List of books I have found helpful. (Ever growing or Changing)
Hacking the Art of Exploitation, 2nd Edition – Buffer overflows explained in depth.
The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws, 2nd Edition – The title says it all. 🙂
Applied Cryptography 2nd (second) edition Text Only – Every pen tester needs to understand cryptography to some degree.
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning – Looking to ID open ports or application/OS versions? This is the bible for nmap.
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers, 1st Edition – To do this work you will need a scripting language and Python is a great one for most tasks.
Metasploit: The Penetration Tester’s Guide, 1st Edition – The tool most pen tester learn to use first and for good reason.
Android Hacker’s Handbook, 1st Edition – If mobile application security is your thing I would start here.