Estou fechando a compra de /alguns/ livros pela Amazon focados em segurança. Claro tenho alguns títulos de S.O.(Sistema Operacional), JAVA, Arquitetura e afins, mas gostaria da ajuda de vocês em estar escolhendo os melhores livros para estudo, focados é claro no que eu já falei.

Por este motivo, eu lanço a seguinte promoção: A melhor indicação de livro de segurança, performance e sistema operacional que eu não tenha colocado no meu carrinho de compras da Amazon e que eu não possua na minha biblioteca levará o seguinte kit:

Coloquem as dicas nos comentários logo abaixo deste post. A promoção irá até a próxima segunda-feira, 18/07, às 14:00, horário o qual eu fecharei a compra dos livros. Serão 3 kits.

Não achem que é fácil não, a minha lista atual já está em 52 livros 🙂

Segue a lista dos livros, até agora:

HACKING EXPOSED WEB APPLICATIONS, 3rd Edition – Joel Scambray
Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition – Allen Harper
UNIX and Linux System Administration Handbook (4th Edition) – Evi Nemeth
UNIX and Linux System Administration Handbook (4th Edition) – Evi Nemeth
Solaris™ Performance and Tools: DTrace and MDB Techniques for Solaris 10 and OpenSolaris – Richard McDougall
Oracle Solaris 10 System Virtualization Essentials (Oracle Solaris System Administration Series) – Jeff Victor
The Art of Software Security Testing: Identifying Software Security Flaws – Chris Wysopal
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities – Mark Dowd
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities – Mark Dowd
Fuzzing: Brute Force Vulnerability Discovery – Michael Sutton
Network Maintenance and Troubleshooting Guide: Field Tested Solutions for Everyday Problems (2nd Edition) – Neal Allen
The Shellcoder’s Handbook: Discovering and Exploiting Security Holes – Chris Anley
The Shellcoder’s Handbook: Discovering and Exploiting Security Holes – Chris Anley
The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws – Dafydd Stuttard
Assembly Language Step-by-Step: Programming with Linux – Jeff Duntemann
Malware Analyst’s Cookbook and DVD: Tools and Techniques for Fighting Malicious Code – Michael Ligh
Hacker Techniques, Tools, and Incident Handling (Jones & Bartlett Learning Information Systems Security & Assurance Series) – Sean-Philip Oriyano
Security Strategies in Linux Platforms and Applications (Information Systems Security & Assurance) – Michael Jang
Reversing: Secrets of Reverse Engineering – Eldad Eilam
Live Hacking: The Ultimate Guide to Hacking Techniques & Countermeasures for Ethical Hackers & IT Security Experts – Ali Jahangiri
LPIC-2 Linux Professional Institute Certification Study Guide: Exams 201 and 202 – Roderick W. Smith
The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws – Dafydd Stuttard
JUNOS Security – Rob Cameron
Network Warrior – Gary A. Donahue
Junos Enterprise Routing: A Practical Guide to Junos Routing and Certification – Peter Southwick
Hardening Apache – Tony Mobily
Write Great Code: Volume 1: Understanding the Machine – Randall Hyde
Write Great Code, Volume 2: Thinking Low-Level, Writing High-Level – Randall Hyde
Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems – Chris Sanders
The IDA Pro Book: The Unofficial Guide to the World’s Most Popular Disassembler – Chris Eagle
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software – Michael Sikorski
Penetration Tester’s Open Source Toolkit, Vol. 2 – Jeremy Faircloth
Windows Forensic Analysis DVD Toolkit, Second Edition – Harlan Carvey
A Guide to Kernel Exploitation: Attacking the Core – Enrico Perla B.Sc. Computer Science University of Torino M.Sc. Computer Science Trinity College Dublin
Network and System Security – John R. Vacca
Seven Deadliest Wireless Technologies Attacks (Seven Deadliest Attacks) – Brad Haines
Seven Deadliest Web Application Attacks (Seven Deadliest Attacks) – Mike Shema
Seven Deadliest Network Attacks (Seven Deadliest Attacks) – Stacy Prowell
Seven Deadliest Microsoft Attacks (Seven Deadliest Attacks) – Rob Kraus
Dissecting the Hack: The F0rb1dd3n Network, Revised Edition – Jayson E. Street
Managed Code Rootkits: Hooking into Runtime Environments – Erez Metula
Web Application Obfuscation: ‘-/WAFs..Evasion..Filters//alert(/Obfuscation/)-‘ – Mario Heiderich
Web Application Obfuscation: ‘-/WAFs..Evasion..Filters//alert(/Obfuscation/)-‘ – Mario Heiderich
Practical Lock Picking: A Physical Penetration Tester’s Training Guide – Deviant Ollam
Penetration Tester’s Open Source Toolkit, Third Edition – Jeremy Faircloth
The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy – Patrick Engebretson
Coding for Penetration Testers: Building Better Tools – Jason Andress
The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System – Bill Blunden
BackTrack 4: Assuring Security by Penetration Testing – Shakeel Ali
Nginx 1 Web Server Implementation Cookbook – Dipankar Sarkar

Compartilhar:

Este post tem 32 comentários

  1. O pequeno Principe.

  2. Corporate Computer and Network Security (2nd Edition) – R. R. Panko

    uma amigo meu tem este livro e gostou muito! hehe

  3. Livro Hacking: A próxima geração

  4. Poxa…fiquei feliz com o post, acabei de fazer a compra de 4 livros na amazon e enviei para um amigo que está em NY e voltando para cá 🙂

    Não sei se vale pra promoçoção mas……

    Vão os títulos:
    “Hacking Exposed: Network Security Secrets and Solutions, Sixth Edition”
    Stuart McClure;

    “Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition”
    Allen Harper;

    “Hacking: The Next Generation (Animal Guide)”
    Nitesh Dhanjani;

    “Hands-On Information Security Lab Manual”
    Michael E. Whitman;

    Não comprei agora mas o tenho há um tempinho e acho sensacional:
    UNIX and Linux System Administration Handbook (4th Edition)
    Evi Nemeth (Author), Garth Snyder (Author), Trent R. Hein (Author), Ben Whaley (Author)

  5. esse não tem na amazon para vender.. só o em inglês e eu já possuo-o.

  6. Certificação Security + da Prática Para o Exame Syo – 301
    Mauser, Daniel; Diogenes, Yuri
    Novaterra

  7. É só inglês mesmo =\

  8. Só para coloborar mesmo sem a intenção de ganhar nada, um grande amigo, Luiz Vieria que é Consultor em Segurança da Informação
    Pentester – Investigador Forense Digital da 4Linux.
    me recomendou um que ele acha muito bom.

    Wiley Security Engineering 2nd.Edition.Apr.2008
    mais ainda não deu T$em$$p$$o para ver.

    Abraços

  9. Outra recomendação do Luiz Vieira é o
    PRACTICAL PACKET ANALYSIS 2 N D E D I T I O N
    Using Wireshark to Solve Real-World Network Problems.

    ainda estou procurando T$emp$$p$$o para vê-los.

    Abraços

  10. Pelo visto meu Ir.’. Luis já passou por aqui 🙂

    Gustavo meu brother, para quem trabalha na área de gestão e política de segurança eu indico esse:
    http://www.amazon.com/Information-Security-Policies-Made-Version/dp/1881585166/ref=sr_1_1?ie=UTF8&qid=1310753340&sr=8-1

    Security Information Policies Made Easy

    Baratinho, baratinho =)

    Outros bons:
    McGraw Hill – Hacker’s Challenge
    Syngress – Cyber Warfare

    Tem outros, mas agora estou dando aula e sem tempo de postar mais hehehe

  11. Luiz,

    o primeiro que vc indicou e que é bem baratinho daria para comprar, mas eu deixaria uns 10 para trás.. em um outro momento.. o Hacker’s Challenge é de 2006, desatualizado.

    Valeu pelas dicas

  12. segue…

    The Linux Programming Interface
    Michael Kerrisk e

    Book of PF, 2nd Edition
    Peter N.M. Hansteen

    Bom palpite ? 😉

  13. Construindo Supercomputadores Com Linux – Marcos Pitanga

    Creio que vc já tenha, mas com certeza vale a compra !

  14. Outro do grande Marcos Pitanga – Honeypots, a Arte de iludir Hackers.

  15. Estes são os que eu comprei esse ano, aproximado dos temas que vc deseja:

    Engenharia de Software – Wilson de Pádua Paula Filho
    Use a Cabeça Java – Kathy Sierra & Bert Bates
    Fundamentos de Sistemas Operacionais – Silberschatz, Galvin, Gagne
    O Melhor do Java – Jim Waldo
    Código Limpo – Robert C.Martin (muito bom)
    Algoritmos O guia Essencial – George T Heineman
    Computação em Nuvem – Anthony T.Velte/Toby J.Velte/Robert Elsenpeter
    Java Efetivo – Joshua Bloch
    Java Web Services – Martin Kalin
    Use a Cabeça Java Script
    Avaliaçao de desempenho de sistemas computacionais – Thienne Johnson e Mauro Marganho
    Redes Linux Livro de receitas – Carla Schroder
    Projeto Digital – Conceitos e principios – Mohammad A.Karim/Xinghao Chen

  16. Segredos do Hacker Ético

    by Marcos Flávio Araújo Assunção.

  17. Rootkits: Subverting the Windows Kernel

    The Design and Implementation of the FreeBSD Operating System

    Professional vSphere 5: Implementation and Management

    😀

  18. Auditing Cloud Computing: A Security and Privacy Guide (Wiley Corporate F&A)

  19. Bom vou dar meu pitaco:

    Writing Security Tools and Exploits (Paperback) by James C. Foster
    Sockets, Shellcode, Porting, and Coding (Paperback) by James C Foster
    Malware Analyst’s Cookbook and DVD (Paperback) by Michael Ligh
    Build Your Own Security Lab: A Field Guide for Network Testing [Paperback] by Michael Gregg (Author)
    Gray Hat Python: Python Programm… (Paperback) by Justin Seitz
    Botnets: The Killer Web App [Illustrated] [Paperback]
    97 Things Every Programmer Should Know: Collective Wisdom from the Experts [Paperback]

  20. Linux Perfomance e Monitoramento da editora Brasport, Marcelo Alves fez um belo trabalho nesse livro.
    Segurança em Sistemas Linux da Ciência Moderna; tem uma boa compilação de boas praticas.

  21. Gustavo, compartilha sua lista de livros com a gente

  22. São em inglês é são maravilhoso! 😉
    Cryptography Engineering: Design Principles and Practical Applications.
    http://www.amazon.com/Cryptography-Engineering-Principles-Practical-Applications/dp/0470474246/ref=sr_1_2?s=books&ie=UTF8&qid=1310831143&sr=1-2

    Official (ISC)2 Guide to the CISSP CBK, Second Edition ((ISC)2 Press)
    http://www.amazon.com/Official-Guide-CISSP-Second-Press/dp/1439809593/ref=pd_rhf_shvl_2

    BackTrack 4: Assuring Security by Penetration Testing
    http://www.amazon.com/BackTrack-Assuring-Security-Penetration-Testing/dp/1849513945/ref=pd_sim_b_14

  23. Eu recomendo esse:

    LPIC-1: Linux Professional Institute Certification Study Guide: (Exams 101 and 102)

  24. Gustavo, não sei se ja tem este, mas fica aqui mais uma recomendação “Protocolo TCP/IP – Behrouz A. Forouzan, Ed. Mc Graw Hill”

  25. Gustavo, se me permite vou mudar um pouco o assunto. Vi que você vai adquirir alguns livros que tratam sobre Solaris.
    Estou assumindo o setor de infra da empresa e possuímos alguns servidores solaris, gostaria de saber sua opnião e a dos nossos colegas sobre este sistema operacional comparado aos outros, vale a pena?

  26. Bem, não sei se você tem estes, mas em todo o caso:

    Cyber War: The Next Threat to National Security and What to Do About It – Richard A. Clarke;

    VMware ESX and ESXi in the Enterprise: Planning Deployment of Virtualization Servers (2nd Edition); e

    VMware vSphere 5 Clustering Technical Deepdive (Volume 2).

    Abraços!

  27. Ah sim, já ia esquecendo do Cisco Firewalls, do brazuca Alexandre Moraes.

    🙂

  28. “The Black book from Bitwise” Hacker’s Delight by Henry S. Warren

    “Wizard Book”Structure and Interpretation of Computer Programs, Second Edition by Harold Abelson, Gerald Jay Sussman and Julie Sussman ,

    “The Legendary K&R book”C Programming Language (2nd Edition) by Brian W. Kernighan and Dennis M. Ritchie

    “The Dragon Book” Compilers: Principles, Techniques, and Tools (2nd Edition) by Alfred V. Aho, Monica S. Lam, Ravi Sethi and

    “Sockets book” Unix Network Programming, Volume 1: The Sockets Networking API (3rd Edition) by W. Stevens, Bill Fenner and Andrew M. Rudoff (Nov 24, 2003)
    Jeffrey D. Ullman

    “Minix book” Operating Systems Design and Implementation (3rd Edition) by Andrew S. Tanenbaum and Albert S. Woodhull

    “gnu book” Debugging with GDB: The GNU Source-Level Debugger by Richard M. Stallman, Roland Pesch and Stan Shebs

    (Linux ASM book) Programming from the Ground Up by Jonathan Bartlett and Dominick Bruno Jr

    (the cammel book)Programming Perl by Larry Wall ..

    Linux System Programming: Talking Directly to the Kernel and C Library by Robert Love

    Secure Programming Cookbook for C and C++: Recipes for Cryptography, Authentication, Input Validation & More by John Viega

    Secure Coding: Principles and Practices by Mark G. Graff and Kenneth R. Van Wyk (Jul 2003)

    Secure Coding in C and C++ by Robert C. Seacord

    Secure TCP/IP Programming with SSL: Developer’s Guide by Edward Zaremba

    The Book of PF: A No-Nonsense Guide to the OpenBSD Firewall by Peter N. M. Hansteen

    Linux Firewalls: Attack Detection and Response with iptables, psad, and fwsnort by Michael Rash

    Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast by Paco Hope and Ben Walther

    Webbots, Spiders, and Screen Scrapers: A Guide to Developing Internet Agents with PHP/CURL by Michael Schrenk

    Linux Security Cookbook by Daniel J. Barrett, Richard E. Silverman and Robert G. Byrnes

    Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Gordon Fyodor Lyon

    Hacking: The Art of Exploitation, 2nd Edition
    Jon Erickson

    Reversing: Secrets of Reverse Engineering
    eldad eilam

    IPv6 Essentials by Silvia Hagen

    IPv6 Socket API Extensions: Programmer’s Guide by Qing Li, Jinmei Tatuya and Keiichi Shima

    Open Source Fuzzing Tools by Noam Rathaus and Gadi Evron

    The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities by Mark Dowd, John McDonald and Justin Schuh

    The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System by Bill Blunden

    WarDriving and Wireless Penetration Testing by Chris Hurley, Russ Rogers, Frank Thornton and Brian Baker

    Electronics Sensors for the Evil Genius: 54 Electrifying Projects
    thomas petruzellis

    30 Arduino Projects for the Evil Genius by Simon Monk

    (EMP GUN neste book xD )Electronic Gadgets for the Evil Genius : 28 Build-It-Yourself by Robert E. Iannini

  29. Exame de Redes Com Nmap – Lyon Gordon

    esse é otimo!

Deixe uma resposta

Fechar Menu