Created
October 14, 2015 01:04
-
-
Save numberwhun/de23f428ef2d88dbf216 to your computer and use it in GitHub Desktop.
PenTesting Recommended Reading
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Taken from: http://www.dfir.org/?q=node/8 | |
Recommended Reading | |
This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering, and other related topics. These books range from introductory texts to advanced research works. While some of these books may seem dated, the information contained is still very useful to people learning today, and much of the information is essential to becoming proficient in the information security realm. | |
Please note that, in order to avoid ranking individual books, each category is listed in alphabetical order and each book is listed in alphabetical order within its category. | |
If you notice any errors with this page or have books that you think should be listed then please contact me. I will only list books that I have personally read and for which I am willing to vouch. | |
Application Security - Native | |
Title Comments Technical Level | |
The Art of Software Security Assessment The Bible of source code auditing Intermediate-Advanced. Ability to read C/C++ required to get full value. | |
Secure Coding in C and C++ Arguably the best text for writing secure low-level code Accessible to all that can read/write C and C++ | |
Application Security - Web | |
Title Comments Technical Level | |
The Browser Hacker's Handbook Written by the authors of BeEF. A detailed look into many web security topics Covers basic through advanced topics | |
The Database Hacker's Handbook The most detailed book available for attacking databases Covers basic through advanced topics | |
The Tangled Web A detailed look at the foundations of web protocols followed by a thorough examination of their weakness. Highly, highly recommended Accessible to all. The beginning chapters cover background needed for later advanced topics | |
The Web Application Hacker's Handbook Covers a wide range of web security issues Intermediate | |
Cryptography | |
Title Comments Technical Level | |
Cryptography Engineering The (updated) standard for learning cryptography Ranges from background and introduction to deep algorithms and security considerations | |
Introduction to Modern Cryptography A well-done, formal look at cryptography. Used in many graduate level computer science programs Advanced - full understanding requires deep mathematical knowledge | |
Database Forensics | |
Title Comments Technical Level | |
Microsoft SQL Server Internals Examination of MSSQL akin to the OS-level examination of Windows Internals Intermediate - learn database basics before reading | |
SQL Server Forensic Analysis A deep look at forensic analysis of MSSQL Systems Intermediate - learn database basics before reading | |
Digital Forensics and Incident Response | |
Title Comments Technical Level | |
File System Forensic Analysis The definitive resource for file system forensics Intermediate-Advanced | |
Forensic Discovery A foundational text of computer forensics by two of the earliest pioneers Intermediate | |
Real Digital Forensics A concise introduction to forensic processes Beginner-Intermediate | |
Windows Forensic Analysis, Second Edition This book, along with the 4th edition, are the best books available for Windows disk forensics Ranges from basic concepts to advanced analysis | |
Windows Forensic Analysis, Fourth Edition This book, along with the 2nd edition, are the best books available for Windows disk forensics Ranges from basic concepts to advanced analysis | |
Exploitation / Penetration Testing | |
Title Comments Technical Level | |
A Guide to Kernel Exploitation Advanced exploitation of a range of operating systems Advanced | |
Android Hacker's Handbook A deep dive into exploitation of Android systems Intermediate | |
The Hacker Playbook A step-by-step guide to breaking into modern networks with a wide array of techniques and tools Access to All | |
Hacking: The Art of Exploitation, 1st Edition A foundational work of low-level exploitation Intermediate | |
iOS Hacker's Handbook A deep dive into exploitation of iOS devices Intermediate-Advanced | |
The Mac Hacker's Handbook A deep dive into exploitation of Mac systems Intermediate-Advanced | |
Rtfm: Red Team Field Manual A concise, well written guide that should be in every penetration tester's travel bag Accessible to all people with a pen test background | |
The Shellcoder's Handbook Crafting shellcode and exploits Intermediate-Advanced | |
Linux Usage | |
Title Comments Technical Level | |
Linux in a Nutshell The best text to learn how to use Linux Beginner-Intermediate | |
Running Linux Another great text from which to learn Linux Beginner-Intermediate | |
Malware Development and Analysis | |
Note: Many of these books contain information related to Reverse Engineering | |
Title Comments Technical Level | |
The Art of Computer Virus Research and Defense A deep look at many facets of malware analysis Intermediate | |
Malware Analyst's Cookbook A "recipe" approach to many topics in malware analysis Intermediate-Advanced | |
Malware Forensics A well done introduction to malware analysis Beginner | |
Practical Malware Analysis A very approachable book to many topics in malware analysis Intermediate | |
Rootkits: Subverting the Windows Kernel A study of many rootkit techniques still in use today Intermediate-Advanced | |
The Rootkit Arsenal An 800 page epic of rootkit development and analysis Intermediate-Advanced | |
Memory Forensics | |
Title Comments Technical Level | |
The Art of Memory Forensics A 900 page exploration of memory forensics across the major operating systems. NOTE: I am a co-author of this book Ranges from introductory material to advanced analysis | |
What Makes It Page? A deep look into the Windows memory manager Intermediate-Advanced | |
Network Forensics | |
Title Comments Technical Level | |
The Practice of Network Security Monitoring Beyond just packet analysis to how to integrate network forensics into a real world environment Intermediate | |
Practical Packet Analysis An excellent resource for learning to identify and analyze network traffic Beginner-Intermediate | |
Wireshark (R) 101 A deep exploration of Wireshark Beginner-Intermediate | |
Networking | |
Title Comments Technical Level/th> | |
CCNA Cisco Certified Network Associate Study Guide A primer on real world networking and networks Intermediate | |
CompTIA Network+ All-In-One Exam Guide An essential book for those looking to learn networking Beginner | |
TCP/IP Illustrated The Bible of networking protocols. A must read Intermediate | |
Operating Systems Internals - Android | |
Title Comments Technical Level | |
Android Security Internals A deep look at Android from both the operating system internals and security perspective. Intermediate | |
Operating Systems Internals - General | |
Title Comments Technical Level | |
Intel Architecture Manuals Very well done documentation on the hardware architecture. Free to download Intermediate-Advanced | |
Modern Operating Systems The classic book from Tanenbaum Intermediate-Advanced | |
Operating System Concepts "The dinosaur book" of OS internals. Intermediate-Advanced | |
Operating Systems Internals - Linux | |
Title Comments Technical Level | |
Linux Device Drivers, 3rd Edition Best resource to learn Linux's driver architecture Intermediate-Advanced | |
Linux Kernel Development, 3rd Edition Rob Love on programming in the Linux kernel Intermediate-Advanced | |
The Linux Programming Interface Excellent book on programming the Linux environment Intermediate-Advanced | |
Understanding the Linux Kernel, Third Edition The equivalent of Windows Internals for Linux Intermediate-Advanced | |
Operating Systems Internals - Mac | |
Title Comments Technical Level | |
Mac OS X Internals: A Systems Approach Windows Internals for Mac Intermediate-Advanced | |
Mac OS X and iOS Internals Read this after reading Mac OS X Internals Intermediate-Advanced | |
Operating Systems Internals - Windows | |
Title Comments Skill Level | |
Windows Internals Read this book if you want to understand Windows Intermediate-Advanced | |
Windows System Programming (4th Edition) A step-by-step guide through the Windows API Intermediate | |
Programming - Concepts and Algorithms | |
Title Comments Technical Level | |
Compilers: Principles, Techniques, and Tools The famous dragon book on compilers Advanced - Don't read until you have a solid understanding of programming and runtime environments | |
Design Patterns Required reading for any serious programmer Intermediate | |
Linkers and Loaders Required reading for understanding program linking and runtime loading Intermediate | |
Programming - Language Specific | |
Note: The reason there are few books here is due to languages having amazing learning resources online | |
Title Comments Technical Level | |
Advanced Programming in the UNIX(R) Environment Deep exploration of programming related to Linux, Mac, and BSD Beginner-Intermediate | |
Black Hat Python Great book using Python for offensive security purposes Beginner-Intermediate | |
The C Programming Language, 2nd Edition "K and R" - required if you want to be proficient with C Intermediate-Advanced | |
Violent Python Learn Python programming and directly apply it to forensics and security Basic to advanced topics | |
Reverse Engineering | |
Title Comments Technical Level | |
Assembly Language Step-by-step The best resource to learn assembly. Later books focused on "high level" assembly as opposed to actual instructions Intermediate-Advanced | |
Hacker Disassembling Uncovered A great resource for advanced topics in reverse engineering Intermediate-Advanced | |
Hacking the Xbox A well written and fun book from which to learn reversing Intermediate | |
The IDA Pro Book The best resource to learn IDA Intermediate | |
Reversing: Secrets of Reverse Engineering One of my favorite books. A chapter is dedicated to reversing a Windows API back to C so perfectly that compiling it matches the hash of the Windows DLL Intermediate-Advanced | |
Practical Reverse Engineering Reversing across Intel and ARM Intermediate | |
Tradecraft - Digital | |
Title Comments Technical Level | |
Silence on the Wire lcamtuf's exploration of vulnerabilities and attacks that most people would never think of. Strongly recommended Beginner-Advanced | |
Tradecraft - Traditional | |
Note: I originally found several of these books from The Grugq's list | |
Title Comments Technical Level | |
Agent Storm Real life story of a European convert who joined Al Qaeda while working for the CIA Accessible to all | |
The Art of Intelligence Tradecraft and real-world analysis from Henry Crumpton Beginner-Intermediate | |
Black Banners Deep coverage of FBI tradecraft while investing the USS Cole bombings, 9/11, and other events in the Middle East Accessible to all | |
Chinese Intelligence Operations A well-written, deep study of Chinese intelligence services Advanced | |
The Main Enemy An incredibly detailed history of the CIA vs the KGB during the Cold War Accessible to All | |
See No Evil Tradecraft and lessons from a former CIA analyst in the Middle East Intermediate | |
Spy Handler: Memoir of a KGB Officer Written by the KGB officer whom handled Robert Hanssen and Aldrich Ames. A great text to learn real world tactics and techniques Beginner-Intermediate | |
Terrorism and Counterintelligence: How Terrorist Groups Elude Detection A deep examination of modern terrorist groups and counterintelligence use Intermediate | |
Thwarting Enemies at Home and Abroad: How to Be a Counterintelligence Officer Read this first - a textbook on how to be a counter intel officer along with terms, techniques, and tactics Beginner - make this your first book |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment