The Pentester Blueprint: Starting a Career as an Ethical Hacker (Paperback)

Wylie, Phillip L., Crawley, Kim

  • 出版商: Wiley
  • 出版日期: 2020-11-24
  • 售價: $1,180
  • 貴賓價: 9.5$1,121
  • 語言: 英文
  • 頁數: 192
  • 裝訂: Quality Paper - also called trade paper
  • ISBN: 1119684307
  • ISBN-13: 9781119684305
  • 相關分類: 駭客 Hack
  • 立即出貨 (庫存=1)



The Pentester Blueprint guides readers on how to prepare and enter the cybersecurity filed as a penetration tester aka ethical hacker or white hat hacker. While there are a lot of books about technical tools for penetration testing, The Pentester Blueprint describes the role of a penetration tester, what a pentest entails, and the prerequisite knowledge required to start the educational journey of a pentester. The book goes on to detail learning resources and industry certifications that are helpful in becoming a pentester. The Pentester Blueprint evolved from the author's frequent popular presentations on the same topic at many conferences.
Coverage includes:

  • Foundation - Discuss the foundational perquisite knowledge needed to become a pentester. Discuss the IT basic skills such as operating systems, networking and security needed to be a pentester.
  • Hacking skills - Discuss developing hacking skills and the hacker mindset.
  • Education options - Discuss learning options such as college classes, security training providers and self-study.
  • Education resources - Discuss education resources including; books, videos, conferences and community.
  • Certifications and degrees - Discuss credentials useful for gaining employment as a pentester including; degrees and certificates.
  • Getting Experience - Discuss methods for developing hacking/pentesting skills such as labs (third party and home), CTFs, bug bounties, pro bono/volunteer work.
  • Developing a plan - Discuss how to assess current skillset and knowledge to find a starting place and the perform a gap analysis to develop a learning plan. Discuss goal setting and educational milestones to track progress.
  • Getting employed as a pentester - Discuss how to find a job as a pentester through networking, social media and community evolvement.




- 基础知识 - 讨论成为渗透测试师所需的基础知识。讨论操作系统、网络和安全等IT基本技能。
- 黑客技能 - 讨论发展黑客技能和黑客思维。
- 学习选择 - 讨论学习选择,如大学课程、安全培训提供商和自学。
- 学习资源 - 讨论教育资源,包括书籍、视频、会议和社区。
- 认证和学位 - 讨论对于成为渗透测试师有用的证书和学位。
- 获取经验 - 讨论开发黑客/渗透测试技能的方法,如实验室(第三方和家庭)、CTF比赛、漏洞赏金和无偿/志愿工作。
- 制定计划 - 讨论如何评估当前技能和知识,找到一个起点,并进行差距分析以制定学习计划。讨论目标设定和教育里程碑以跟踪进展。
- 就业作为渗透测试师 - 讨论如何通过网络、社交媒体和社区参与找到渗透测试师的工作。


PHILLIP L. WYLIE has over two decades of experience working in IT and information security. In addition to working as a penetration tester he has founded and runs The Pwn School Project, teaching ethical hacking. He holds the CISSP, OSCP, and GWAPT certifications. He is a highly sought-after public speaker who frequently presents at conferences about pentesting. He was interviewed for the Tribe of Hackers Red Team book.

KIM CRAWLEY is dedicated to researching and writing about a plethora of cybersecurity issues. Some of the companies Kim has worked for over the years include Sophos, AT&T Cybersecurity, BlackBerry Cylance, Tripwire, and Venafi. All matters red team, blue team, and purple team fascinate her. But she's especially fascinated by malware, social engineering, and advanced persistent threats. Kim's extracurricular activities include running an online cybersecurity event called DisInfoSec, and autistic self-advocacy.


PHILLIP L. WYLIE 在資訊科技和資訊安全領域擁有超過二十年的經驗。除了擔任滲透測試師外,他還創辦並運營著 The Pwn School Project,教授道德黑客技術。他擁有 CISSP、OSCP 和 GWAPT 認證。他是一位備受追捧的公開演講者,經常在會議上演講有關滲透測試的主題。他曾接受《Tribe of Hackers Red Team》一書的採訪。

KIM CRAWLEY 致力於研究和撰寫各種資訊安全問題。多年來,Kim 曾在 Sophos、AT&T Cybersecurity、BlackBerry Cylance、Tripwire 和 Venafi 等公司工作。她對紅隊、藍隊和紫隊的所有事務都深感興趣。但她尤其對惡意軟體、社交工程和高級持續性威脅感到著迷。Kim 的課餘活動包括舉辦一個名為 DisInfoSec 的線上資訊安全活動,以及自閉症自我倡導。