Books: Difference between revisions
From SecurityTools
Added the SecurityTools Amazon affiliate tag to remaining non-affiliate links. |
Move all books to bulleted list, added more books |
||
| Line 2: | Line 2: | ||
=== A === | === A === | ||
[https://nostarch.com/bughunter A Bug Hunter's Diary] - No longer from the publisher as a print book, this e-book is a guide to finding and testing bugs in the applications we all run and the security implications of those bugs | |||
* [https://nostarch.com/bughunter A Bug Hunter's Diary] - No longer from the publisher as a print book, this e-book is a guide to finding and testing bugs in the applications we all run and the security implications of those bugs | |||
=== B === | === B === | ||
[https://amzn.to/3vLTL7s Blue Team Field Manual (BTFM)] - A Cybersecurity Incident Response Guide that aligns with the NIST Cybersecurity Framework | |||
* [https://amzn.to/3vLTL7s Blue Team Field Manual (BTFM)] - A Cybersecurity Incident Response Guide that aligns with the NIST Cybersecurity Framework | |||
=== C === | === C === | ||
[https://github.com/opsdisk/the_cyber_plumbers_handbook/ The Cyber Plumber's Handbook] - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss, plus a purchasable [https://opsdisk.gumroad.com/l/cphlab lab guide and hands-on interactive lab] for practicing what you learn. | |||
* [https://www.amazon.com/CompTIA-Security-Certification-Guide-SY0-601/dp/1260464008/?tag=securitytoo08-20 CompTIA Security+ All-in-One Exam Guide, 6th Edition] - A complete guide to studying for and passing your CompTIA Security+ certification test | |||
* [https://github.com/opsdisk/the_cyber_plumbers_handbook/ The Cyber Plumber's Handbook] - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss, plus a purchasable [https://opsdisk.gumroad.com/l/cphlab lab guide and hands-on interactive lab] for practicing what you learn. | |||
=== D === | === D === | ||
=== E === | === E === | ||
[https://book.ethicalhackinghtb.xyz/ Ethical Hacking with Hack the Box] - An online-book guide to getting started with ethical hacking | |||
* [https://book.ethicalhackinghtb.xyz/ Ethical Hacking with Hack the Box] - An online-book guide to getting started with ethical hacking | |||
=== F === | === F === | ||
[https://link.springer.com/book/10.1007/978-1-4842-6189-7 Firewalls Don't Stop Dragons] - A step-by-step guide to computer security and privacy for non-techies | * [https://www.amazon.com/exec/obidos/ASIN/0321268172/?tag=securitytoo08-20 File System Forensic Analysis] - An in-depth guide to the specifics of file systems and low-level forensic analysis | ||
* [https://link.springer.com/book/10.1007/978-1-4842-6189-7 Firewalls Don't Stop Dragons] - A step-by-step guide to computer security and privacy for non-techies | |||
=== G === | === G === | ||
[https://nostarch.com/GhidraBook The Ghidra Book] - A comprehensive guide to the NSA's reverse-engineering tool | |||
* [https://nostarch.com/GhidraBook The Ghidra Book] - A comprehensive guide to the NSA's reverse-engineering tool (also [https://www.amazon.com/Ghidra-Book-Definitive-Guide/dp/1718501021/?tag=securitytoo08-20 available from Amazon]) | |||
=== H === | === H === | ||
[https://nostarch.com/cybersecurityreallyworks How Cybersecurity Really Works] - A beginner's guide to the basics of security without being too technical | * [https://www.amazon.com/Hacker-Playbook-3-Book/dp/B0883B694R/?tag=securitytoo08-20 The Hacker Playbook (3 book collection)] - A step-by-step guide to the “game” of penetration hacking features hands-on examples and helpful advice from the top of the field. | ||
* [https://nostarch.com/cybersecurityreallyworks How Cybersecurity Really Works] - A beginner's guide to the basics of security without being too technical | |||
=== I === | === I === | ||
| Line 37: | Line 43: | ||
=== M === | === M === | ||
[https://www.amazon.com/Metasploit-Penetration-Testers-David-Kennedy/dp/159327288X/?tag=securitytoo08-20 Metasploit: The Penetration Tester's Guide] - The authoritative guide to the [[Metasploit|Metasploit Framework]] (also [https://nostarch.com/metasploit available directly from the publisher]) | |||
* [https://www.amazon.com/Metasploit-Penetration-Testers-David-Kennedy/dp/159327288X/?tag=securitytoo08-20 Metasploit: The Penetration Tester's Guide] - The authoritative guide to the [[Metasploit|Metasploit Framework]] (also [https://nostarch.com/metasploit available directly from the publisher]) | |||
=== N === | === N === | ||
[https://www.amazon.com/Nmap-Network-Scanning-Official-Discovery/dp/0979958717/ Nmap Network Scanning]: The Official Nmap Project Guide to Network Discovery and Security Scanning - The definitive guide to [[nmap]], but the tool's author, Fyoder | |||
* [https://www.amazon.com/Nmap-Network-Scanning-Official-Discovery/dp/0979958717/ Nmap Network Scanning]: The Official Nmap Project Guide to Network Discovery and Security Scanning - The definitive guide to [[nmap]], but the tool's author, Fyoder | |||
=== O === | === O === | ||
* [https://www.amazon.com/Open-Source-Intelligence-Techniques-Information/dp/B08RRDTFF9/?tag=securitytoo08-20 Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information] - Yes, the title is a mouhtful. This is one of the top books on OSInt practices | |||
=== P === | === P === | ||
[https://www.amazon.com/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593278020/?tag=securitytoo08-20 Practical Packet Analysis, 3rd Edition: Using Wireshark to Solve Real-World Network Problems] - A guide to making sense of [[Wireshark]] packet captures, IPv6 and SMTP, plus help on the powerful command line packet analyzers [[tcpdump]] and TShark | * [https://www.amazon.com/Penetration-Testing-Hands-Introduction-Hacking/dp/1593275641/?tag=securitytoo08-20 Penetration Testing: A Hand-On Introduction to Hacking] - An introduction to the core skills and techniques that every pentester needs (also [https://nostarch.com/pentesting available directly from the publisher]) | ||
* [https://www.amazon.com/Practical-Packet-Analysis-Wireshark-Real-World/dp/1593278020/?tag=securitytoo08-20 Practical Packet Analysis, 3rd Edition: Using Wireshark to Solve Real-World Network Problems] - A guide to making sense of [[Wireshark]] packet captures, IPv6 and SMTP, plus help on the powerful command line packet analyzers [[tcpdump]] and TShark | |||
[https://nostarch.com/nsm The Practice of Network Security Monitoring] - A detailed manual on what to watch for to help you detect and defend against intrusions on your network | * [https://nostarch.com/nsm The Practice of Network Security Monitoring] - A detailed manual on what to watch for to help you detect and defend against intrusions on your network | ||
* [https://amzn.to/3vNBlDi Purple Team Field Manual (PTFM)] - The purple team field manual is a manual for all security professionals and integrates red and blue team methodologies. | |||
[https://amzn.to/3vNBlDi Purple Team Field Manual (PTFM)] - The purple team field manual is a manual for all security professionals and integrates red and blue team methodologies. | |||
=== Q === | === Q === | ||
=== R === | === R === | ||
[https://amzn.to/3vKTDFm Red Team Field Manual (RTFM)] - A thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page | * [https://nostarch.com/bughunting Real-World Bug Hunting] - A hands-on guide to discovering and misusing software bugs | ||
* [https://amzn.to/3vKTDFm Red Team Field Manual (RTFM)] - A thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page | |||
=== S === | === S === | ||
| Line 69: | Line 77: | ||
=== W === | === W === | ||
[https://amzn.to/2XTBrwQ Wireshark 101: Essential Skills for Network Analysis - 2nd Edition] - Step-by-step instructions on the key functions and features of Wireshark | |||
* [https://amzn.to/2XTBrwQ Wireshark 101: Essential Skills for Network Analysis - 2nd Edition] - Step-by-step instructions on the key functions and features of Wireshark | |||
=== X === | === X === | ||
Revision as of 22:56, 31 October 2021
A non-exhaustive list of books covering a broad range of subjects which will interest security learners and practitioners.
A
- A Bug Hunter's Diary - No longer from the publisher as a print book, this e-book is a guide to finding and testing bugs in the applications we all run and the security implications of those bugs
B
- Blue Team Field Manual (BTFM) - A Cybersecurity Incident Response Guide that aligns with the NIST Cybersecurity Framework
C
- CompTIA Security+ All-in-One Exam Guide, 6th Edition - A complete guide to studying for and passing your CompTIA Security+ certification test
- The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss, plus a purchasable lab guide and hands-on interactive lab for practicing what you learn.
D
E
- Ethical Hacking with Hack the Box - An online-book guide to getting started with ethical hacking
F
- File System Forensic Analysis - An in-depth guide to the specifics of file systems and low-level forensic analysis
- Firewalls Don't Stop Dragons - A step-by-step guide to computer security and privacy for non-techies
G
- The Ghidra Book - A comprehensive guide to the NSA's reverse-engineering tool (also available from Amazon)
H
- The Hacker Playbook (3 book collection) - A step-by-step guide to the “game” of penetration hacking features hands-on examples and helpful advice from the top of the field.
- How Cybersecurity Really Works - A beginner's guide to the basics of security without being too technical
I
J
K
L
M
- Metasploit: The Penetration Tester's Guide - The authoritative guide to the Metasploit Framework (also available directly from the publisher)
N
- Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning - The definitive guide to nmap, but the tool's author, Fyoder
O
- Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information - Yes, the title is a mouhtful. This is one of the top books on OSInt practices
P
- Penetration Testing: A Hand-On Introduction to Hacking - An introduction to the core skills and techniques that every pentester needs (also available directly from the publisher)
- Practical Packet Analysis, 3rd Edition: Using Wireshark to Solve Real-World Network Problems - A guide to making sense of Wireshark packet captures, IPv6 and SMTP, plus help on the powerful command line packet analyzers tcpdump and TShark
- The Practice of Network Security Monitoring - A detailed manual on what to watch for to help you detect and defend against intrusions on your network
- Purple Team Field Manual (PTFM) - The purple team field manual is a manual for all security professionals and integrates red and blue team methodologies.
Q
R
- Real-World Bug Hunting - A hands-on guide to discovering and misusing software bugs
- Red Team Field Manual (RTFM) - A thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page
S
T
U
V
W
- Wireshark 101: Essential Skills for Network Analysis - 2nd Edition - Step-by-step instructions on the key functions and features of Wireshark
