// Comparison
Hacking vs Penetration Testing: Which Should You Read?
Two cybersecurity books on Offensive, compared honestly: who each is for, what each does best, and which to read first.
Un labo virtuel pour auditer et mettre en place des contre-mesures
Franck Ebel, Jérôme Hennecart
A hands-on French guide to building a virtual lab (Proxmox) and using it to audit application, web and system flaws — then implement countermeasures.
Georgia Weidman's lab-driven introduction to pentesting, walking the reader from setting up a target environment through scanning, exploitation, post-exploitation, and reporting.
Read this if
Skip this if
Key takeaways
- A practical French guide to building your own vulnerability lab and auditing it end to end.
- Covers application, web and system flaws with the matching countermeasures — attack and defence together.
- From 2013: the method holds, but expect to modernise the specific tools and lab stack.
- A complete pentest is a small number of repeated motions (recon, find foothold, escalate, pivot, document); Weidman teaches the rhythm before the tooling.
- Lab setup is half the learning; running through the book's Metasploitable-and-Windows-VM lab is what builds the muscle memory the OSCP later assumes.
- Reporting matters as much as exploitation; the book is one of the few intro texts that takes the deliverable seriously.
How they compare
We rate Penetration Testing higher (4/5 against 3/5 for Hacking). For most readers, that means Penetration Testing is the primary pick and Hacking is a useful follow-up.
Hacking is pitched at intermediate level. Penetration Testing is pitched at beginner level. Read the easier one first if you're not yet comfortable with the topic.
Hacking and Penetration Testing both cover Offensive, Pentesting, Tooling, so reading them in sequence reinforces the same material from different angles.