One of the questions people keep on sending my way is about what books I recommend. Well, there are several out there that are good and worth reading. I'll list a few here:
- Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
- Social Engineering: The Art of Human Hacking by Christopher Hadnagy
- Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
- The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
- Red Teams and Counterterrorism Training by Stephen Sloan
- Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
- Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
- The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
- Snort IDS and IPS Toolkit (Jay Beale's Open Source Security) by several authors
- Schneier on Security by Bruce Schneier
There are many more, but these will get you started.