Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Building the ultimate pen-test reference library

booksI’ve been working to build up a good quality reference library of Security books for about 2 years now. Ever since I left my job as a Server Administrator to begin learning about security. Some books have been a bit of a letdown (like the Hacking VoIP exposed book) and others have been a great addition to the collection (like XSS Attacks, or the web Application Hackers Handbook). Moving this small home reference library between home and work has started to become a real problem though. You never have the right book in the right place at the right time. It’s Murphy’s law. So, I’ve begun the quest to setup a comprehensive reference library at work for all those special occasions when you just have to know that obscure Python syntax.

With this in mind I’ve started the list of desired titles. Obviously there’s no way I can add every possible title to this list, and some good books are just not suitable for a reference library. With that said, I hope this is at least a good start .:

  • Applied Cryptography
  • Web-Application Hackers Handbook
  • Database Hackers Handbook / Oracle Hackers Handbook
  • XSS Attacks
  • NMAP Network Scanning
  • Learning Python (3rd Edition)
  • A Book on C (for those Code Review moments)
  • TCP/IP Illustrated (vol.1-3)

To add to these titles, a subscription to the Safari online bookshelf seems like a good idea. Being able to directly search books for specific parameters, configuration options and commands is great thing. If this is beyond budget, then limited use of Google Books would be a possible solution.

There are some good titles that I’ve not listed here, mostly because once they’ve been read I don’t see them as a source of reference that I’ll use on a regular basis.

This list is far from complete, so if you have suggestions then feel free to post a comment. Without discussion, things wil never move forward.

Comments are closed.

%d bloggers like this: