Here is a list of books I was looking at getting to teach myself socket programming and tcp/ip protocols along with vulnerabilities and weakness's of systems.


The shellcoders handbook: Discovering and exploiting security holes
Unix Network Programming, Volume 1: The Sockets Networking API (3rd Edition)
Hacking: The Art of Exploitation, 2nd Edition
Rootkits: Subverting the Windows Kernel
Reversing: Secrets of Reverse Engineering
Assembly Language Step-by-step: Programming with DOS and Linux
Assembly Language and Computer Architecture Using C++ and Java™


I believe in order to fully understand the Shell coders handbook I would need to understand assembly language, and also reverse engineering I hear is quite difficult with-out an in-depth understanding of just about everything.

This post has been edited by IngeniousHax: 25 Apr, 2009 - 01:48 PM

I've got a copy of Hacking, and it's pretty good - they give you a LiveCD that's preloaded with all the tools that they teach you to use, along with walking you through some of the basics of assembly and decompiling.

Very nice, yeah im a little curious, im gonna try and teach myself socket protocols and how to program them into some c++ code, and also teach myself tcp/ip along with it...

Nice list. I might try to buy them. Thanks.

This post has been edited by firebolt: 26 Apr, 2009 - 05:40 AM

I may also suggest one other I have recently discovered
the complete hackers handbook
It's written by an individual named Dr.K who started out in the early 80's and has since began working the government, which is why his name is not really published, but it sounds like a very good reading, talks about why hackers do what they do, the reasons for hacking, the basics of hacking, and all kinds of stuff. It seemed like an extremely interesting book.
The above list totaled out to 350.00 USD

This post has been edited by IngeniousHax: 26 Apr, 2009 - 09:44 PM

Hey so as one who has at least one of those books on the list, the Hackers: Art of Exploit book, I'd say they are worth it. The Art of Exploitation is a very promising book, as I'm 60 pages in and I'm throughly enjoying it. I'm wishing to be a security professional, and code is one of the aspects I'm trying to understand. C++ will be my language of choice and the intro sec of programming in this book has really helped me out.

The author guides you through basic debugging and compling of ones source code. Neat stuff while also learning about how code is actually seen by the machine.

--------

On another note, I'm buying the Rootkits book for my birthday in a couple weeks. I'd buy it from the recommendations off Amazon alone (usually how I go about buying books irregardless). Its a 5-star with great reviews so I'd say its worth adding to the library.

Another book you might be curious in is Counter Hack by Skoudis. Its a bit older but if your interested in exploitation and various hacker techniques its a pretty good read. That was the book I just put down before H:AoE. Anyways, hope this helps, and if anyone has other books I'd be interested in them.

My List:

Rootkits :Subverting WinKernal
Web Application Hacking : Hacker's Handbook
Gray Hat Hacking
C++ Std Library

Very good introduction to reversing.

very good i will download all these books.

Yeah i'm working on finishing up Hacking:The Art of Exploitation, I'm currently on page 217, the only problem I have with it, is some of the little programs don't work as planned and require a little more attention such as the server.c program, I would have to configure my router to allow requests on the specifed port I set up. Also the LiveCD for me doesn't work, it just boots into a blank screen with the <somename> :~$ thing, no GUI or nothin IDK if that's how it's supposed to be or what, but it makes my computer sound like its gonna explode, so I just use my good ol' Ubuntu. Other than that, the book is excellent and is great for anyone, from beginner to experts, I believe everyone could pick something up out of this book. I also have started reading A Complete Hackers Handbook and it's interesting, it teaches you the history of hacking and war-dialing and all kinds of fun stuff. Gives some incite on other things aswell like how to protect yourself against any kind of legal actions and how far is too far. Old time famous hackers and media portrayals.

I've also recently picked up Web Security Basics, haven't opened it yet, but it's kinda old and should be an interesting read for an introduction to the web workings and security protocols they use.

I wouldn't exactly suggest Algorithms in C++ unless you have a decent background in mathematics or a decent understanding of arrays and pointers and all kinds of jazz, a lot of it is over my head right now, granted I just started C++ this semester.

Did you ever get the ports forwarded on your router? I remember you had that problem with your socket project. Looks like you addressed this in your last post...



That's just the way it goes. You're opening a port on your pc, & it's listening for connections. However your router will only do as it's told. Your router is going to drop the traffic (requests), until you tell it to forward the requests from the outside world to the pc on the network that is waiting for traffic on that port.

If you are going to be doing network development (coding) then I would suggest getting yourself an intro to networking book as well. It will make understanding the server/client software, easier.

I am curious why you want all these security & assembler books? Depending on the age of the security books, chances are a lot of the exploits are patched, & all of those assembly & dissassembly books looks like you are looking to get into reverse engineering software.

Well its not so much as reverse engineering, its more along the lines of I wanna learn how computers work thoroughly, from the low level to high level programming, from simple porting to advanced firewalling, I just wanna know how everything works, I know there is a ton of stuff to learn and most of it will be outdated by the time I even get around to reading any of the books, but knowing how things worked in the past can only help you in the future.

And as for the port forwarding on my router, I forgot the password and username to my router so I can't access it. =/. IDK, I could probably reset it or something, but IDK if it is really worth it right now, I may end up doing so when I get a tcp/ip book and such.

I would really like to land a job with some kind of cool gov't agency like the CIA or there's one, I can't remember the name, but it's like the CIA's CIA and htey have a test once a year for computer people, and if you pass their little test you can be offered a job as long as you are able to qualify for a top secret clearance.

I'm not so sure that books on how to bypass security is really the best way to learn how stuff works. Sounds like you are wanting to learn how other things work


Do you have any sort of a setup other than a DHCP network? If not then you have nothing really to loose...


If you really want to get a job that requires high security, I would strongly suggest against the material you're currently reading. The information you're after (& researching) is going to more than likely get you into trouble, tarnishing your record, & completely ruining any chances that you have of getting any high-security clearance career.

But this is just my 2 cents, you do whatever you like You'll figure it out.

Haha, yeah I don't really intend on doing anything in large networks, if anything once I start learning how to break things, I want to get a second computer that I can set up as a personal little warez network and just test things against my own stuff.

Well I run off a wireless network and iDK if that really matters, but I had to configure it through my gparents computer using a CD and all kinds of gayness, so I just think it is more of a hassle than it is really worth.

But as for the books im looking up and eventually going to read, I just kinda wanna know how people do these things, I don't really ever plan to implement them and do any malicious activites with my knowledge infact i'd much rather just know how exploits and weakness's are found and exploited so I can learn from them myself and create better and bigger things to attempt to thwart these other individual, specially script-kiddies who just use the tools, not knowing how they work.

Those CD's are just a GUI that sets up the network configuration for you. When you run a DHCP network (that covers both wired & wireless ) you don't really need to do much other than hook up the physical locations, & then log onto the router, setup your wireless encryption, & then mirror those settings to your wireless devices. Lastly change your router password.

1,2,3... not too difficult. No CD really required

Oh, very nice, I suppose I will have to try that. What ever would I do with-out a No2Pencil...I suppose I would be lost, furiously and frantically searching all around google for not so user friendly tutorials...

Gracias good sir.

I cover a range of books in various languages on my blog. Some of them are my personal favorites and some are ones I know can help programmers of various skill levels.

Martyr2's Programming Underground - Book Recommendations For A Variety of Languages

Enjoy!

Yeah I was lookin at the BIG C++ book, I heard it's a real good one.

Hi Martyr,

I'm with you on Code Complete as belonging in everyone's library.
Sorry if this is old news but did you know that Code Complete 2 is out?
http://www.cc2e.com/
Worth getting just to force a re-read and recharge the memes IMO.

=( I just calculated my "Wish List" on Amazon and came to find out, the 13 books im looking at eventually getting is somewhere in the range 505.50...Laaaaaame! Whatever though, I guess that's why they call it a wish list, and a library builds over time.

I'm a bit late for this thread but Aggressive Network Self-Defense by Neil R. Wyler, Bruce Potter, and Chris Hurley was a pretty cool read. It was a little over my noob head at times but it gave me massive insight into how hacking works. I would love to be able to wipe some pathetic thief's system for snooping around in my machine!