{"product_id":"the-pentester-blueprint-isbn-9781119684305","title":"The Pentester BluePrint","description":"\u003cp\u003e\u003cb\u003eJUMPSTART YOUR NEW AND EXCITING CAREER AS A PENETRATION TESTER\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003e\u003ci\u003eThe Pentester BluePrint: Your Guide to Being a Pentester\u003c\/i\u003e offers readers a chance to delve deeply into the world of the ethical, or \"white-hat\" hacker. Accomplished pentester and author Phillip L. Wylie and cybersecurity researcher Kim Crawley walk you through the basic and advanced topics necessary to understand how to make a career out of finding vulnerabilities in systems, networks, and applications.\u003c\/p\u003e \u003cp\u003eYou'll learn about the role of a penetration tester, what a pentest involves, and the prerequisite knowledge you'll need to start the educational journey of becoming a pentester. Discover how to develop a plan by assessing your current skillset and finding a starting place to begin growing your knowledge and skills. Finally, find out how to become employed as a pentester by using social media, networking strategies, and community involvement.\u003c\/p\u003e \u003cp\u003ePerfect for IT workers and entry-level information security professionals, \u003ci\u003eThe Pentester BluePrint\u003c\/i\u003e also belongs on the bookshelves of anyone seeking to transition to the exciting and in-demand field of penetration testing.\u003c\/p\u003e \u003cp\u003eWritten in a highly approachable and accessible style, \u003ci\u003eThe Pentester BluePrint\u003c\/i\u003e avoids unnecessarily technical lingo in favor of concrete advice and practical strategies to help you get your start in pentesting. This book will teach you:\u003c\/p\u003e \u003cul style=\"line-height: 25px; margin-left: 15px; margin-top: 0px; font-family: Arial; font-size: 13.3333px; background-color: #f7f3e7;\"\u003e \u003cli\u003eThe foundations of pentesting, including basic IT skills like operating systems, networking, and security systems\u003c\/li\u003e \u003cli\u003eThe development of hacking skills and a hacker mindset\u003c\/li\u003e \u003cli\u003eWhere to find educational options, including college and university classes, security training providers, volunteer work, and self-study\u003c\/li\u003e \u003cli\u003eWhich certifications and degrees are most useful for gaining employment as a pentester\u003c\/li\u003e \u003cli\u003eHow to get experience in the pentesting field, including labs, CTFs, and bug bounties\u003c\/li\u003e \u003c\/ul\u003e \u003cp\u003eForeword xvi\u003c\/p\u003e \u003cp\u003eIntroduction xviii\u003c\/p\u003e \u003cp\u003e\u003cb\u003e1 \u003c\/b\u003e\u003cb\u003eWhat is a Pentester? 1\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSynonymous Terms and Types of Hackers 2\u003c\/p\u003e \u003cp\u003ePentests Described 3\u003c\/p\u003e \u003cp\u003eBenefits and Reasons 3\u003c\/p\u003e \u003cp\u003eLegality and Permission 5\u003c\/p\u003e \u003cp\u003ePentest Methodology 5\u003c\/p\u003e \u003cp\u003ePre-engagement Interactions 7\u003c\/p\u003e \u003cp\u003eIntelligence Gathering 7\u003c\/p\u003e \u003cp\u003eThreat Modeling 7\u003c\/p\u003e \u003cp\u003eVulnerability Analysis 7\u003c\/p\u003e \u003cp\u003eExploitation 8\u003c\/p\u003e \u003cp\u003ePost Exploitation 8\u003c\/p\u003e \u003cp\u003eReporting 8\u003c\/p\u003e \u003cp\u003ePentest Types 9\u003c\/p\u003e \u003cp\u003eVulnerability Scanning 10\u003c\/p\u003e \u003cp\u003eVulnerability Assessments 10\u003c\/p\u003e \u003cp\u003ePentest Targets and Specializations 11\u003c\/p\u003e \u003cp\u003eGeneralist Pentesting 11\u003c\/p\u003e \u003cp\u003eApplication Pentesting 11\u003c\/p\u003e \u003cp\u003eInternet of Things (IoT) 12\u003c\/p\u003e \u003cp\u003eIndustrial Control Systems (ICS) 12\u003c\/p\u003e \u003cp\u003eHardware and Medical Devices 13\u003c\/p\u003e \u003cp\u003eSocial Engineering 13\u003c\/p\u003e \u003cp\u003ePhysical Pentesting 13\u003c\/p\u003e \u003cp\u003eTransportation Pentesting 14\u003c\/p\u003e \u003cp\u003eRed Team Pentesting 14\u003c\/p\u003e \u003cp\u003eCareer Outlook 14\u003c\/p\u003e \u003cp\u003eSummary 16\u003c\/p\u003e \u003cp\u003e\u003cb\u003e2 \u003c\/b\u003e\u003cb\u003ePrerequisite Skills 17\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSkills Required for Learning Pentesting 18\u003c\/p\u003e \u003cp\u003eOperating Systems 18\u003c\/p\u003e \u003cp\u003eNetworking 19\u003c\/p\u003e \u003cp\u003eInformation Security 19\u003c\/p\u003e \u003cp\u003ePrerequisites Learning 19\u003c\/p\u003e \u003cp\u003eInformation Security Basics 20\u003c\/p\u003e \u003cp\u003eWhat is Information Security? 21\u003c\/p\u003e \u003cp\u003eThe CIA Triad 22\u003c\/p\u003e \u003cp\u003eSecurity Controls 24\u003c\/p\u003e \u003cp\u003eAccess Control 26\u003c\/p\u003e \u003cp\u003eIncident Response 28\u003c\/p\u003e \u003cp\u003eMalware 30\u003c\/p\u003e \u003cp\u003eAdvanced Persistent Threats 34\u003c\/p\u003e \u003cp\u003eThe Cyber Kill Chain 35\u003c\/p\u003e \u003cp\u003eCommon Vulnerabilities and Exposures 36\u003c\/p\u003e \u003cp\u003ePhishing and Other Social Engineering 37\u003c\/p\u003e \u003cp\u003eAirgapped Machines 38\u003c\/p\u003e \u003cp\u003eThe Dark Web 39\u003c\/p\u003e \u003cp\u003eSummary 40\u003c\/p\u003e \u003cp\u003e\u003cb\u003e3 \u003c\/b\u003e\u003cb\u003eEducation of a Hacker 43\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eHacking Skills 43\u003c\/p\u003e \u003cp\u003eHacker Mindset 44\u003c\/p\u003e \u003cp\u003eThe Pentester Blueprint Formula 45\u003c\/p\u003e \u003cp\u003eEthical Hacking Areas 45\u003c\/p\u003e \u003cp\u003eOperating Systems and Applications 46\u003c\/p\u003e \u003cp\u003eNetworks 46\u003c\/p\u003e \u003cp\u003eSocial Engineering 47\u003c\/p\u003e \u003cp\u003ePhysical Security 48\u003c\/p\u003e \u003cp\u003eTypes of Pentesting 48\u003c\/p\u003e \u003cp\u003eBlack Box Testing 49\u003c\/p\u003e \u003cp\u003eWhite Box Testing 49\u003c\/p\u003e \u003cp\u003eGray Box Testing 50\u003c\/p\u003e \u003cp\u003eA Brief History of Pentesting 50\u003c\/p\u003e \u003cp\u003eThe Early Days of Pentesting 51\u003c\/p\u003e \u003cp\u003eImproving the Security of Your Site by Breaking into It 51\u003c\/p\u003e \u003cp\u003ePentesting Today 52\u003c\/p\u003e \u003cp\u003eSummary 53\u003c\/p\u003e \u003cp\u003e\u003cb\u003e4 \u003c\/b\u003e\u003cb\u003eEducation Resources 55\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003ePentesting Courses 55\u003c\/p\u003e \u003cp\u003ePentesting Books 56\u003c\/p\u003e \u003cp\u003ePentesting Labs 60\u003c\/p\u003e \u003cp\u003eWeb Resources 60\u003c\/p\u003e \u003cp\u003eSummary 64\u003c\/p\u003e \u003cp\u003e\u003cb\u003e5 \u003c\/b\u003e\u003cb\u003eBuilding a Pentesting Lab 65\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003ePentesting Lab Options 65\u003c\/p\u003e \u003cp\u003eMinimalist Lab 66\u003c\/p\u003e \u003cp\u003eDedicated Lab 66\u003c\/p\u003e \u003cp\u003eAdvanced Lab 67\u003c\/p\u003e \u003cp\u003eHacking Systems 67\u003c\/p\u003e \u003cp\u003ePopular Pentesting Tools 68\u003c\/p\u003e \u003cp\u003eKali Linux 68\u003c\/p\u003e \u003cp\u003eNmap 69\u003c\/p\u003e \u003cp\u003eWireshark 69\u003c\/p\u003e \u003cp\u003eVulnerability Scanning Applications 69\u003c\/p\u003e \u003cp\u003eHak5 70\u003c\/p\u003e \u003cp\u003eHacking Targets 70\u003c\/p\u003e \u003cp\u003ePentestBox 70\u003c\/p\u003e \u003cp\u003eVulnHub 71\u003c\/p\u003e \u003cp\u003eProving Grounds 71\u003c\/p\u003e \u003cp\u003eHow Pentesters Build Their Labs 71\u003c\/p\u003e \u003cp\u003eSummary 81\u003c\/p\u003e \u003cp\u003e\u003cb\u003e6 Certifications \u003c\/b\u003e\u003cb\u003eand Degrees 83\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003ePentesting Certifications 83\u003c\/p\u003e \u003cp\u003eEntry-Level Certifications 84\u003c\/p\u003e \u003cp\u003eIntermediate-Level Certifications 85\u003c\/p\u003e \u003cp\u003eAdvanced-Level Certifications 87\u003c\/p\u003e \u003cp\u003eSpecialization Web Application Pentesting Certifications 88\u003c\/p\u003e \u003cp\u003eWireless Pentesting Certifications 90\u003c\/p\u003e \u003cp\u003eMobile Pentesting Certifications 91\u003c\/p\u003e \u003cp\u003ePentesting Training and Coursework 91\u003c\/p\u003e \u003cp\u003eAcquiring Pentesting Credentials 92\u003c\/p\u003e \u003cp\u003eCertification Study Resources 99\u003c\/p\u003e \u003cp\u003eCEH v10 Certified Ethical Hacker Study Guide 100\u003c\/p\u003e \u003cp\u003eEC-Council 100\u003c\/p\u003e \u003cp\u003eQuizlet CEH v10 Study Flashcards 100\u003c\/p\u003e \u003cp\u003eHacking Wireless Networks for Dummies 100\u003c\/p\u003e \u003cp\u003eCompTIA PenTest+ Study Guide 101\u003c\/p\u003e \u003cp\u003eCompTIA PenTest+ Website 101\u003c\/p\u003e \u003cp\u003eCybrary’s Advanced Penetration Testing 101\u003c\/p\u003e \u003cp\u003eLinux Server Security: Hack and Defend 101\u003c\/p\u003e \u003cp\u003eAdvanced Penetration Testing: Hacking the World’s Most Secure Networks 102\u003c\/p\u003e \u003cp\u003eThe Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws 102\u003c\/p\u003e \u003cp\u003eSummary 102\u003c\/p\u003e \u003cp\u003e\u003cb\u003e7 \u003c\/b\u003e\u003cb\u003eDeveloping a Plan 105\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eSkills Inventory 105\u003c\/p\u003e \u003cp\u003eSkill Gaps 111\u003c\/p\u003e \u003cp\u003eAction Plan 112\u003c\/p\u003e \u003cp\u003eSummary 113\u003c\/p\u003e \u003cp\u003e\u003cb\u003e8 \u003c\/b\u003e\u003cb\u003eGaining Experience 115\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eCapture the Flag 115\u003c\/p\u003e \u003cp\u003eBug Bounties 123\u003c\/p\u003e \u003cp\u003eA Brief History of Bug Bounty Programs 124\u003c\/p\u003e \u003cp\u003ePro Bono and Volunteer Work 125\u003c\/p\u003e \u003cp\u003eInternships 126\u003c\/p\u003e \u003cp\u003eLabs 126\u003c\/p\u003e \u003cp\u003ePentesters on Experience 126\u003c\/p\u003e \u003cp\u003eSummary 135\u003c\/p\u003e \u003cp\u003e\u003cb\u003e9 \u003c\/b\u003e\u003cb\u003eGetting Employed as a Pentester 137\u003c\/b\u003e\u003c\/p\u003e \u003cp\u003eJob Descriptions 137\u003c\/p\u003e \u003cp\u003eProfessional Networking 138\u003c\/p\u003e \u003cp\u003eSocial Media 139\u003c\/p\u003e \u003cp\u003eRésumé and Interview Tips 139\u003c\/p\u003e \u003cp\u003eSummary 148\u003c\/p\u003e \u003cp\u003eAppendix: The Pentester Blueprint 149\u003c\/p\u003e \u003cp\u003eGlossary 155\u003c\/p\u003e \u003cp\u003eIndex 167\u003c\/p\u003e  \u003cp\u003e\u003cb\u003ePHILLIP L. WYLIE\u003c\/b\u003e has over two decades of experience working in IT and information security. In addition to working as a penetration tester he has founded and runs The Pwn School Project, teaching ethical hacking. He holds the CISSP, OSCP, and GWAPT certifications. He is a highly sought-after public speaker who frequently presents at conferences about pentesting. He was interviewed for the Tribe of Hackers Red Team book. \u003c\/p\u003e\u003cp\u003e\u003cb\u003eKIM CRAWLEY\u003c\/b\u003e is dedicated to researching and writing about a plethora of cybersecurity issues. Some of the companies Kim has worked for over the years include Sophos, AT\u0026amp;T Cybersecurity, BlackBerry Cylance, Tripwire, and Venafi. All matters red team, blue team, and purple team fascinate her. But she's especially fascinated by malware, social engineering, and advanced persistent threats. Kim's extracurricular activities include running an online cybersecurity event called DisInfoSec, and autistic self-advocacy.   \u003c\/p\u003e\u003cp\u003e\u003cb\u003eJUMPSTART YOUR NEW AND EXCITING CAREER AS A PENETRATION TESTER\u003c\/b\u003e \u003c\/p\u003e\u003cp\u003e\u003ci\u003eThe Pentester BluePrint: Your Guide to Being a Pentester\u003c\/i\u003e offers readers a chance to delve deeply into the world of the ethical, or \"white-hat\" hacker. Accomplished pentester and author Phillip L. Wylie and cybersecurity researcher Kim Crawley walk you through the basic and advanced topics necessary to understand how to make a career out of finding vulnerabilities in systems, networks, and applications. \u003c\/p\u003e\u003cp\u003eYou'll learn about the role of a penetration tester, what a pentest involves, and the prerequisite knowledge you'll need to start the educational journey of becoming a pentester. Discover how to develop a plan by assessing your current skillset and finding a starting place to begin growing your knowledge and skills. Finally, find out how to become employed as a pentester by using social media, networking strategies, and community involvement. \u003c\/p\u003e\u003cp\u003ePerfect for IT workers and entry-level information security professionals, \u003ci\u003eThe Pentester BluePrint\u003c\/i\u003e also belongs on the bookshelves of anyone seeking to transition to the exciting and in-demand field of penetration testing. \u003c\/p\u003e\u003cp\u003eWritten in a highly approachable and accessible style, \u003ci\u003eThe Pentester BluePrint\u003c\/i\u003e avoids unnecessarily technical lingo in favor of concrete advice and practical strategies to help you get your start in pentesting. This book will teach you: \u003c\/p\u003e\u003cul\u003e \u003cli\u003eThe foundations of pentesting, including basic IT skills like operating systems, networking, and security systems\u003c\/li\u003e \u003cli\u003eThe development of hacking skills and a hacker mindset\u003c\/li\u003e \u003cli\u003eWhere to find educational options, including college and university classes, security training providers, volunteer work, and self-study\u003c\/li\u003e \u003cli\u003eWhich certifications and degrees are most useful for gaining employment as a pentester\u003c\/li\u003e \u003cli\u003eHow to get experience in the pentesting field, including labs, CTFs, and bug bounties\u003c\/li\u003e \u003c\/ul\u003e","brand":"Wiley","offers":[{"title":"Default Title","offer_id":47990308241637,"sku":"NP9781119684305","price":32.0,"currency_code":"USD","in_stock":false}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/1842\/7735\/files\/9781119684305.jpg?v=1761787293","url":"https:\/\/k12savings.com\/products\/the-pentester-blueprint-isbn-9781119684305","provider":"K12savings","version":"1.0","type":"link"}