API tools faq
paste
Advertisement
Guest User

Anon's "How to become a security engineer"

a guest
Apr 9th, 2018
346
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.30 KB | None | 0 0
raw download clone embed print report
  1. how to become a security engineer:
  2.  
  3. 1. The Web Application Hacker's Handbook
  4. Probably the first book you want to read; this will teach you the core mindset you need for finding security flaws in web applications as well as give a very strong foundation for the different classes of vulnerabilities.
  5.  
  6. 2. The Mobile Application Hacker's Handbook
  7. Good supplement to #1 for application security, obviously focused on mobile apps.
  8.  
  9. 3. The Art of Software Security Assessment
  10. The bible of the security industry. Especially instructive for source code review.
  11.  
  12. 4. Security Engineering (Ron Anderson)
  13. Supplements #3. Very instructive for injecting security into the overall SDLC and designing secure software.
  14.  
  15. 5. The Tangled Web
  16. Excellent historical background and good high level overview of many information security topics. Every engineer should read this, even if they don't work in security.
  17.  
  18. 6. Gray Hat Python
  19. Very hands on, good introduction to aspects of reverse engineering and the typical work an e.g. security consultant will do at a top firm.
  20.  
  21. 7. Practical Malware Analysis
  22. Very good introduction to malware analysis.
  23.  
  24. 8. Practical Reverse Engineering
  25. This book, along with #9 will teach you everything you need to know to effectively reverse engineer software for security-focused analysis.
  26.  
  27. 9. Reversing: Secrets of Reverse Engineering
  28.  
  29. 10. The IDA Pro Book
  30. You'll want this if you have any plan to work with IDA Pro at all, which is the gold standard for decompiling and reversing software.
  31.  
  32. 11. The Shellcoder's Handbook
  33. If you'd like to write exploits after you're done reversing software to find an exploitable bug, this is a good book to pick up.
  34.  
  35. 12. Cryptography Engineering
  36. Very solid and broad introduction to cryptography. Every engineer should read this, even if they don't work in security.
  37.  
  38. 13. Introduction to Modern Cryptography
  39. This book, along with #14 is what you want to read if you're going to work as a cryptographer or cryptanalyst professionally.
  40.  
  41. 14. Handbook of Applied Cryptography
  42.  
  43. Theoretically, these books should resolve your known-unknowns and your unknown-unknowns. Anyone who reads and works through the list should be capable of designing secure software, finding errors in white and black box source code reviews and finding errors in white and black box penetration tests.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!