Book Review: The Hacker Playbook...

The Hacker Playbook: Practical Guide To Penetration Testing is an attempt to use a continuous series of football metaphors to describe the process of a network penetration test. Maybe the metaphors would work better for someone who actually watches sports, but I felt they were a bit strained and forced at times. That being said, the actual content and techniques described are solid and generally useful information. It’s arranged in the stages of a good penetration test, and reads like a strong guide for those relatively new to penetration testing. Unfortunately, it doesn’t set up general guides for each area as much as describing specific “plays” for each area, so once those techniques start to fall flat, it doesn’t leave you with a lot of depth.

Overall, it’s an interesting book, and would definitely be good for someone who hasn’t been pentesting much, but ultimately, it’s just a collection of specific tasks (“plays” in the parlance of the book) that you can execute. I wasn’t expecting much more, and plays in there are solid, but eventually you’ll need to learn to craft your own plays, and I feel the book falls short there. It’s 294 pages and attempts to cover an entire field while remaining practical. Naturally, this is very difficult, and while there may be some shortcomings, Peter Kim manages to provide several useful plays, but probably best for those who haven’t yet developed their own playbook.