: Creating and Using PenTest Targets in Your Lab
Chapter 6: Methodologies
Chapter 7: PenTest Metrics
Chapter 8: Management of a PenTest

PART II - Running a PenTest
Chapter 9: Information Gathering
Chapter 10: Vulnerability Identification
Chapter 11: Vulnerability Verification
Chapter 12: Compromising a System and Privilege Escalation
Chapter 13: Maintaining Access
Chapter 14: Covering Your Tracks

PART III - Wrapping Everything Up
Chapter 15: Reporting Results
Chapter 16: Archiving Data
Chapter 17: Cleaning Up Your Lab
Chapter 18: Planning for Your Next PenTest

Appendix A - Acronyms
Appendix B - Definitions