

Show HN: Security Book Reviews - My side project for hackers and makers - iuguy
http://securitybookreviews.eu/

======
iuguy
I was trying to find reviews of a couple of technical security books this
weekend and found I had the option of reading fairly short reviews on Amazon,
or finding disparate reviews on the web. Given that there wasn't a dedicated
review site I thought I'd put this up.

Does anyone on HN have any requests for reviews or suggestions for the site?

~~~
professorTuring
I have one,try adding an index or table of contents with all the books you
review, also the "upcoming" ones.

It will became handy in the future.

Regards.

~~~
iuguy
That sounds like a great idea thanks, I think I'll steal it if that's ok with
you!

~~~
professorTuring
Be my guest.

------
tachion
The idea seems great, but in first review I've read randomly I've found
something that makes me wonder how valid are they - it's mentioning that
Backtrack 5 R3 is now heavily out of date in the "Violent Python" review,
while, according to Backtrack's website, its the latest version available.

~~~
doktrin
slight tangent : as a developer with little background in security, can
someone help me understand the role of security specific distros in real world
pen testing?

In other words, what are some specific draws to using pre-rolled distros like
Backtrack or Kali instead of configuring a standard Linux distro with the
necessary tools? I would be much more inclined to tweak my Arch (or whatever)
image rather than futz around inside a new environment.

~~~
count
Laziness / efficiency.

Some of the tools require specific kernel configurations/etc. to work properly
(like wifi or bluetooth sniffers/fuzzers). These can sometimes be either a)
tricky to install, b)hard to get to cooperate, or c) mutually exclusive.

Backtrack et. al. save the security practitioner a bunch of time getting a ton
of tools in place all at once that are (mostly) pre-vetted to not do anything
stupid, and to work together.

Beyond that, if you're doing it professionally, most folks I know use
something like Backtrack to get a new device setup, and then heavily
customize/modify it from there.

If you're doing it...for fun, a bootable CD leaves no logs and can be used on
any computer on any network without having to pre-install stuff.

------
girlvinyl
Thanks for this. I manage security consultants and constantly have questions
from people who want to get into the field. I'm going to just send them to
your site and call it a reading list.

~~~
iuguy
Oh wow, thanks! I'm putting tagging together at the moment and hope to have
ratings and top books by tag. Is there anything else you think I should put in
to help people starting out?

~~~
girlvinyl
Tagging or a mention about beginner, intermediate or other skill level might
be good. It's great as it is though, there aren't a lot of good resources like
this that round up books in this niche. Maybe do a top 10 list for beginners
and link to each review?

