I through a blank canvas on the floor, tossed a few security related books on it, and proceeded to take a poorly lit blurry eyed picture before writing this post. I thought it was time to talk about a few technical books I am currently reading. I will leave the formal book reviews to others and cover what I a reading, why I am reading it, and what I hope to get out of it.
The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy (Syngress) by Patrick Engebretson
One of the more recent books I picked up after seeing it listed as suggested reading at a local security conference. The book is a fast read when I am actually reading it, but I am stopping frequently to play with BackTrack 5 in my various virtual sandboxes making a two to three day read take two to three weeks. I really don’t do a lot of pen testing and this book looked to be a good review of some of the basic tools out there. My hope is that this book will provide me with a renewed prospective on pen testing methodology that I can apply to protecting and securing information systems. At the very least this is a book I feel I can recommend to others just getting started in information technology and struggling to understand why we actually need lock things down.
Nmap Network Scanning: Official Nmap Project Guide to Network Discovery and Security Scanning by Gordon “Fyodor” Lyon
I have used Nmap off and on over the years and I am no stranger to its power. I picked up this book when I got The Basics of Hacking and Penetration Testing. I figured it can never hurt to have a good Nmap reference book on the self. I hope going through this book will give me that deep dive into using Nmap that will allow me to close a few gaps in my information security skills.
Metaploit: The Penetration Tester’s Guide (no starch press) by David Kennedy, Jim O’Gorman, Devon Kearns, and Mati Aharoni
I picked up this book a while back, read the first two chapters, and then got sidetracked by work and family life. I am really excited to get back into this book after I get through the The Basics of Hacking and Penetration Testing. While I don’t intend on becoming an exploit security researcher, I am hoping this book will give me a good understanding of the Metaploit framework. At the end of the day understanding tools like Metasploit should provide me with the knowledge to better secure information systems and networks.
These were a few of the security books I had on the shelf. Now for some reason they are all lying on top of a blank canvas on my living room floor. I guess I will have to find something else to fill the cyber gap in my bookshelf.
