This page contains a list of security related books which we have (legally purchased and have) read.  For each title, we will give a brief review and rank it on a score of one to eleven, and supply a link to where it can be purchased (amazon).  Note that we have a large stack of books to get through; if you are so inclined, please check at a later date for more reviews... The current list of reviewed books are:

Hacking The art of Exploitation
We Are Anonymous
RTFM Red Team Field Manual
Blue Team Handbook: Incident Response Edition
Defense against the Black Arts

As always, please contact us with comments, concerns, questions, etc. regarding the titles listed below.

Hacking The art of Exploitation 2nd Edition rating: 11.0/11.0
This book ought to be the standard on which all books (on this page and/or topic) are judged. This book is simply impressive, so impressive I have read it (cover to cover) several times. Each time I go through this book I learned something new, something that I simply didn't notice before. This book teaches C and C++ exploits, first via walking the user through a C and C++ crash course, then introducing memory, GDB, exploit information at a wonderful subtle pace. The masterful writing, subject, and the companion Linux (live disk) demos will keep even the most ADHD reader happily immersed for hours.
TL;DR - If you were to read a single title from those listed on this page, it most definitely should be this one.

We Are Anonymous rating: 9.7/11.0
This book is a solid good read about LulzSec and the early key Anonymous players. It is less of a tutorial, or text book, and much more of a non-fiction story, therefore, it is great for the computer-illiterate. That being said, it is also very informative for the CS student or security professional that would like a glimpse into the psyche, minds, and acts of Anonymous group members. Again, this book does not provide any syntactic or technical information, only a few extremely basic definitions of CS related terms, but it does open a window to the mentality and psychology of Anonymous. The book follows the stories of the individuals, from their introduction to the group all the way to the end of this particular group...
TL;DR - A great non-technical read about a group that played a large role in Anonymous.

RTFM Red Team Field Manual rating: 7.5/11.0
This inexpensive book provides good reference material, and just as importantly (to me), a good place to add your own reference material (via notes and other cheat sheets) in paper format. Sure when it comes to manuals there is the internet and a tiny USB drive can hold volumes, however, for the more old-school people this is a good starting place for "<your name here>'s manual".
TL;DR - A great cheat sheet, at a great price, with plenty of room to take notes and make it your own.

Blue Team Handbook: Incident Response Edition rating: 6.1/11.0
For fairness sake, this title has an Amazon Rating of 4.7/5.0 (at the beginning of March 2015). To me, this little book came off as an unpolished set of cliff notes for policies, standards, and practices. Sure, people who work revolves around these concepts could find this helpful and may even embrace it as a handbook. Personally, I find this book to be average and mediocre.
TL;DR - It's OK, I wouldn't suggest it unless the topic (incident response) is right up your strassa.

Defense against the Black Arts rating: 4.5/11.0
To be fair, this title has an Amazon Rating of 4.7/5.0 (at the beginning of March 2015) and many people seem to enjoy it; if you want a happy review, stop here. Perhaps I, on the other hand, had unreasonably high expectations for this book. Although the cover is trendy (and reminds me of wolverine some how) the material feels dated, the grammar ins't consistent (it really feels like the individuals who divvied up the chapters didn't all proofread the others works, some are good, some are BAD; coming from me, that's perty bad...), and it seems that filler pictures (instructing the user of every button to click on, for repetitive exercises) is unnecessary. Prior to reading this title I read the first two titles on this page, however, for someone who doesn't have any time playing with binary reversing or coding (someone who wants to know a few of the older tools out there and step by step ways to use them) this book may be a good place to start.
TL;DR - Not impressive.

Leave a Reply