Network Security Assessment 2nd Edition


A shameless plug, but I wanted you to all be aware that I finally finished the 2nd edition of my book, which was published last week by O'Reilly. About half of the book content is browsable online at:

New features of the 2nd edition include:

- Exploitation framework support, including IMPACT, CANVAS, and MSF
- 0day exploit pack support (GLEG and Argeniss in particular)
- A Nessus chapter
- A web application testing chapter
- A completely re-written VPN chapter (by Roy Hills)
- Full CVE compatibility; all of the bugs in the book have CVE references (which involved around 20 new CVE's being created also)

It is designed and written as a desktop reference for network-based IP assessment, covering all the latest bugs, and removing a lot of old, obsolete material that was present in the first edition (such as bugs in IIS 4.0, etc.)

I'd like to keep the book as accurate as possible, so if there are any errors that you want to report, please submit them at

Many thanks,


Chris McNab
Technical Director

Matta Consulting Limited
Falstaff House
34 Bardolph Road
Richmond upon Thames

T: 08700 77 11 00

The information contained in this email is intended only for the person(s) to whom it is addressed and may contain confidential or privileged material or information that is exempt from disclosure under applicable law. Information and attachments may be used only for the purpose for which they are sent, and copying, disclosure or distribution of any information contained herein is strictly prohibited.

This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!