Sometimes i see pen-tester making a presentation or a show in an attitude of a secret agent (black coat and sunglasses) using fancy tools. This has nothing to do with pentests!

Pentests are a lot of work and sweat and most of the time boring. Normally i use very simple tools and my brain.


i recommend two books:
  • Thinking Security (Addison-Wesley) by Steven M. Bellovin
  • Security Engineering (Wiley) by Ross J. Anderson