/ Security

HumbleBundle Cybersecurity book bundle

HumbleBundle is widely known in gamer communities for its Pay What You Want bundles, with several levels of perks according to the price you pay.

But HumbleBundle is not limited to games and game-related offers. Indeed, in the latest book bundle, you'll find interesting reads if you are looking for an introduction to Cybersecurity. In this DRM-free bundle presented by Wiley, you'll find:

$1 Level

  • Social Engineering: The Art of Human Hacking
  • The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2nd Edition
  • Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation
  • Threat Modeling: Designing for Security

$8 Level

  • Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd Edition
  • The Shellcoder's Handbook: Discovering and Exploiting Security Holes, 2nd Edition
  • Cryptography Engineering: Design Principles and Practical Applications
  • The Art of Deception: Controlling the Human Element of Security
  • The Art of Memory Forensics: Detecting Malware and Threats in Windows, Linux, and Mac Memory

$15 Level

  • Malware Analyst's Cookbook and DVD: Tools and Techniques for Fighting Malicious Code
  • Unauthorised Access: Physical Penetration Testing For IT Security Teams
  • Secrets and Lies: Digital Security in a Networked World, 15th Anniversary Edition
  • CEH v9: Certified Ethical Hacker Version 9 Study Guide
  • Applied Cryptography: Protocols, Algorithms and Source Code in C, 20th Anniversary Edition

Please note that Bitcoin payment has been disabled for this bundle.

According to Dylan Houlihan (dsacco) on Hacker News, The Web Application Hacker's Handbook, Practical Reverse Engineering, Security Engineering, hellcoder's Handbook, and Cryptography Engineering are must reads.
However, you should probably avoid Social Engineering: The Art of Human Hacking and The Art of Deception as books about social engineering are not bad books per se, but are not very technical and their content can be superseded by your common sense, and what you can read online. Instead of The Art of Memory Forensics, he recommends The Art of Software Security Assessment or Practical Malware Analysis. According to him, Applied Cryptography is made obsolete by Cryptography Engineering.

Finally, the security consultant recommends books not included in the bundle:

  1. Gray Hat Python to learn how to write debuggers
  2. The Art of Software Security Assessment to to find CVEs
  3. The IDA Pro Book for reverse engineering as you'll likely use IDA Pro
  4. Practical Malware Analysis
  5. The Tangled Web written by the Direcotr of Security at Google. Actionable book if you're a developer looking to secure your apps.
  6. The Mobile Application Hacker's Handbook to learn about the security differences between Android and iOS.

Sources: HumbleBundle, German blog