HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 63 guests and 1 member online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Featuresarrow Book Reviewsarrow Reviewing my List of Books
EH-Net
May 25, 2012, 11:54:57 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Reviewing my List of Books  (Read 7689 times)
0 Members and 2 Guests are viewing this topic.
joe_fun
Newbie
*
Offline Offline

Posts: 6


View Profile
« on: October 04, 2009, 11:12:35 PM »
Hello Guys,
I just found this website and it looks very interesting, here is my first post so i apologize in advance if i am posting in the wrong section or my post is too long ...
I have academic background in networking, and i am interested in specializing in security, and i wanted to have a solid base in security from the application side as well, and i believe i will need to know some programming languages , i did some research online and i asked couple of my friends who are programmers, and i reached the conclusion that many of the programmers actually miss some fundamental basics, so based on their recommendations i compiled a list of 10 books that i can gradually read to build on my future programming knowledge step-by-step,  and from then focus more on the security aspect of it,
I wanted to get your opinions in the books themselves and the order chosen, and whether it covers all aspects of programming from theory to practical, and from low to high level languages concepts? and any recommendations/warnings?

Write Great Code: Volume 1: Understanding the Machine
http://www.amazon.com/Write-Great-Code-Understanding-Machine/dp/1593270038

Write Great Code, Volume 2: Thinking Low-Level, Writing High-Level
http://www.amazon.com/Write-Great-Code-Low-Level-High-Level/dp/1593270658

code complete
http://www.amazon.com/Code-Complete-Practical-Handbook-Construction/dp/073561967

object oriented thought process 3 edition
http://www.amazon.com/Object-Oriented-Thought-Process-3rd/dp/0672330164

Memory as a Programming Concept in C and C++
http://www.amazon.com/Memory-Programming-Concept-Frantisek-Franek/dp/0521520436/

the c programming language 2 edition
http://www.amazon.com/Programming-Language-2nd-Brian-Kernighan/dp/0131103628

Secure Coding in C and C++
http://www.amazon.com/Secure-Coding-Robert-C-Seacord/dp/0321335724

19 Deadly Sins of Software Security: Programming Flaws and How to Fix Them
http://www.amazon.com/Deadly-Sins-Software-Security-Programming/dp/0072260858

A Practical Guide to Ubuntu Linux
http://www.amazon.com/Practical-Guide-Ubuntu-Linux-Versions/dp/0137003889

Hacking: The Art of Exploitation, 2nd Edition
http://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/

Thanks in Advance
Logged
Ketchup
Hero Member
*****
Offline Offline

Posts: 1006



View Profile
« Reply #1 on: October 05, 2009, 07:30:27 AM »
Welcome to the forums!

I can only comment on the last one, as I haven't read the other ones.  It's one of the best books I have ever read.  It makes exploitation and shellcoding very easy to understand.  It covers both high level concepts and hands on coding.  
Logged
~~~~~~~~~~~~~~
Ketchup
joe_fun
Newbie
*
Offline Offline

Posts: 6


View Profile
« Reply #2 on: October 05, 2009, 10:57:40 AM »
Tnx Ketchup,
any idea how much background in programming is needed before attempting the "the art of exploitation"?
Tnx
Logged
Ketchup
Hero Member
*****
Offline Offline

Posts: 1006



View Profile
« Reply #3 on: October 05, 2009, 11:04:53 AM »
I would say that you need a basic understanding of C language, especially when it comes to memory management concepts.  ASM knowledge will probably help you with the shellcoding portion, but I don't think anything is required.   The author has a great intro to both. 
Logged
~~~~~~~~~~~~~~
Ketchup
joe_fun
Newbie
*
Offline Offline

Posts: 6


View Profile
« Reply #4 on: October 06, 2009, 03:41:18 PM »
Tnx Ketchup,
ill start reading that book and if i get stuck i will check some of the other books in the list,
Logged
aweSEC
Hero Member
*****
Offline Offline

Posts: 1100


View Profile
« Reply #5 on: October 09, 2009, 01:20:25 AM »
If you are not very familiar with programming languages, I would not start with Hacking: The Art of Exploitation for several reasons. Starting with one which covers the basic concepts and ideas, you will get more out of the H:TAoE and it will be easier to follow each topic.
Logged
joe_fun
Newbie
*
Offline Offline

Posts: 6


View Profile
« Reply #6 on: October 10, 2009, 04:39:26 PM »
Tnx awesec,
I guess a good idea to start with a memory book and a programming book before going with a more specialized book,
Logged
sethmisenar
Newbie
*
Offline Offline

Posts: 24


View Profile WWW
« Reply #7 on: October 16, 2009, 09:11:53 AM »
Not really what you asked for, but I hope this is helpful...

Check out the OWASP Podcast: http://www.owasp.org/index.php/OWASP_Podcast

I find this to be one of the more professional podcasts out there.  Although OWASP is ostensibly focused on Web Application Security, more general software security is definitely a well represented topic.  Also, if you aren't already familiar with OWASP, I highly recommend that you spend some time with this organization (reviewing the site, joining mailing lists of projects that interest you, joining a local chapter <if available in your area>).

19 Deadly Sins is a strong book.  You also might want to check out Software Security by Gary McGraw.

http://www.amazon.com/Software-Security-Building-Gary-McGraw/dp/0321356705

Hope this helps.

Seth
Logged
GSE, CASP, CISSP, GSEC, GCIA, GCIH, GPEN, GCWN, GCFA, MCSE
joe_fun
Newbie
*
Offline Offline

Posts: 6


View Profile
« Reply #8 on: October 16, 2009, 11:49:41 AM »
Tnx Seth,
i wasnt familiar with OWASP organization, tnx for its link, i glanced at their podcasts and they do seem to be more than newbies tutorials but a much more professional interviews,
Definitely in my bookmarks,
Tnx again
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.082 seconds with 21 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.