On Wed, May 18, 2011 at 7:54 PM, harrismh777 <harrismh...@charter.net> wrote: > Littlefield, Tyler wrote:
<snip> > Four resources that you will what to look into, in no particular order: > > Erickson, Jon, "Hacking: The Art of Exploitation," 2nd ed, > San Francisco: No Starch Press, 2008. This would be a very good choice. It's a bit light on details, but makes up for it by being exceptionally well-written and very accessible. > Anonymous, "Maximum Linux Security: A Hacker's Guide to Protecting > Your Linux Server and Workstation," Indianapolis: > Sams Publishing, 2000. > > (check for other editions) > (this volume is a good read, even for other platforms, > but is geared specifically to Linux) This is a good volume, but very dated. I'd probably pass on it. > Graves, Kimberly, "CEH Certified Ethical Hacker: Study Guide," > Indianapolis: Wiley Publishing, 2010. Briefly glancing over the TOC, this actually looks surprisingly good. CEH itself is a joke among black hats, but if this gets down to the nitty-gritty of actually performing the attacks it covers it sounds like a buy. > Seitz, Justin, "Gray Hat Python: Python Programming for Hackers > and Reverse Engineers," San Francisco: No Starch Press, 2009. I'd skip this one, as it isn't really focused on what you want. The web application hacker's handbook is probably more along the lines of what you need, if you're going for a book. There's also an older volume called 'counter hack' that gives a good overview of some of the ways that attacks proceed. Another recommend I'm surprised hasn't popped up already: 'security power tools' is a good way to get your foot in the door. It has a practical, no-nonsense approach and is split into self-contained chapters so you don't waste too much of your time on tools that aren't relevant to you. Geremy Condra -- http://mail.python.org/mailman/listinfo/python-list