Hacking Exposed
by Stuart McClure, George Kurtz and Joel Scambray
When Hacking Exposed was first published in 1999 there really wasn't anything quite like it. Nobody had dared to be so open about such a topic. This book changed that thinking and kicked off an entire industry of copycat and related books.
The Practice of Programming
by Brian W. Kernighan and Rob Pike
The classic. Great advice. Great examples. Every programmer should have a copy.
The Art of Software Security Assessment: Identifying and Preventing Software Vulnerabilities
by Mark Dowd, John McDonald and Justin Schuh
Written by absolute experts in their field, this is one of the books to get if you want to learn about application security and hacking.
Gray Hat Hacking The Ethical Hackers Handbook
by Allen Harper, Shon Harris, Jonathan Ness and Chris Eagle
Really detailed information here that you won't find in many other places.
Effective TCP/IP Programming: 44 Tips to Improve Your Network Programs
by Jon C. Snader
A great resource to enable you to write robust and effective networking code. There are some real gems in here.
Fatal System Error: The Hunt for the New Crime Lords Who Are Bringing Down the Internet
by Joseph Menn
The remarkable and somewhat disturbing story investigating the Russian cyber-mob and the American mafia and how two investigators got closer to the titans of the underground economy than any previous outsider.
Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground
by Kevin Poulsen
"The word spread through the hacking underground like some unstoppable new virus: Someone—some brilliant, audacious crook—had just staged a hostile takeover of an online criminal network that siphoned billions of dollars from the US economy." A really good read.
Coding For Penetration Testers
by Jason Andress and Ryan Linn
The book serves two purposes. The first is a quick introduction to and summary of various computer programming languages (Python, Perl, Ruby, PHP) and scripting environments. The second is how to utilize those languages in the context of network vulnerability assessment and penetration testing. It's a great resource and introduction to some languages and features that the user may not be familiar with but wishes to use in their professional pen testing career.
Web Application Security: A Beginner's Guide
by Bryan Sullivan and Vincent Liu
Despite the "beginner" attribute, this is no watered down dummies guide. It is a very well written serious guide to web application security, describing all of the major attack vectors in a clear manner together with discussions on how to defend against the vulnerabilities and misconfigurations. Highly recommended.