Best computer and network security books

Started by Six110, May 14, 2012, 12:24:54 PM

Previous topic - Next topic

Six110

---
Dissecting_the_Hack_Revised_Edition-[Street-Nabors-Baskin-Carey]-(2010).pdf
Hacking_The_Art_of_Exploitation_2nd-[Erickson]-(2008).pdf
XSS_Attacks:_Cross_Site_Scripting_Exploits_and_Defense-[Fogie-Grossman-Hansen-Rager-Petkov]-(2007).pdf
The_Web_Application_Hacker's_Handbook_2nd-[Stuttard-Pinto]-(2011).pdf
Netcat_Power_Tools-[Kanclirz]-(2008).pdf
Metasploit_The_Penetration_Tester's_Guide-[Kennedy-O'Gorman-Kearns]-(2011).pdf
Introduction_to_Modern_Cryptography-[Katz-Lindell]-(2007).pdf
Hacking_Exposed_6th-[McClure-Scambray-Kurtz]-(2009).pdf
Cracking_Passwords_Guide_1.1-[Dravet]-(2010).pdf
The_Art_of_Intrusion-[Kevin_Mitnick]-(2005).pdf
Nmap_Cookbook_The_Fat_free_Guide_to_Network_Scanning-[Nicholas_Marsh]-(2010).pdf
Practical_Packet_Analysis_Using_Wireshark_To_Solve_Real_World_Network_Problems_2nd-[Chris_Sanders]-(2011).pdf
Penetration_Tester_Open_Source_Toolkit_3rd-[Jeremy_Faircloth]-(2011).pdf
SQL_Injection_Attacks_and_Defense-[Clarke]-(2009).pdf
---

Missing:
Wireshark Network Analysis: The Official Wireshark Certified Network Analyst Study Guide (2010)
Low Tech Hacking: Street Smarts for Security Professionals (2012)

Waiting:
SQL Injection Attacks and Defense, Second Edition [Justin Clarke]  (June 15, 2012)
Hacking Exposed 7 (August 3, 2012)

ostendali

I'd suggest the second one "Penetration Tester Open Source Toolkit 3rd"....
it is pretty complete and well explained....I won't suggest to waste your time for others...
be my guest!

weVeg

#2
if you want learn about social engineering i suggest you "l'arte dell' inganno" di Kevin Mitnick!
m2c

ot: give us your blog's name please....
una voce libera รจ sempre liberatrice
under_r00t

crackajack

#3
Dissecting the Hack: The F0rb1dd3n Network, Revised Edition by Jayson Street

QuoteWelcome to hacker fiction-like sci fi, but you don't get to make the good stuff up."-Dan Kaminsky, Director of Penetration Testing, IOActive, Inc. "There have been many sensationalist books on hackers, and this isn't one of them. Get a feeling for what it's really about and follow through with the technical details. Fun like Star Trek, but comes with the blueprints."-FX of Phenoelit Recurity Labs GmbH "A great read, whether you're a geek or not. Hollywood should take notes...a gripping story centered around real tech."-Johnny Long, Professional Hacker, Best-Selling Author and Founder of Hackers For Charity, Inc. "Dissecting the Hack: the F0rb1dd3n Network is an educational thriller, the reader is thoroughly entertained and yet walks away with an understanding of the importance of information security theory and practice."-Stephen Northcutt, President, The SANS Technology Institute
Product Description

Dissecting the Hack is one heck of a ride! Hackers, IT professional, and Infosec aficionados (as well as everyday people interested in security) will find a gripping story that takes the reader on a global trip through the world of computer security exploits. One-half thriller, one-half reference, each provides context for the other. Together they will show you how to see the digital world just below the surface of daily life.


Yes, the security threats are real, and in this revised edition Part 2, this content completely NEW. Read more about the tactics that you see executed throughout the story in the second half of the book where you will learn to recon, scan, explore, exploit, and expunge with the tools and techniques shown in the story.

BackTrack 5 Wireless Penetration Testing Beginner's Guide by Vivek Ramachandran

No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing by Johnny Long

Low Tech Hacking: Street Smarts for Security Professionals [Paperback]
Jack Wiles

Quote"In the age of extreme technology, the defenders have made Low Tech a low priority, concentrating more on the common high tech solutions intended to protect organizations. But attackers are resurrecting the art of Low Tech Hacking. The techniques discussed in this book are given new life because they allow attackers to strike at the weakest links: human and physical. This book is the right tool to bring the Low Tech back into focus."--Greg Miles, Ph.D., CISSP, CISA, Principal at Peak Security, Inc. "Low Tech Hacking is perfect for waking people up to the dangers that lurk on the Internet and especially in their physical environment. All chapters are littered with helpful tips and warnings, which more often then not include the authors' 'war stories' as illustrative examples. And even though the book has been written by five different authors, they all do a great job at keeping the explanations and examples clear and concise, and at making us think for ourselves and consider things we never marked before. In short, I would effectively recommend this book to everyone."--Net-Security.org
Product Description
Criminals using hacking techniques can cost corporations, governments, and individuals millions of dollars each year. While the media focuses on the grand-scale attacks that have been planned for months and executed by teams and countries, there are thousands more that aren't broadcast. "Low Tech Hacking" focuses on the everyday hacks that, while simple in nature, actually add up to the most significant losses. Attackers are using common techniques like social engineering, wireless hacking, and targeting and surveillance to gain access to valuable data. This book contains detailed descriptions of potential threats and vulnerabilities, many of which the majority of the information systems world may be unaware. Author Jack Wiles spent many years as an inside penetration testing team leader, proving these threats and vulnerabilities exist and their countermeasures work. His contributing authors are among the best in the world in their respective areas of expertise. This book contains insider knowledge of what could be your most likely Low Tech threat; includes timely advice from some of the top security minds in the world; and, covers many detailed countermeasures that you can employ to improve your security posture.


Six110

Quote from: crackajack on May 14, 2012, 08:37:15 PM
Dissecting the Hack: The F0rb1dd3n Network by Jayson E Street

BackTrack 5 Wireless Penetration Testing Beginner's Guide by Vivek Ramachandran


Wireless Penetration Testing is described in detail already in the books that I mentioned.

Can you tell me more about Dissecting the Hack?

crackajack

#5
Dissecting the hack is based on real-life hacking scenarios, written by professional pentesters and Hackers. Very interesting IMO.

l believe Hacking Exposed 7 is out in a few months.

Six110

Quote from: crackajack on May 14, 2012, 11:47:32 PM
l believe Hacking Exposed 7 is out in a few months.

Publication Date: August 3, 2012

Six110

Quote from: ostendali on May 14, 2012, 12:29:21 PM
I'd suggest the second one "Penetration Tester Open Source Toolkit 3rd"....
it is pretty complete and well explained....I won't suggest to waste your time for others...
be my guest!

I finished reading it now: vague, imprecise and bad organized.
Too many arguments for a single book.
Vote: 5.


encrypted

Hello All,

I am new to this forums but I want to contribute. I will be listing some resources you should all check out and I invite you to ADD to the list!

InfoSec News:
0.0) Twitter | http://twitter.com
1.) Security Bloggers Network | http://www.securitybloggersnetwork.com/security-bloggers-network-the-feed/
2.) InfoSec Daily Podcast | http://www.isdpodcast.com/
3.) Security Justice Podcast | http://securityjustice.com/
4.) PaulDotCom Podcast | http://www.pauldotcom.com/
5.) Exotic Liability Podcast | http://www.exoticliability.com/
6.) Social Engineer Podcast | http://www.social-engineer.org/

Lab Testing/Practice:
1.) G0tMi1k's "PenTest Lab" | http://g0tmi1k.blogspot.com/2011/03/vulnerable-by-design.html
2.) Smash The Stack |  http://smashthestack.org/
3.) Hack This Site (Oldie ;-) | http://www.hackthissite.org/

Tutorials:
1.) TheNewBoston's Tutorials | http://thenewboston.org/tutorials.php
2.) PenTest Cryptocity | http://pentest.cryptocity.net/
3.) SecurityTube's Groups | http://www.securitytube.net/groups?operation=viewall&groupId=0
4.) Metasploit Unleashed | http://www.offensive-security.com/metasploit-unleashed/Main_Page
5.) TUTS 4 U | http://tuts4you.com/download.php
6.) IronGeek | http://www.irongeek.com/
7.) Logical Security's Tuts | http://www.logicalsecurity.com/resources/resources_video_thanks.html
8.) Dave Kennedy's Ohio Chapter Tuts | http://www.1dave1cup.com/

Manual:
1.) PenTest Standard | http://www.pentest-standard.org/index.php/Main_Page

Public Exploit DB:
1.) Offensive Security's Exploits Database | http://www.exploit-db.com/
2.) Security Focus's Exploits Database | http://www.securityfocus.com/
3.) OSVDB | http://www.osvdb.org/

Top Books (IMO):
1.) Metasploit, The Penetration Tester's Guide | http://www.amazon.com/Metasploit-The-Penetration-Testers-Guide/dp/159327288X
2.) The Shellcoder's Handbook | http://www.amazon.com/The-Shellcoders-Handbook-Discovering-Exploiting/dp/0764544683
3.) The Web Application Hacker's Handbook | http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/0470170778
4.) Foundations of Python Network Programming | http://www.amazon.com/Foundations-Python-Network-Programming-Goerzen/dp/1590593715
5.) No Starch Press's Collection | http://nostarch.com/catalog/5

Please add more! I am thirsty for knowledge.

Ciao.
E.

ZEROF

Hi encrypted,

Use search before posting.

Thank you !

Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*

encrypted

I apologize ;-) I did see this but did not think of placing it in the same forum, sorry ;-(. I will work on that!

Ciao.
E.