Security book reviews from inside the infosec industry.

Security Book Reviews

A selection of book reviews and suggestions for the Information Security Community, brought to you by the dreamcats conspiracy.

Latest Reviews

The Cloud Security Rules Review

The Cloud Security Rules, a book authored by no less than 18 people is as mixed as you might expect. Best viewed as a collection of essays, there are some brilliantly written articles paired with some that will leave you scratching your head.

Read More

Hacking: The Art of Exploitation, 2nd Edition Review

Hacking: The Art of Exploitation 2nd Edition is a well thought out and expanded update to the original similarly named book. It's often considered to be a must read. Having read the 1st edition some years ago I thought I'd dust off the 2nd edition copy that I never got round to reading and have a sit down with it. Here are my thoughts.

Read More

Practical Packet Analysis Review (2nd Edition)

Practical Packet Analysis - Using Wireshark to Solve Real-World Network Problems is a fairly deep book well suited for those looking to roll up their sleeves and get their hands dirty with in-depth network analysis. While it's not quite a missing manual for wireshark, it's certainly useful for anyone looking to get more intimate with everyone's favourite packet sniffer.

Read More

The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy Review

For some reason book titles have to be almost a paragraph long. The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy (or TBoHPT:EHPTME... nope, I give up) is no exception. It seems strange to read through a beginning penetration testing book, given that I've been penetration testing for far too long but I thought I'd have a look, given that we're looking to take on more juniors and it's always good to have an up to date reference for them (we currently use McNab's excellent Network Security Assessment as a network testing reference, but it is long overdue an update).

Read More

Violent Python Review

Violent Python, a "Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers" is a relatively broad book with a lot of interesting material inside. While it's getting on a bit, and isn't without some annoying flaws there's enough jewels in the book to make it worth a read, providing you have a computer to hand.

Read More

The Web Application Hacker's Handbook, 2nd Edition

The running joke at work is that there are two things you need for web app testing, Burp Suite Pro and the Web App Hacker's Handbook. It's not a very funny joke, but it is true. If you're looking at getting into web application security testing, you need this book.

Read More