This is a listing of a portion of my personal library, these are mostly books I’ve found useful (or at least interesting).
The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws: Well written, information is up to date and clear. If you are trying to learn more about pen-testing – either for real testing, or to better understand the attack vectors that your applications expose – this is a great resource. Highly recommended.
The Shellcoder’s Handbook: Discovering and Exploiting Security Holes: If you want to know more about how desktop/server software and operating systems are attacked, this is great resource – though this is certainly not light reading. If you don’t have a background in ASM and C development, you’ll find yourself in over your head in a hurry.
Cryptonomicon: I found this book hard to read because of the intertwined storylines, but it does all come together at the end. Overall, it’s a great book – and even moreso if you are interested in history (much of the book takes place during WWII) and cryptography as I am.
And Another Thing… (The Hitchhiker’s Guide to the Galaxy): This book partially wrapped up the story for the Hitchhiker’s Guide, but it’s still open-ended on a number of fronts. I don’t regret reading it, but I probably won’t read it a second time.
The Ultimate Hitchhiker’s Guide to the Galaxy: You’ve read this one, right? Right?! RIGHT?!?!?!?!
Zero Day: A Novel: Fantastic. This is an outstanding book, great technical detail, highly accurate, and realistic storyline. It was written by the legendary Mark Russinovitch, showing that not only can he write technical books, but that he’s also very talented at fiction. Buy this book, that simple.
These are mostly archived items from years ago, so there’s a long gap where I stopped updating this page.
Programming Microsoft Visual Basic 2005: The Language: I’m about to start studying for the MCTS certification, and I’m planning on using this as my primary study material. Once I actually start reading it, I’ll post some real comments.
The CISSP Prep Guide: Mastering the CISSP and ISSEP Exams: This one I plan on reading soon, once the MCTS tests are over. A focus on security in needed, now more than ever, and this seems to be a leading certification. I’m looking forward to reading this, when time allows.
Software Requirements, Second Edition: This is one I started to read, until I picked up the Advanced .NET Programming book – so far this seems to be a good book, but somehow has fallen to the end of my To-Read list.
Security for Microsoft Visual Basic .NET: This one just came, I’m looking forward to reading it, but it’ll have to wait.