Reddit mentions: The best security design books
We found 14 Reddit comments discussing the best security design books. We ran sentiment analysis on each of these comments to determine how redditors feel about different products. We found 5 products and ranked them based on the amount of positive reactions they received. Here are the top 20.
1. Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks
- Triwing screwdriver is made specifically for Nintendo Wii
- Rare part, hard to find in stores
- You will need this tool if you're going to open up your Wii System.
Features:
Specs:
Height | 9.29132 Inches |
Length | 7.4803 Inches |
Number of items | 1 |
Release date | October 2012 |
Weight | 1.4109584768 Pounds |
Width | 0.55118 Inches |
2. Practical Lock Picking: A Physical Penetration Tester's Training Guide
- Model :DP-4, Idea for Dosing CA / MG / AB Water or other liquid
- 4 Channel Dosing Pump
- Each Channel Provides 1 to 9999ml per day,24 timer per day
- Can interval 30 days to dosing, Easy Set different time of the Dosing Pump
- Q max (L/m): 70, Dimension: 9.25" x 5.11" x 2.55"
- NOTE: User manual and user guide attached in this page - kindly refer it
Features:
Specs:
Height | 9 Inches |
Length | 7.25 Inches |
Number of items | 1 |
Weight | 1.2199940654556 Pounds |
Width | 0.75 Inches |
3. Information Technology & Insights: Audit Controls: Bringing a Vision and Understanding to Effective Practices (The Erudite Collection)
Specs:
Height | 9 Inches |
Length | 6 Inches |
Number of items | 1 |
Weight | 0.18 Pounds |
Width | 0.11 Inches |
4. Crime Prevention Through Environmental Design
Specs:
Height | 9.25 Inches |
Length | 7.5 Inches |
Number of items | 1 |
Weight | 1.7857443222 Pounds |
Width | 0.88 Inches |
5. Practical Lock Picking: A Physical Penetration Tester's Training Guide
- Tpr comfort gel thermoplastic rubber combines superior cushioning and energy return for ultimate comfort
- Anatomical cushioning system dual density gels absorb impact and shock where the heel needs it most
- Heel cup provides extra cushioning for the heel
- Country of origin is China
Features:
Specs:
Release date | September 2010 |
🎓 Reddit experts on security design books
The comments and opinions expressed on this page are written exclusively by redditors. To provide you with the most relevant data, we sourced opinions from the most knowledgeable Reddit users based the total number of upvotes and downvotes received across comments on subreddits where security design books are discussed. For your reference and for the sake of transparency, here are the specialists whose opinions mattered the most in our ranking.
Wow, 24 hours and no replies?!
Fine, you know what? FUCK IT!
Alright, first off - While you can concentrate on physical, understanding the basics of the digital side of things will make you more valuable, and arguably more effective. I'll take this opportunity to point you at Metasploit and tell you to atleast spend an hour or so each week working to understand it. I'm not saying you have to know it backwards or inside-out, just get a basic understanding.
But you said you want to go down the physical path, so fuck all that bullshit I said before, ignore it if you want, I don't care. It's just a suggestion.
Do you pick locks? Why not? Come on over to /r/Lockpicking and read the stickied post at the top. Buy a lockpick set. You're just starting so you can go a little crazy, or be conservative. Get some locks (Don't pick locks you rely on!) at a store, and learn the basics of how to pick.
Your fingers will get sore. Time to put down the picks and start reading:
That reading list right there gives you over 2000 pages to read. Read. Read More.
Tired of Reading? Have you been listening to the Social-Engineer.org Podcasts? 53 quality podcasts right there. Time to catch up!
Tired of listening? Take a break! And by "Take a break" I mean grab your lockpicks, a lock, and start picking while you relax with a Jayson Street video. He's fun to watch, and will hopefully distract you while you try picking a lock. Also, he highlights how you don't have to be a computer-genius to be good at PenTesting. Go watch more of his videos while you pick locks - It's entertaining at least, and informative/educational at best. Now go watch Deviant Ollam's videos if you're done with Jayson Street.
Sounds like a lot? It's not. You'll spend a bit of money getting started with picks, locks, and books. It's the nature of the game, no good way around it. It's time-consuming. You may have to give up playing your favourite games for a while. But the things you learn and skills you develop will pay more than that game did. By the time you're halfway through any one of those books you'll have a much better idea of what questions you want or need to ask in order to progress further and faster every day.
Go to Security Cons. DerbyCon is awesome, and happens in late September, plenty of time to start saving money and making reservations. Talk to people, ask questions, and make connections. You will learn more in those 4 days than some people learn in months or years and you'll have tons of fun.
If you can swing it, attend Deviant Ollam's "Physical Security Skills for Penetration Testers" class. The things you will learn in that class will make it worth every damned penny, and you'll feel like a bad-ass at the end of it.
Is this what you wanted?
There is a ton of info in the sidebar. The wiki is your friend on free materials.
I highly recommend Lockpicking - Detail Overkill. The Author /u/derpserf used to poke his head in this sub a while back. Really in depth shit. (he would want me to use an expletive)
As far as printed media, I am a huge fan of Deviant Ollam. (Disclaimer: I have hung out with him at Defcon and have a bit of a man crush). He is a super nice guy who is very passionate about teaching what he loves to do. His two books (one about [picking and how locks operate(http://www.amazon.com/Practical-Lock-Picking-Second-Edition/dp/1597499897) and another on impressioning & bypass methods) are awesome.
Hope that helps.
Edit: added links
[Non-Fiction] Information technology & Insights: Audit Controls (Free Monday - September 9th - Tuesday September10th) [Kindle]
​
Focusing on industry best practices while including some of the most bleeding edge methodologies, Information Technology & Insights: The Erudite Collection helps to build students and professional’s competency, assessment skills, and talent.
The Erudite Collection is brimming with checklists and procedures; this book enables you to put these new insights into action immediately. The book outlines IT processes in detail, allowing the student or professional to acquire the necessary skills, a greater understanding of roles, and a profound view of technology deployments.
The book teaches practical techniques that will be used on a daily operational basis while furthering the readers understanding by using examples in the form of case studies titled Insights throughout the collection. Information Technology & Insights: The Erudite Collection will be a valuable resource for Information Technology professionals who wear various hats and IT students.
https://www.amazon.com/Information-Technology-Insights-Understanding-Collection/dp/1720081883/ref=sr_1_1?s=amazon-devices&ie=UTF8&qid=1536553019&sr=8-1&keywords=R.+Allen+Conner&dpID=51mm1w70VFL&preST=_SY291_BO1,204,203,200_QL40_&dpSrc=srch
I don't do magic. =)
Lockpicking is like trying to solve a jigsaw puzzle in the dark. Each lock presents a different challenge. You have to train yourself to visualize what's going on inside of the lock from the feedback that you feel through your tools. Some locks are really easy to solve while others are much, MUCH more complicated and tricky. Before I started this on Boxing Day, I had no clue how to pick locks. But thanks to this book that my wife bought for me to go with my lockpicking set and practice lock (which she also got for me!) I have learned quite a bit. It's an excellent book!
These books combined with the eBooks / resources in the stickied post will keep you busy for the next 10 years or so.
You could think about prewiring doors & windows for sensors, with the wiring terminating in an interior lockable closet for an alarm box. You might also want to prewire inside/outside sirens, AC/battery interconnected smoke alarms, and likely locations for security cameras. I'd pull Cat 5 or Cat 6 back to the same closet, you can run power + video or power + IP on a single strand of Cat 5/6. Also good exterior lighting, and extend the power/network wiring to the detached garage, so you can have a camera on the house watching the garage, and a camera on the garage watching the house.
While you're spec'ing out building materials, it's a good opportunity to choose doors + windows with security in mind - security film/glass, strong doors, good hinge/latch hardware.
If it were me, I'd think about building a low-budget saferoom - doesn't have to be Hollywood star quality, but an interior closet with a sturdy door, and a phone/Internet connection inside, room for a few people + a gun safe.
I'd be inclined to make the windows tough to look in from the outside - with thin but unpleasant bushes (like rose bushes) underneath so people can't hide there, and don't want to be there.
This book might be of interest:
https://www.amazon.com/Crime-Prevention-Through-Environmental-Design/dp/0124116353/
Yeah, I've been thinking of actually getting into this hobby. I was looking around for resources and found this book: Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam. Would you recommend it or know another resource? Here's a link to the book: http://www.amazon.com/gp/product/1597496111/ref=s9_simh_gw_p14_d7_g14_i1?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=center-5&pf_rd_r=0WKF110A7B9A11RQNP6B&pf_rd_t=101&pf_rd_p=470939291&pf_rd_i=507846
Might I recommend this book for you?
http://www.amazon.com/Practical-Lock-Picking-Physical-Penetration/dp/1597496111/ref=sr_1_10?s=books&ie=UTF8&qid=1334005134&sr=1-10
it helped me a ton.
Practical Lock Picking: A Physical Penetration Tester's Training Guide is well written. The author is Deviant Ollam who has contributed greatly to locksport.
There's some older stuff, too!
Shoes and I gave a talk in 2010 that focused specifically on ways to attacks locks just with key blanks and non-working keys. The first 20 minutes focuses on features of keys, photography, molding, casting, and other related topics.
Deviant's second book Keys to the Kingdom (2012) focused on procedures for many key/blank-based attacks, as well.
From this Amazon listing stating "Publication Date: October 8, 2012", and talking with Deviant on Twitter.
This, his second book (on bypassing locks WITH a key) on "the topics of impressioning, master key escalation, skeleton keys, and bumping attacks", also comes out shortly.
http://www.amazon.com/Practical-Lock-Picking-Penetration-ebook/dp/B004Q9TZSY/ref=sr_1_2?ie=UTF8&qid=1345523786&sr=8-2&keywords=ollam
http://www.amazon.com/Keys-Kingdom-Impressioning-Privilege-Escalation/dp/1597499838/ref=la_B005TCK66M_1_2?s=books&ie=UTF8&qid=1410827606&sr=1-2
See this link. What you are talking about is privilege escalation. Attack the key, own the lock.