by Jon Erickson: A seminal work that bridges the gap between theoretical knowledge and practical application, focusing on how systems work at a fundamental level (C programming, networking, and memory).

by Michael Sikorski & Andrew Honig: The industry standard for learning how to safely dissect and understand malicious software.

Once you understand the basics, these "bibles" of offensive security teach you how to identify and exploit vulnerabilities.

As you advance, you may want to specialize in specific areas of the threat landscape.