I didn't bring up the list, nor did I make that list for exploit developers. Someone else posted the list, and I said that of the books on it, only TAOSSA would be particularly relevant.
It's amusing that you think finding memory corruption bugs (or, "C bugs in open source software") is irrelevant to exploit development, but, O.K.
I just felt that your post could create mismatch of expectations for someone asking specifically about exploit development..
You're twisting my reply a bit though, I didn't say it's irrelevant. It does not cover binary auditing other than a casual mention (which is what I mean by open source) and it does not discuss exploit writing other than a brief intro of the theory behind them.
Chapter 4, Page 167:
"Exploit creation and software auditing are two different-but highly complementary-skill sets. ...The coverage is not intended as a definiteive guide to exploiting memory corruption vulnerabilities, but it does provide the background you need to understand and appreciate many of the vulnerabilities covered throughout this book."
It then goes on to recommend that:
"Readers interested in learning more about exploiting memory corruption vulnerabilities should pick up The Shellcoder's Handbook, or Exploiting Software ...". It also suggests Phrack and Uninformed journals.
I've read Shellcoder's Handbook and recommend it, however, it is out of date now. Despite this, I don't think the value has diminished, as current exploits build on all of the basics discussed there. Another I recommend is Hacking: The Art of Exploitation. I have not read Exploiting Software.
It's amusing that you think finding memory corruption bugs (or, "C bugs in open source software") is irrelevant to exploit development, but, O.K.