b0telh0…

Achei interessante essa área no blog http://foren6.wordpress.com/ e resolvi “copiar” :)
Vou postar alguns livros sobre pentest, exploitation, fuzzing e etc. São livros que possuo, que eu gostaria de ter ou ler pelo menos.

Dicas são sempre bem vindas!

Professional Penetration Testing: Creating and Operating a Formal Hacking Lab
Thomas Wilhelm has delivered pen testing training to countless security professionals and now through the pages of this book you can benefit from his years of experience as a professional penetration tester and educator. After reading this book you will be able to create a personal penetration test lab that can deal with real-world vulnerability scenarios.

Penetration Tester’s Open Source Toolkit, Vol. 2
This second volume adds over 300 new pentesting applications included with BackTrack 2 to the pen tester’s toolkit. It includes the latest information on Snort, Nessus, Wireshark, Metasploit, Kismet and all of the other major Open Source platforms.

SQL Injection Attacks and Defense
This is the only book devoted exclusively to this long-established but recently growing threat. It includes all the currently known information about these attacks and significant insight from its contributing team of SQL injection experts.

The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws
The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications.

Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Nmap Network Scanning is the official guide to the Nmap Security Scanner, a free and open source utility used by millions of people for network discovery, administration, and security auditing.

The Shellcoder’s Handbook: Discovering and Exploiting Security Holes
This much-anticipated revision, written by the ultimate group of top security experts in the world, features 40 percent new content on how to find security holes in any operating system or application.

The Mac Hacker’s Handbook
Written by two white hat hackers, this book is aimed at making vital information known so that you can find ways to secure your Mac OS X systems, and examines the sorts of attacks that are prevented by Leopard’s security defenses, what attacks aren’t, and how to best handle those weaknesses.

Gray Hat Python: Python Programming for Hackers and Reverse Engineers
Gray Hat Python explains the concepts behind hacking tools and techniques like debuggers, trojans, fuzzers, and emulators. But author Justin Seitz goes beyond theory, showing you how to harness existing Python-based security tools – and how to build your own when the pre-built ones won’t cut it.

Fuzzing: Brute Force Vulnerability Discovery
Fuzzing is the first and only book to cover fuzzing from start to finish, bringing disciplined best practices to a technique that has traditionally been implemented informally.

*Todos os textos são do site amazon.com.