Tom Gallagher, Bryan Jeffries and Lawrence Landauer have produced a very useful book that they describe as follows:

Learn how to think like an attacker—and identify potential security issues in your software. In this essential guide, security testing experts offer practical, hands-on guidance and code samples to help you find, classify, and assess security bugs before your software is released.

Chapter Listing:

General Approach to Security Testing
Using Threat Models for Security Testing
Finding Entry Points
Becoming a Malicious Client
Becoming a Malicious Server
Spoofing
Information Disclosure
Buffer Overruns and Stack and Heap Manipulation
Format String Attacks
HTML Scripting Attacks
XML Issues
Canonicalization Issues
Finding Weak Permissions
Denial of Service Attacks
Managed Code Issues
SQL Injection
Observation & Reverse Engineering
ActiveX Repurposing
Additional Repurposing Attacks
Reporting Security Bugs

Appendix A: Tools of the Trade

Appendix B: Security Test Case Cheat Sheet