Books: Difference between revisions
From SecurityTools
Added The Cyber Plumber's Handbook book and link Tags: Reverted Visual edit |
→E: Remove online Ethical Hacking guide-book, as site is now defunct. |
||
| (7 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
[https://github.com/opsdisk/the_cyber_plumbers_handbook/ The Cyber Plumber's Handbook] - | A non-exhaustive list of books covering a broad range of subjects which will interest security learners and practitioners. | ||
=== A === | |||
* [https://nostarch.com/bughunter A Bug Hunter's Diary] - No longer available from the publisher as a printed book, this e-book is a guide to finding and testing bugs in the applications we run and the security implications of those bugs. | |||
=== B === | |||
* [https://www.amazon.com/Basics-Hacking-Penetration-Testing-Ethical/dp/0124116442/?tag=securitytoo08-20 The Basics of Hacking and Penetration Testing, 2nd Edition] - An introduction to the steps used in performing a penetration test or practicing ethical hacking. | |||
* [https://amzn.to/3vLTL7s Blue Team Field Manual (BTFM)] - A Cybersecurity Incident Response Guide that aligns with the NIST Cybersecurity Framework. | |||
=== C === | |||
* [https://www.amazon.com/CompTIA-Security-Certification-Guide-SY0-601/dp/1260464008/?tag=securitytoo08-20 CompTIA Security+ All-in-One Exam Guide, 6th Edition] - A complete guide to studying for and passing your CompTIA Security+ certification test. | |||
* [https://github.com/opsdisk/the_cyber_plumbers_handbook/ The Cyber Plumber's Handbook] - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss, plus a purchasable [https://opsdisk.gumroad.com/l/cphlab lab guide and hands-on interactive lab] for practicing what you learn. | |||
=== D === | |||
=== E === | |||
=== F === | |||
* [https://www.amazon.com/exec/obidos/ASIN/0321268172/?tag=securitytoo08-20 File System Forensic Analysis] - An in-depth guide to the specifics of file systems and low-level forensic analysis. | |||
* [https://link.springer.com/book/10.1007/978-1-4842-6189-7 Firewalls Don't Stop Dragons] - A step-by-step guide to computer security and privacy for non-techies. | |||
=== G === | |||
* [https://www.amazon.com/gp/product/B081Y5262X/?tag=securitytoo08-20 Getting Started Becoming the Master Hacker] - OccupyTheWeb's guide to all things hacking. It introduces the reader to the basics needed to become a master hacker. (Also available at OTW's [https://www.hackers-arise.com/online-store Hacker's Arise online store]). | |||
* [https://nostarch.com/GhidraBook The Ghidra Book] - A comprehensive guide to the NSA's reverse-engineering tool (also [https://www.amazon.com/Ghidra-Book-Definitive-Guide/dp/1718501021/?tag=securitytoo08-20 available from Amazon]). | |||
=== H === | |||
* [https://www.amazon.com/Hacker-Playbook-3-Book/dp/B0883B694R/?tag=securitytoo08-20 The Hacker Playbook (3 book collection)] - A step-by-step guide to the “game” of penetration hacking that features hands-on examples and helpful advice from the top of the field. I have all three books, and each is worth getting. | |||
* [https://www.amazon.com/Hacking-Art-Exploitation-Jon-Erickson/dp/1593271441/?tag=securitytoo08-20 Hacking, the Art of Exploitation, 2nd Edition] - A hacker's guide to programming and then using that knowledge to exploit applications as well as cover your tracks and break into wireless networks. | |||
* [https://nostarch.com/cybersecurityreallyworks How Cybersecurity Really Works] - A beginner's guide to the basics of security without being too technical. | |||
=== I === | |||
=== J === | |||
=== K === | |||
=== L === | |||
* [https://www.amazon.com/Linux-Basics-Hackers-Networking-Scripting/dp/1593278551/ Linux Basics for Hackers] - A guidebook to learning the basics of Linux a hacker needs to know, through working with [[Kali Linux]]. | |||
=== M === | |||
* [https://www.amazon.com/Metasploit-Penetration-Testers-David-Kennedy/dp/159327288X/?tag=securitytoo08-20 Metasploit: The Penetration Tester's Guide] - The authoritative guide to the [[Metasploit|Metasploit Framework]] (also [https://nostarch.com/metasploit available directly from the publisher]). | |||
=== N === | |||
* [https://www.amazon.com/Nmap-Network-Scanning-Official-Discovery/dp/0979958717/ Nmap Network Scanning]: The Official Nmap Project Guide to Network Discovery and Security Scanning - The definitive guide to [[nmap]], but the tool's author, Fyoder. | |||
=== O === | |||
* [https://www.amazon.com/Open-Source-Intelligence-Techniques-Information/dp/B08RRDTFF9/?tag=securitytoo08-20 Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information] - Yes, the title is a mouhtful. This is one of the top books on OSInt practices. | |||
=== P === | |||
* [https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641/?tag=securitytoo08-20 Penetration Testing: A Hand-On Introduction to Hacking] - An introduction to the core skills and techniques that every pentester needs (also [https://nostarch.com/pentesting available directly from the publisher]). | |||
* [https://www.amazon.com/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593278020/?tag=securitytoo08-20 Practical Packet Analysis, 3rd Edition: Using Wireshark to Solve Real-World Network Problems] - A guide to making sense of [[Wireshark]] packet captures, IPv6 and SMTP, plus help on the powerful command line packet analyzers [[tcpdump]] and TShark. | |||
* [https://nostarch.com/nsm The Practice of Network Security Monitoring] - A detailed manual on what to watch for to help you detect and defend against intrusions on your network. | |||
* [https://amzn.to/3vNBlDi Purple Team Field Manual (PTFM)] - The purple team field manual is a manual for all security professionals and integrates red and blue team methodologies. | |||
=== Q === | |||
=== R === | |||
* [https://nostarch.com/bughunting Real-World Bug Hunting] - A hands-on guide to discovering and misusing software bugs. | |||
* [https://amzn.to/3vKTDFm Red Team Field Manual (RTFM)] - A thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page. | |||
=== S === | |||
=== T === | |||
* [https://www.amazon.com/Tribe-Hackers-Blue-Team-Cybersecurity-ebook/dp/B08GC1QHGY/?tag=securitytoo08-20 Tribe of Hackers Blue Team] - A guide to defensive security from some of the biggest names in the field. | |||
* [https://www.amazon.com/Tribe-Hackers-Red-Team-Cybersecurity/dp/1119643325/?tag=securitytoo08-20 Tribe of Hackers Red Team] - A guide to offensive security from some of the biggest names in the field. | |||
* [https://www.amazon.com/Tribe-Hackers-Security-Leaders-Cybersecurity/dp/1119643775/?tag=securitytoo08-20 Tribe of Hackers Security Leaders] - A guide to what CISSPs, CISOs, and other security leaders need to know to build solid cybersecurity teams and keep organizations secure. | |||
=== U === | |||
=== V === | |||
=== W === | |||
* [https://www.amazon.com/Web-Application-Hackers-Handbook-Exploiting/dp/1118026470/?tag=securitytoo08-20 The Web Application Hacker's Handbook, 2nd Edition] - Your guide to finding and exploiting vulnerabilities in online applications. | |||
* [https://amzn.to/2XTBrwQ Wireshark 101: Essential Skills for Network Analysis - 2nd Edition] - Step-by-step instructions on the key functions and features of Wireshark. | |||
=== X === | |||
=== Y === | |||
=== Z === | |||
Latest revision as of 16:27, 30 October 2024
A non-exhaustive list of books covering a broad range of subjects which will interest security learners and practitioners.
A
- A Bug Hunter's Diary - No longer available from the publisher as a printed book, this e-book is a guide to finding and testing bugs in the applications we run and the security implications of those bugs.
B
- The Basics of Hacking and Penetration Testing, 2nd Edition - An introduction to the steps used in performing a penetration test or practicing ethical hacking.
- Blue Team Field Manual (BTFM) - A Cybersecurity Incident Response Guide that aligns with the NIST Cybersecurity Framework.
C
- CompTIA Security+ All-in-One Exam Guide, 6th Edition - A complete guide to studying for and passing your CompTIA Security+ certification test.
- The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss, plus a purchasable lab guide and hands-on interactive lab for practicing what you learn.
D
E
F
- File System Forensic Analysis - An in-depth guide to the specifics of file systems and low-level forensic analysis.
- Firewalls Don't Stop Dragons - A step-by-step guide to computer security and privacy for non-techies.
G
- Getting Started Becoming the Master Hacker - OccupyTheWeb's guide to all things hacking. It introduces the reader to the basics needed to become a master hacker. (Also available at OTW's Hacker's Arise online store).
- The Ghidra Book - A comprehensive guide to the NSA's reverse-engineering tool (also available from Amazon).
H
- The Hacker Playbook (3 book collection) - A step-by-step guide to the “game” of penetration hacking that features hands-on examples and helpful advice from the top of the field. I have all three books, and each is worth getting.
- Hacking, the Art of Exploitation, 2nd Edition - A hacker's guide to programming and then using that knowledge to exploit applications as well as cover your tracks and break into wireless networks.
- How Cybersecurity Really Works - A beginner's guide to the basics of security without being too technical.
I
J
K
L
- Linux Basics for Hackers - A guidebook to learning the basics of Linux a hacker needs to know, through working with Kali Linux.
M
- Metasploit: The Penetration Tester's Guide - The authoritative guide to the Metasploit Framework (also available directly from the publisher).
N
- Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning - The definitive guide to nmap, but the tool's author, Fyoder.
O
- Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information - Yes, the title is a mouhtful. This is one of the top books on OSInt practices.
P
- Penetration Testing: A Hand-On Introduction to Hacking - An introduction to the core skills and techniques that every pentester needs (also available directly from the publisher).
- Practical Packet Analysis, 3rd Edition: Using Wireshark to Solve Real-World Network Problems - A guide to making sense of Wireshark packet captures, IPv6 and SMTP, plus help on the powerful command line packet analyzers tcpdump and TShark.
- The Practice of Network Security Monitoring - A detailed manual on what to watch for to help you detect and defend against intrusions on your network.
- Purple Team Field Manual (PTFM) - The purple team field manual is a manual for all security professionals and integrates red and blue team methodologies.
Q
R
- Real-World Bug Hunting - A hands-on guide to discovering and misusing software bugs.
- Red Team Field Manual (RTFM) - A thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page.
S
T
- Tribe of Hackers Blue Team - A guide to defensive security from some of the biggest names in the field.
- Tribe of Hackers Red Team - A guide to offensive security from some of the biggest names in the field.
- Tribe of Hackers Security Leaders - A guide to what CISSPs, CISOs, and other security leaders need to know to build solid cybersecurity teams and keep organizations secure.
U
V
W
- The Web Application Hacker's Handbook, 2nd Edition - Your guide to finding and exploiting vulnerabilities in online applications.
- Wireshark 101: Essential Skills for Network Analysis - 2nd Edition - Step-by-step instructions on the key functions and features of Wireshark.
