Learning is an important part of our life. A habit of reading a lot of books not only keeps updated with technology but also formalizes your knowledge as compared to random google searches and reading through articles. Every book may or may not help you in your day to day job but surely will make you a different person once you have read and mastered the concepts thoroughly. Also every book or author's style may or may not click with you immediately, therefore it is important to keep a lot of books in your arsenal.
This is a collection of few books I would like to recommend to anyone who wants to learn tech stuff. Sometimes if I have to guide beginners into reading a new book, this is what I recommend.
This is a very small list of books and I wanted to keep a motivational journal for my own reference and revisions.
Some of these books I had read more than 5 years back and I still remember their awesomeness. I will keep on updating this page as I get time. This is going to be very big.
http://shop.oreilly.com/product/9780596529307.do
Michael Burian
Ori Pomerantz
This is a collection of few books I would like to recommend to anyone who wants to learn tech stuff. Sometimes if I have to guide beginners into reading a new book, this is what I recommend.
This is a very small list of books and I wanted to keep a motivational journal for my own reference and revisions.
Some of these books I had read more than 5 years back and I still remember their awesomeness. I will keep on updating this page as I get time. This is going to be very big.
Groovy
- Programming Groovy
by Venkat Subramaniam
Groovy
is a dynamic language. The syntax is very similar to Java and I decided
to learn about it because I came across it for a small project.
Maven
- Maven by Example
- Maven: The Complete Reference
- Apache Maven 3 Cookbook
The above three books should be good enough to get a good grasp on maven.
For any problems and tricks stack overflow is the best place to search.
Web Applications and Security
- XSS Attacks: Cross Site Scripting Exploits and Defense
by Seth Fogie, Jeremiah Grossman, Robert Hansen, Anton Rager, Petko D. Petkov
This is quite a powerful book if you want to master cross site scripting concepts and move beyond alert('xss').
- SQL Injection Attacks and Defense
Quite a powerful book if you want to get into the complexities of SQL
injection. Even though SQL injection is considered trivial these days,
but actually it requires a lot of understanding of the involved
databases, configuration involved and what works or not. Which could be
enough to turn a beginner off.
- Web Application Hackers Handbook
- High Performance Websites
You are missing a lot of details on how websites work and what are the
essential parameters to be considered while evaluating the performance
of web pages. A lot of case studies from Yahoo. Written by a guy
who worked on enhancing the performance of Yahoo products. Must read.
http://shop.oreilly.com/product/9780596529307.do
General Security
- Hacking: The Art of Exploitation, 2nd Edition
One
of the best books out there to get a general idea of what goes under
the hood. The buffer overflow explanation is extremely good and it also
deals with several protections and exploitation techniques. For some
reason the book provides you enough clarity.
- Hacking Exposed series
Hacking Exposed: Network Security Secrets and Solutions, Sixth Edition
by Stuart McClure , Joel Scambray , George Kurtz
Exploitation and Tools
- Chained Exploits: Advanced Hacking Attacks from Start to Finish
Andrew Whitaker (Author), Keatron Evans (Author), Jack Voth (Author)
http://www.amazon.in/Chained-Exploits-Advanced-Hacking-Attacks/dp/032149881X
http://www.amazon.in/Chained-Exploits-Advanced-Hacking-Attacks/dp/032149881X
This book deals with security in a very practical and enjoyable way making
it very easy to understand real life security challenges. And how do you
put the security tools to their practical use.
- Buffer Overflow Attacks: Detect, Exploit, Prevent
by Jason Deckard
Totally focused on Buffer overflow attacks and their exploitation. Expert mode turned on.
- Writing Security Tools and Exploits
by James C. Foster, Vincent T. Liu
- The Shellcoder's Handbook: Discovering and Exploiting Security Holes
by Chris Anley
If you are into assembly and shellcoding techniques. This book would be an
extreme fun. Shellcode is the small piece of machine code that you try
to get executed while exploiting a buffer overflow.
Matering Wireshark and Network analysis
- Practical Packet Analysis, 2nd Edition
Using Wireshark to Solve Real-World Network Problems
By Chris Sanders
http://shop.oreilly.com/product/9781593272661.do
http://shop.oreilly.com/product/9781593272661.do
- Wireshark & Ethereal Network Protocol Analyzer Toolkit
(Jay Beale's Open Source Security)
Network packet analysis is a skill that a majority of professionals lack. These
books would turn you into 'The One' who reads and understands whats
going on the wire. Troubleshooting network related problems and mapping
them with real life use cases.
Cryptography (programming)
- Java Cryptography
By Jonathan Knudsen
It
is a little old book. But very well written. Most of the concepts have
not changed as far as JCE and JCA is concerned. There are not many well
written books that cover Java cryptography. Have you ever wondered what
exactly a Secure Random is? What is its significance. How to use the
Java JCE to encrypt stuff, how to use different encryption algorithms
and key sizes effectively to encrypt and decrypt data.
Linux related
- Bash Cookbook
Solutions and Examples for bash UsersBy Carl Albing, JP Vossen, Cameron Newham
This
book turns you in a master of bash shell. Minute differences that
always puzzle even the experts and by learning them you can show off.
- SSH, The Secure Shell: The Definitive Guide
By Daniel J. Barrett, Richard E. Silverman
Everything you wanted to know about the SSH protocol.
- Build your own Linux
Linux from Scratch project
By
far the best Linux oriented and free book. Learn how to create your
Linux. Compile all the packages, assemble your own tools, compile your
own kernel. You learn what all basic stuff is required to build a Linux
system. If you know what you are looking for, you can build an extremely
sophisticated Linux that deals with a specialized job and very small
too.
- The Linux Kernel Module Programming Guide
Michael Burian
Ori Pomerantz
This
is a free book. Its old, but it is very good for understanding the
basics of Kernel modules and how they work. You ca also write and
compile your own hello world kernel module. It covers lots of basics, so
if you want to grab an idea about the low level working of the
internals, then you should give it a quick read. I am reading it,
because while investigating Linux kernel related vulnerabilities,
sometimes you need to understand how the whole kernel module/driver
procedure simply works. A lot of times vulnerabilities are reported in
the kernel, however it does not necessarily mean that your Linux is
vulnerable. There are lots of ifs, oohs and aahs involved. And only a
hawk eyed kernel expert can tell you the difference.
No comments:
Post a Comment