jcundiff wrote: » Counter Hack Reloaded
aderon wrote: » Is that book still relevant? I bought it like a decade ago, but never got around to reading it. And I've been shying away from it now because it seems like most of the info wouldn't be up to date anymore. If it's got staying power though, I'll have to add it back to my reading list.
iBrokeIT wrote: » For social engineering, the Kevin Mitnick books like Ghost in Wires and The Art of Deception are really good...
beads wrote: » Finding Threat Modeling: Designing for Security to be quite helpful. Most items the author is bringing up about a quarter the way through are either things that I didn't know I was already doing (relief) or new ways of doing things that I could be doing more efficiently (helpful). Any of the 'Hacking Exposed' books are worth going through as well. They may seem a bit dated but if your reading the SANS diary on a daily basis you'll see there aren't really a lot of new or novel hacks coming our way. What you see is more and more DoS and "new tricks for old dogs" types of hacks and exploits. Basically everything old is new again in our world. Seen a new class of hack lately? Reloaded is much the same and very much worthwhile for the same reasons above. It doesn't have to be cutting edge to worth reading, just applicable. - b/eads
wes allen wrote: » This is a great book on risk:https://www.amazon.com/Measuring-Managing-Information-Risk-Approach/dp/0124202314 And, if you need a little non fiction to break things up - cryptonomicon and reamde are great reads.
