Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save carnal0wnage/606c41ac6ec40bf5c69d4db96d9312e3 to your computer and use it in GitHub Desktop.
Save carnal0wnage/606c41ac6ec40bf5c69d4db96d9312e3 to your computer and use it in GitHub Desktop.
Red Team Books
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
Social Engineering: The Art of Human Hacking by Christopher Hadnagy
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
Snort IDS and IPS Toolkit (Jay Beale's Open Source Security) by several authors
Schneier on Security by Bruce Schneier
The Red Team Handbook (PDF) (
The Practice Of Network Security Monitoring, Richard Bejtlich
Metasploit, The Penetration Tester's Guide, David Kennedy
Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers, TJ O'Connor
Rtfm: Red Team Field Manual, Ben Clark
Open Source Intelligence Techniques - 3rd edition (2014) by Michael Bazzell.
Joint Doctrine Note 1-16, “Command Red Team.” by the U.S. Department of Defense. (
The Mission, The Men, and Me: Lessons from a Former Delta Force Commander, Pete Blaber
The Art of War, Sun Tzu
The Book of Five Rings, Miyamoto Musashi
Inside Delta Force, Eric Haney
Human Intelligence, Counterterrorism, and National Leadership: A Practical Guide, Gary Berntsen
Maneuver Warfare Handbook (Westview Special Studies in Military Affairs), William S Lind
Silent Warfare: Understanding the World of Intelligence, Abram N. Shulsky
The Gift of Fear and Other Survival Signals that Protect Us From Violence, Gavin de Becker
Red Teams and Counterterrorism Training, Stephen Sloan
Escape the Wolf – Personal Security Handbook for the Traveling Professional, Clint Emerson
On Killing: The Psychological Cost of Learning to Kill in War and Society, Dave Grossman
Killer Elite: The Inside Story of America's Most Secret Special Operations Team, Michael Smith
Chosen Soldier, Dick Couch
KODO: Ancient Ways: Lessons in the Spiritual Life of the Warrior/Martial Artist , Kensho Furuya
Man in the Shadows: Inside the Middle East Crisis with a Director of Israel's Mossad, Efraim Halevy
The Essence of Aikido: Spiritual Teachings of Morihei Ueshiba, Morihei Ueshiba
Let My People Go Surfing: The Education of a Reluctant Businessman, Yvon Chouinard
Emergency: This Book Will Save Your Life, Neil Strauss
The Rock Warrior's Way: Mental Training for Climbers, Arno Ilgner
Brotherhood of Warriors: Behind Enemy Lines with a Commando in One of the World's Most Elite Counterterrorism Units, Aaron Cohen
Powerful Peace: A Navy SEAL’s Lessons on Peace from a Lifetime at War, Rob DuBois
The Red Circle, Brandon Webb
The Art of Intelligence: Lessons from a Life in the CIA's Clandestine Service, Henry A. Crumpton
The Unfettered Mind: Writings from a Zen Master to a Master Swordsman. By Takuan Soho.
Left of Bang: How the Marine Corps' Combat Hunter Program Can Save Your Life, by Patrick Van Horne.
Team of Teams, by Gen. Stanley McChrystal.
Red Team: How to Succeed By Thinking Like the Enemy, by Micah Zenko.
Extreme Ownership: How U.S. Navy SEALs Lead and Win, by Jocko Willink and Leif Babin.
About Face: The Odyssey of an American Warrior, Colonel David H. Hackworth.
From Andre Gironda via Sans advisory board mailing list post
A Guide to Kernel Exploitation: Attacking the Core
Abusing the Internet of Things
(!) Advanced Penetration Testing: Hacking the World's Most Secure Networks
Advanced Penetration Testing for Highly-Secured Environments, 2nd Edition
Advanced Persistent Threat Hacking
Analyzing Social Media Networks with NodeXL
Android Security Cookbook
Anti-Hacker's Tool Kit, 4th Edition
Anticipating Surprise: Analysis for Strategic Warning
Bioteams: High Performance Teams Based on Nature's Most Successful Designs
Black Hat Python
Broker, Trader, Lawyer, Spy: The Secret World of Corporate Espionage
Building a Cyber Fortress
Building a Pentesting Lab for Wireless Networks
(*) Building an Intelligence-Led Security Program
Building Virtual Pentesting Labs for Advanced Penetration Testing, 2nd Edition
(*) CISO's Guide to Penetration Testing: A Framework to Plan, Manage, and Maximize Benefits
(*) Corporate Security Intelligence and Strategic Decision Making
Counterdeception Principles and Applications for National Security
(*) Cyber Operations: Building, Defending, and Attacking Modern Computer Networks
Cybersecurity: Managing Systems, Conducting Testing, and Investigating Intrusions
(!) Darkweb Cyber Threat Intelligence Mining
Data-Driven Security: Analysis, Visualization, and Dashboards
(!) DNS Security: Defending the Domain Name System
Enterprise Cybersecurity: How to Build a Successful Cyberdefense Program Against Advanced Threats
Essential Cybersecurity Science
Exploring SE for Android
(!) Gray Hat C#
Gray Hat Hacking: The Ethical Hacker's Handbook, 4th Edition
Gray Hat Python
Hacking Android
(!) Hacking Exposed Industrial Control Systems
Hacking Exposed Linux, 3rd Edition
(*) Hacking Web Intelligence
Hacking Wireless Access Points
(!*) Hash Crack: Password Cracking Manual
(!*) How to Measure Anything in Cybersecurity Risk
How NASA Builds Teams
HTML5 Security
Identifying Malicious Code through Reverse Engineering
Instant Burp Suite Starter
Intermediate Security Testing with Kali Linux 2
Introduction to Social Media Investigation
(*) Investigative Interviewing
Kali Linux 2 Assuring Securtiy by Penetration Testing, 3rd Edition
Kali Linux Wireless Penetration Testing: Beginner's Guide
Kali Linux Wireless Penetration Testing Essentials
Learning iOS Security
(*) Managing the Insider Threat: No Dark Corners
Mastering Kali Linux Wireless Pentesting
(!) Mastering Metasploit, 2nd Edition
(!) Mastering Modern Web Penetration Testing
(*) Mastering the Nmap Scripting Engine
Mastering Wireless Penetration Testing for Highly Secured Environments
(!) Mastering Wireshark 2
(*) Measuring and Managing Information Risk
Mobile Application Penetration Testing
Network Analysis Using Wireshark Cookbook
(*) Network Attacks and Exploitation: A Framework
(!*) Network Security Assessment, 3rd Edition
(!) Network Security Through Data Analysis, 2nd Edition
Offensive Countermeasures: The Art of Active Defense
Open Source Intelligence Techniques
Packet Analysis with Wireshark
Penetration Testing
Python Penetration Testing for Developers
Rebels at Work: A Handbook for Leading Change From Within
ReModel: Create mental models to improve your life and lead simply and effectively
Red Teams and Counterrorism Training
Reverse Deception: Organized Cyber Threat Counter-Exploitation
Risk Centric Threat Modeling
Rtfm: Red Team Field Manual
SELinux Cookbook
(!) SELinux System Administration, 2nd Edition
Secrets of Analytical Leaders
Securing the Clicks: Network Security in the Age of Social Media
(!) Security Testing with Kali Nethunter
Six Figure Management Method
Social Engineering Penetration Testing
Social Media Security
(!) Splunk: Enterprise Operational Intelligence Delivered
(*) The Analyst's Cookbook, Volumes 1 and 2
The Antivirus Hacker's Handbook
The Art and Discipline of Strategic Leadership
The Art of Software Security Assessment
(*) The Applied Critical Thinking Handbook: Formerly the Red Team Handbook
(*) The Complete Guide to Shodan
(!) The Director's Manual
(*) The Hacker Playbook 2
The Human Skills: Elicitation & Interviewing, 2nd Edition
The Master Switch: The Rise and Fall of Information Empires
The Mobile Application Hacker's Handbook
The Tangled Web
Unauthorised Access: Physical Penetration Testing For IT Security Teams
Violent Python
Web Penetration Testing with Kali Linux
(!) Windows Stack Exploitation 2
Wireshark Essentials
Wireshark for Security Professionals
Wireshark Network Security
The ones marked with (!) are new and have novel or unique tactics and techniques. The ones marked with (*) are, at least to me, core-essential books on Red Teaming.
CG books every red teamer needs to read (in no particular order cept for Phoenix Project - that should be high on the list)
The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win - Gene Kim (Author), Kevin Behr (Author), George Spafford (Author)
Red Team: How to Succeed By Thinking Like the Enemy - Micah Zenko
Practical Lock Picking: A Physical Penetration Tester's Training Guide - Deviant Ollam
Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks - Deviant Ollam
Unauthorised Access: Physical Penetration Testing For IT Security Teams - Wil Allsopp
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws 2nd Edition - Dafydd Stuttard (Author), Marcus Pinto (Author)
LAN Switch Security: What Hackers Know About Your Switches - Eric Vyncke, Christopher Paggen
Incident Response & Computer Forensics, Third Edition
Gray Hat Python: Python Programming for Hackers and Reverse Engineers - Justin Seitz
Black Hat Python: Python Programming for Hackers and Pentesters - Justin Seitz
Vulnerability Assessment of Physical Protection Systems - Mary Lynn Garcia
More stuff here - need to be udpated
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment