Books

A non-exhaustive list of books covering a broad range of subjects which will interest security learners and practitioners.

A

• A Bug Hunter's Diary - No longer available from the publisher as a printed book, this e-book is a guide to finding and testing bugs in the applications we run and the security implications of those bugs.

B

• The Basics of Hacking and Penetration Testing, 2nd Edition - An introduction to the steps used in performing a penetration test or practicing ethical hacking.
• Blue Team Field Manual (BTFM) - A Cybersecurity Incident Response Guide that aligns with the NIST Cybersecurity Framework.

C

• CompTIA Security+ All-in-One Exam Guide, 6th Edition - A complete guide to studying for and passing your CompTIA Security+ certification test.
• The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss, plus a purchasable lab guide and hands-on interactive lab for practicing what you learn.

D

E

F

• File System Forensic Analysis - An in-depth guide to the specifics of file systems and low-level forensic analysis.
• Firewalls Don't Stop Dragons - A step-by-step guide to computer security and privacy for non-techies.

G

• Getting Started Becoming the Master Hacker - OccupyTheWeb's guide to all things hacking. It introduces the reader to the basics needed to become a master hacker. (Also available at OTW's Hacker's Arise online store).
• The Ghidra Book - A comprehensive guide to the NSA's reverse-engineering tool (also available from Amazon).

H

• The Hacker Playbook (3 book collection) - A step-by-step guide to the “game” of penetration hacking that features hands-on examples and helpful advice from the top of the field. I have all three books, and each is worth getting.
• Hacking, the Art of Exploitation, 2nd Edition - A hacker's guide to programming and then using that knowledge to exploit applications as well as cover your tracks and break into wireless networks.
• How Cybersecurity Really Works - A beginner's guide to the basics of security without being too technical.

I

J

K

L

• Linux Basics for Hackers - A guidebook to learning the basics of Linux a hacker needs to know, through working with Kali Linux.

M

• Metasploit: The Penetration Tester's Guide - The authoritative guide to the Metasploit Framework (also available directly from the publisher).

N

• Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning - The definitive guide to nmap, but the tool's author, Fyoder.

O

• Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information - Yes, the title is a mouhtful. This is one of the top books on OSInt practices.

P

• Penetration Testing: A Hand-On Introduction to Hacking - An introduction to the core skills and techniques that every pentester needs (also available directly from the publisher).
• Practical Packet Analysis, 3rd Edition: Using Wireshark to Solve Real-World Network Problems - A guide to making sense of Wireshark packet captures, IPv6 and SMTP, plus help on the powerful command line packet analyzers tcpdump and TShark.
• The Practice of Network Security Monitoring - A detailed manual on what to watch for to help you detect and defend against intrusions on your network.
• Purple Team Field Manual (PTFM) - The purple team field manual is a manual for all security professionals and integrates red and blue team methodologies.

Q

R

• Real-World Bug Hunting - A hands-on guide to discovering and misusing software bugs.
• Red Team Field Manual (RTFM) - A thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page.

S

T

• Tribe of Hackers Blue Team - A guide to defensive security from some of the biggest names in the field.
• Tribe of Hackers Red Team - A guide to offensive security from some of the biggest names in the field.
• Tribe of Hackers Security Leaders - A guide to what CISSPs, CISOs, and other security leaders need to know to build solid cybersecurity teams and keep organizations secure.

U

V

W

• The Web Application Hacker's Handbook, 2nd Edition - Your guide to finding and exploiting vulnerabilities in online applications.
• Wireshark 101: Essential Skills for Network Analysis - 2nd Edition - Step-by-step instructions on the key functions and features of Wireshark.

X

Y

Z