Web Security, Privacy and Commerce by Simson Garfinkel
- Great book! It provided me with the information that I was looking for and is an easy read. It is definitely a good start.
- Good read, but primarily as an introductory primer. General info and comprehensive, with good discussion and resources.
- This book is easy to read and describes basic security principles and technologies in an understandable manner.
- I highly recommend this book to anyone that wants to develop a detailed understanding of the significant issues that affect doing business on the web.
Hacking: The Art of Exploitation by Jon Erickson
- Absolutely recommended, although not recommended for someone with very little computer knowledge, or someone that have never written a line of code before, if that is your case this will be very difficult to pick up.
- This is a great read for people who want to know the nuts and bolts of exploitation.
- I would recommend it to anyone, who has a reasonable skill in assembler and C and needs to get some awareness of security vulnerabilities.
- If you have a need to understand how the tools work and how to actually find exploits then i highly recommend it.
- It is very good and lives up to my expectations.
- Overall, a fantastic read. Even if you don't plan to enter the field on a business level, if you have interests in computer security it's worth getting.
- This book is a great reference for penetration testing. I would recommend it to anyone.
- Good content. May be a bit outdated now. But it's not as thorough as I'd like. More about tools than concepts.
- This book is written in a straightforward manner, right to the point, hands-on exercises and all
- This book is very informative and well worth the reading.
Web Security Testing Cookbook. By Paco Hope
- This book contains some non-Windows stuff
- The focus is on testing and using tools to find problems.
- It's good , I learned more about security from this book
- Very good and impressive.
- Excellent book!!
- This book is recommended for web hacking.
- This is a very good book with lots of examples.
- It also shows you the tools which will get you started.
- This is by far the best text I have ever come across on the topic of web application vulnerability exploits.
- Strengthening your websites would be the most benefit from reading this book most likely.
- Get the book if you are not keen on vulnerable cookie-cutter code and hacker prone pages.
The Tangled Web by Michal Zalewski
- A great reference book for all security web engineers.
- The book provides systematic coverage of browser security.
- It's an impressive web and browser inside out. This book is for you, if you want to learn the pitfalls.
- It's certainly a book for application security professionals, not for beginners.
Cryptography Engineering by Niels Ferguson, Bruce Schneier, and Tadayoshi Kohno
- This is an excellent buy. It's a "middle ground" book and probably the one you should start with if you are interested in practical cryptography.
- A great book for those wanting to broach into the CYBERSECURITY space...
- The focus is on the engineering and security aspect, rather than the theoretical or mathematical.
- I would recommend this book to anyone newish to cryptography that wants recommendations on which crypto algorithms or methods to use.
Exploiting Software: How to Break Code by Greg Hoglund and Gary R. McGraw
- This book is an in-depth look at black hat techniques for finding and exploiting software vulnerabilities.
- This is a great reference both for reverse engineering beginners and for coders who have done some reversing.
- This book is a great review of software security and deserves to be on any security professional's bookshelf.
- The one major strength of this book, from a computer science viewpoint, is its emphasis on "attack patterns".
A Bug Hunter's Diary by Tobias Klein
- This book is really good for getting a feel for the mindset and process required for vulnerability hunting.
- Well it's a good book, not excellent because has not steps to do things or present the same case on different views like "case study".
- If you're interested in bug hunting, this is the book you want.
- This is a very good book. But make sure you have great coding skills in order to take advantage of all that the book can offer.
- It's an excellent book for security professionals/researchers and web application penetration testers.
- Excellent book, easy to read, interesting content. It is inspiring for writing better and resistant code.
- Great book about NMAP. A bit dated but still excellent.
- Reads well and dives deep on nmap, technical, and operation flow, some funny stories in there to.
- If you're looking at doing network analysis, this book is a must-read and inexpensive compared to most IT-field references.
- Too much information, but that's why I bought this book! nmap is crazy powerful and this book tells it all!
SQL Injection Attacks and Defense by Justin Clark-Salt
- This is definitely a book to get if you want to learn SQL injection from the ground up.
- This book is awesome! Any security researcher, web developer, pen tester, or student should read this!
- Anybody interested in databases should read this. It has tons of code examples in it - MySQL, Oracle SQL, SQL Server, PostgreSQL, Java, C#, and PHP.
- This is a great resource for penetration testers, recreational hackers, and security professionals. I highly recommend it.
- Great book so far, great explanations and useful stuff
Metasploit Pentesters Guide by David Kennedy
- Good book. However, it is a bit outdated.
- Best book I've seen on Metasploit. This book provides excellent coverage of MANY of the features in Metasploit. Highly recommended.
- This book will not only help you master Metasploit, it will give you different approaches that can be deployed to a variety of pen tests.
- It's a fantastic introduction to penetration testing. The material is voluminous and will take hands-on use to really understand.
- Great book for starters to this framework, like myself. Very much enjoy the writing and steps listed in the book.
Web Application Hacker's Handbook Edition 2 by Dafydd Stuttard and Marcus Pinto
- Great book for intermediate-advanced people with webapp/security experience. I certainly wouldn't recommend it for beginners.
- This book offers tons of techniques and strategies for attacking and defending web applications.
- The book is very good with relevant information.