A fantastic guide to understand the web and the browser. It starts from a historic view of the web and evolves to cover the modern world.
System Security Resources
This is a collection of system security resources that I found it interesting.
Web
Tangled Web, A Guide to Securing Modern Web Applications.
Michal Zalewski
Threat modeling
Threat Modeling: Designing for Security
Adam Shostack
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities
Mark Dowd, John McDonald, Justin Schuh
Secure coding
Secure Coding in C and C++
Robert C. Seacord
A fantastic guide to really understand behind the hoods of a C/C++ program. It covers the explanations of different vulnerabilities but it does not guide you to exploit them. It covers the discussion on different coding standard, e.g., C99, OpenBSD and C11. One of the best book I have read.
Exploitation
Hacking, the Art of Exploitation
Jon Erickson
One of the bibles on exploitation. It covers shellcode, assembly, the exploitation of different vulnerabilities as well as some network and crypto attacks. Although the examples are mainly for 32 bit architecture, it is still a very good source of knowledge.
Reverse engineering
Practical Binary Analysis, Build Your Own Linux Tools for Instrumenting, Analyzing, and Disassembling Binaries
Dennis Andriesse
It covers entirely the binary and its parts. It is a fairly new book and most of the examples are on 64 bit architecture. It covers also dynamic taint analysis and symbolic execution with practical tools.
The IDA Pro Book, The Unofficial Guide to the World's Most Popular Disassembler
Chris Eagle
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
Bruce Dang, Alexandre Gazet, Elias Bachaalany, Sébastien Josse
Reversing: Secrets of Reverse Engineering
Eldad Eilam
