Best Hacking/Security Books? - Web Application Security

Xin

Hey guys give me a good list of hacking books and links to HARDCOPYs, of them as i will purchase them to read :),
i have recently bought Hacking Exposed 6, it is pretty broad and basic but a good read none the less.
I am trying to find a hardcopy of Hacking the art of exploitation but its hard to find, what others do you recommend?

chroniccommand

I have no hard copy links. Search amazon I guess :P
I have a lot of online books though.

Xin

Kk any names in particular you suggest other than hacking the art of exploitation/

chroniccommand

Hackers Handbook
TCP/IP coding in C
Socket coding in Python

Also, learn from google. Search things such as:
Stack
Heap
Memory allocation
Networking

ETC... google can be your best friend :P

Xin

Okay cool il start reading up on some if it :)

chroniccommand

Cool. Remember, the absolute best way to learn is by reading over and over and over again. The key is so much reading. I know it sucks but it's worth it :P
And imo, 90% of being a hacker is knowing how something works. The other 10% is being able to do it.
So if you know exactly how something works, great, don't let people say you suck because you cant do it. Screw 'em, they're just jealous because they don't know how it works. So learn how stuff works, because that's the key :P Of course, learn how to do it too.

Xin

Yeah, i have read a lot of books :) , some not so good such as hacking for dummies aha

Sh3llc0d3

said:

I am trying to find a hardcopy of Hacking the art of exploitation but its hard to find

If you're in the UK...

http://www.snazal.com/

Search for them with the below ISBN's :)
1st Edition
ISBN 1593270070
2nd Edition
ISBN 9781593271442

I'm getting the 2nd ed hardback me thinks seeing as thought it's quite a low price.

EDIT: Thinking this looks ok too at a quick glance, it's from the developers of burp suite.
http://www.snazal.com/buy-online-0470170778.html

Xin

Thanks snazal im ordering now :) you from the UK too?

Sh3llc0d3

said:

Thanks snazal im ordering now :) you from the UK too?

Yes mate, from England :cool: won't shout it about too much though people might get jealous lol

burn1337

Hacking the art of exploitation - I have to say is a great read, I have the paper back. I haven't gotten the chance to read it all the way through; but it is very in-depth.

a few others (not all about security or hacking, but as rx said, 90% of hacking is knowing)
Thomson - Guide to Linux Networking and Security
Thomson - Guide to Linux Installation and Administration
Larson Stephens - Administrating Web Servers, Security, & Maintenance
Technology Series - Intrusion Detection
Christopher Swenson - Modern Cryptanalysis: Techniques for advanced code breaking
O'Rielly - Algorithms in a nutshell: a desktop quick reference
Eldad Eilam - Reversing: Secrets of Reverse Engineering
(and of course) Jon Erickson - Hacking: The art of exploitation

Later when I get a chance to look at my book shelf I will probably list more... Currently my son is sleeping on my chest, so I am only able to list what is within arm's length, or eye's view.
Oh one I just remember; I lost this book years ago, and it is rare to see it on the book shelves; but this is the book I started with when I was 13 or 14 ( I read it at least 4 times cover to cover)
Ankit Fadia - The Unofficial Guide to Ethical hacking

x3n0n

Xinapse, are you still looking for hacking: the art of exploitation?
Because I have it on my hard drive ;)

Hardcore-Gabber

Thanks a good list of Books

Sh3llc0d3

Recommended reading to anyone studying INFOSEC.

The Shellcoder's Handbook: Discovering and Exploiting Security Holes
http://www.amazon.co.uk/Shellcoders-Han ... 466&sr=8-1

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
http://www.amazon.co.uk/Web-Application ... 503&sr=1-1

Also a book i bought recently, "Network Security Bible" (1st edition although the 2nd edition is out now) is well worth a read for any Network analysts or Admins. If your in a network security position you'd probably use it more as a reference for stuff you already know rather than to learn from.

BavarianDZ

said:

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
http://www.amazon.co.uk/Web-Application ... 503&sr=1-1

This book is a damn 5/5... Great reference, very detailed, you feel that the authors (Coders of Burp Suite) know their work. Should be on every web app hacker's shelf.
I've Read somewhere that the authors are planning a 2nd ed, maybe in 2011... I'm definitely looking forward for it.

Add to it
SQL Injections:Attacks and Defense
Great book too, very informative and detailed. Serves as a quick reference too.

Edit: Oh there is also Hacking the next generation, not very big but a good book with new material and actual hacking (web attacks oriented like phishing , XSS , SQLi...)

Also there the new Hacking Exposed:Wireless 2nd edition (July 2010)..
+500 pages of wireless explained hacking (Client attacks too !)...

Sh3llc0d3

said:

I've Read somewhere that the authors are planning a 2nd ed, maybe in 2011

Now that would be well worth getting by the quality of the first ed.

BavarianDZ

said:

said:

I've Read somewhere that the authors are planning a 2nd ed, maybe in 2011

Now that would be well worth getting by the quality of the first ed.

There is also
hacking exposed:Web applications 3rd edition planned for end of this year.
OWASPv4 guide (free) planned for next January.

Some nice fresh material coming :)

Howdy, Stranger!

Top Posters

Who's Online (2)