Metasploit 2nd Edition by David Kennedy, Mati Aharoni, Devon Kearns, Jim O’Gorman, and Daniel Graham

The Metasploit Framework makes discovering, exploiting, and sharing systemic vulnerabilities quick and painless. But, this popular pentesting tool can be hard to grasp for first-time users. Written by some of the world’s top hackers and security experts, Metasploit fills the gap by teaching you how to best harness the Framework and interact with its vibrant community of Metasploit open-source contributors. 

This indispensable guide’s updated second edition introduces modules and commands recently added to the Metasploit Framework, along with a new chapter on conducting cloud-based assessments, and discussions of contemporary evasion techniques, malicious document generation, Active Directory attacks, and more.

Ethical Hacking A Hands-on Introduction to Breaking In by Daniel Graham

Ethical Hacking is a crash course in modern hacking techniques. It’s already being used to prepare the next generation of offensive security experts. In its many hands-on labs, you’ll explore crucial skills for any aspiring penetration tester, security researcher, or malware analyst.

You’ll begin with the basics: capturing a victim’s network traffic with an ARP spoofing attack and then viewing it in Wireshark. From there, you’ll deploy reverse shells that let you remotely run commands on a victim’s computer, encrypt files by writing your own ransomware in Python, and fake emails like the ones used in phishing attacks. In advanced chapters, you’ll learn how to fuzz for new vulnerabilities, craft trojans and rootkits, exploit websites with SQL injection, and escalate your privileges to extract credentials, which you’ll use to traverse a private network.

You’ll work with a wide range of professional penetration testing tools—and learn to write your own tools in Python—as you practice tasks like: