Books are an excellent low cost learning resource. For learning computer security there is only way to learn, and that is by doing. All the books in the world will not help you unless you actually DO. As I learn more and travel down the information security / computer security path, I will update this page with books I find useful.

One book I would highly recommend for learning the basics is Hacking: The Art of Exploitation

Hacking: The Art of Exploitation, 2nd Edition

This is not a beginner book. If you have knowledge of C and an understanding of OSI then you will have no problem with this book. The book goes through:

  • Programming
  • Exploitation
  • Networking
  • Shellcode
  • Countermeasures
  • Cryptology
This book was published in 2008, the content is still very relevant. The virtual machine is an outdated version of Ubuntu, this allows for you to follow examples provided in the book. For updates and errata 


Attacking Network Protocols A Hacker’s Guide to Capture, Analysis, and Exploitation

Attacking Network Protocols is written by the rock star security researcher James Forshaw. He is currently ranked 12 on Microsoft’s Top 100 Security Researcher List and works at Project Zero. This book should be required reading for anyone looking to get into security research.

The outline of the book is shown below:

  • Chapter 1: The Basics of Networking
  • Chapter 2: Capturing Application Traffic
  • Chapter 3: Network Protocol Structures
  • Chapter 4: Advanced Application Traffic Capture
  • Chapter 5: Analysis from the Wire
  • Chapter 6: Application Reverse Engineering
  • Chapter 7: Network Protocol Security
  • Chapter 8: Implementing the Network Protocol
  • Chapter 9: The Root Causes of Vulnerabilities
  • Chapter 10: Finding and Exploiting Security Vulnerabilities

You can download a more in-depth table of contents from the No-Starch website (PDF).

There are many more books which I will review and add to the page in the future.