A non-exhaustive list of books covering a broad range of subjects which will interest security learners and practitioners.
A[edit | edit source]
- A Bug Hunter's Diary - No longer available from the publisher as a printed book, this e-book is a guide to finding and testing bugs in the applications we run and the security implications of those bugs.
B[edit | edit source]
- The Basics of Hacking and Penetration Testing, 2nd Edition - An introduction to the steps used in performing a penetration test or practicing ethical hacking.
- Blue Team Field Manual (BTFM) - A Cybersecurity Incident Response Guide that aligns with the NIST Cybersecurity Framework.
C[edit | edit source]
- CompTIA Security+ All-in-One Exam Guide, 6th Edition - A complete guide to studying for and passing your CompTIA Security+ certification test.
- The Cyber Plumber's Handbook - The definitive guide to Secure Shell (SSH) tunneling, port redirection, and bending traffic like a boss, plus a purchasable lab guide and hands-on interactive lab for practicing what you learn.
D[edit | edit source]
E[edit | edit source]
- Ethical Hacking with Hack the Box - An online-book guide to getting started with ethical hacking.
F[edit | edit source]
- File System Forensic Analysis - An in-depth guide to the specifics of file systems and low-level forensic analysis.
- Firewalls Don't Stop Dragons - A step-by-step guide to computer security and privacy for non-techies.
G[edit | edit source]
- Getting Started Becoming the Master Hacker - OccupyTheWeb's guide to all things hacking. It introduces the reader to the basics needed to become a master hacker. (Also available at OTW's Hacker's Arise online store).
- The Ghidra Book - A comprehensive guide to the NSA's reverse-engineering tool (also available from Amazon).
H[edit | edit source]
- The Hacker Playbook (3 book collection) - A step-by-step guide to the “game” of penetration hacking that features hands-on examples and helpful advice from the top of the field. I have all three books, and each is worth getting.
- Hacking, the Art of Exploitation, 2nd Edition - A hacker's guide to programming and then using that knowledge to exploit applications as well as cover your tracks and break into wireless networks.
- How Cybersecurity Really Works - A beginner's guide to the basics of security without being too technical.
I[edit | edit source]
J[edit | edit source]
K[edit | edit source]
L[edit | edit source]
- Linux Basics for Hackers - A guidebook to learning the basics of Linux a hacker needs to know, through working with Kali Linux.
M[edit | edit source]
- Metasploit: The Penetration Tester's Guide - The authoritative guide to the Metasploit Framework (also available directly from the publisher).
N[edit | edit source]
- Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning - The definitive guide to nmap, but the tool's author, Fyoder.
O[edit | edit source]
- Open Source Intelligence Techniques: Resources for Searching and Analyzing Online Information - Yes, the title is a mouhtful. This is one of the top books on OSInt practices.
P[edit | edit source]
- Penetration Testing: A Hand-On Introduction to Hacking - An introduction to the core skills and techniques that every pentester needs (also available directly from the publisher).
- Practical Packet Analysis, 3rd Edition: Using Wireshark to Solve Real-World Network Problems - A guide to making sense of Wireshark packet captures, IPv6 and SMTP, plus help on the powerful command line packet analyzers tcpdump and TShark.
- The Practice of Network Security Monitoring - A detailed manual on what to watch for to help you detect and defend against intrusions on your network.
- Purple Team Field Manual (PTFM) - The purple team field manual is a manual for all security professionals and integrates red and blue team methodologies.
Q[edit | edit source]
R[edit | edit source]
- Real-World Bug Hunting - A hands-on guide to discovering and misusing software bugs.
- Red Team Field Manual (RTFM) - A thorough reference guide for serious Red Team members who routinely find themselves on a mission without Google or the time to scan through a man page.
S[edit | edit source]
T[edit | edit source]
- Tribe of Hackers Blue Team - A guide to defensive security from some of the biggest names in the field.
- Tribe of Hackers Red Team - A guide to offensive security from some of the biggest names in the field.
- Tribe of Hackers Security Leaders - A guide to what CISSPs, CISOs, and other security leaders need to know to build solid cybersecurity teams and keep organizations secure.
U[edit | edit source]
V[edit | edit source]
W[edit | edit source]
- The Web Application Hacker's Handbook, 2nd Edition - Your guide to finding and exploiting vulnerabilities in online applications.
- Wireshark 101: Essential Skills for Network Analysis - 2nd Edition - Step-by-step instructions on the key functions and features of Wireshark.