MUST READ HACKING BOOKS
MUST READ ETHICAL HACKING BOOKS with some descriptions
Hackers: Heroes of the Computer Revolution
Steven Levy
O’Reilly Media
Hackers: Heroes of the Computer Revolution is a must read for all hackers. The first edition was published in 1984, and this latest O’Reilly edition was published in 2010 with new content. Levy is one of my favorite nonfiction writers of all time, and he’s also the editor of WIRED Magazine. Levy’s book explores the history of hackers and hacking in great detail. He goes from the Tech Model Railroad Club and very large and very legacy timeshared computers on university campuses in the 1950s and 1960s, to Spacewar!, one of the earliest video games. Then he goes into the 1970s with Steve Wozniak and the Homebrew Computer Club, to Woz and Steve Jobs founding Apple, and Bill Gates and Paul Allen founding Microsoft. The book even goes into the rise of PC games through the 1980s. All throughout, Levy writes about the Hacker Ethic, and hacker culture in general. If you want to understand why hackers are the good guys and how we got to where we are now, this book is one of the best ways to learn.
Alice and Bob Learn Application Security
Tanya Janca
Wiley Tech
Tanya Janca is one of the world’s top application security experts, and she spends a lot of her time going from convention to convention giving talks on the topic. I know this not only because I’ve been to some of her talks, but also because she’s my friend. She spent a lot of time working for Microsoft before she decided to start her own business, We Hack Purple. And the cover of Tanya’s book is purple, and she identifies as a purple team hacker because she thinks offensively and defensively equally. But all the knowledge and experience in the world don’t matter much if you can’t teach stuff to newbies. Fortunately, Tanya is great at that, and this is an excellent book for total newcomers to the application security field. And as you learn about application security, Alice and Bob are learning too. You’re not alone!
The Cathedral & The Bazaar
Eric S. Raymond
O’Reilly Media
Open source software is the backbone of modern computing. A lot of my favorite applications, from Mozilla Firefox to LibreOffice, are open source. A lot of commercial software also has some open source code. A large percentage of code, from consumer endpoints, to hardware drivers, to firmware, to internet servers is open source. And this website is being delivered to you through a lot of different open web and internet technological standards. Even if you’ve never used Linux on the desktop, you can’t escape open source. If it weren’t for open source, our computers and the internet would look very different today. Raymond’s book is the definitive tome of the history of open source software, and some of the friction open source has caused with the developers of closed source proprietary software. Open source software is also a major feature of hacker culture, so definitely check out Raymond’s classic book.
Penetration Testing: A Hands-On Introduction to Hacking
Georgia Weidman
No Starch Press
Georgia Weidman is one of the top penetration testing experts out there. She’s also my friend. If you’re using Hack The Box’s hacker education platform, it’s highly likely the you’re either a pentester or you want to be a pentester. Weidman’s book explains some of the basics of simulating cyber attacks so your clients can learn how they can improve their security. She covers many of the applications that are featured in Pwnbox and Parrot OS, such as Wireshark, Burp Suite, and Nmap. And she explains the methodology behind pentesting in a way that’s accessible to total newcomers. Definitely check this one out.
The Pentester Blueprint
Phillip L. Wylie and Kim Crawley
Wiley Tech
Here’s another must read for newcomers to pentesting. How the heck do I review my own book? Well, the one I wrote with pentester extraordinaire Phil Wylie? I’ll do my best, I suppose. This book was actually Phil’s idea. For the past few years, he’s been giving his Pentester Blueprint talks at various cybersecurity events. His talk is all about the Hacker Mindset and how to succeed in your pentesting career. When he started writing this book inspired by his talks, he found that he needed a collaborator. So he asked me. I was honored. Our collaboration was a smashing success. We ended up each having written about half the book. The parts he wrote and the parts I wrote might not be obvious. Phil wrote the parts which reflect his Pentester Blueprint curriculum, and I wrote the complimentary content such as the basics of cybersecurity. If you’re curious about pentesting careers and don’t know where to start, this book is for you. We wrote it to be newcomer friendly. As you read our book, you can enjoy Hack The Box’s educational platform and fully immerse yourself in the professional hacking experience!
Social Engineering: The Science of Human Hacking
Christopher Hadnagy
Wiley Tech
Most cyber attacks involve social engineering at some point or another. Social engineering is all about fooling human beings, and Hadnagy’s book explores the topic in great detail. Social engineering shows how human psychology is such an important part of cybersecurity. Learn all about phishing, Trojans, and asking people for authentication credentials and other sensitive information that you’re not entitled to have. Not only will this book make you a better pentester, but you’ll also learn how to resist being socially engineered yourself. And contrary to popular belief, cybersecurity professionals and other types of hackers do indeed succumb to social engineering! Even I can be fooled. So don’t get overconfident and make sure to think critically.
8 Steps to Better Security: A Simple Cyber Resilience Guide for Business
Kim Crawley
Wiley Tech
Here’s an upcoming book that’s designed to show businesses why they should care about cybersecurity and how they can implement it. I wrote this one all by myself this time. As you become a professional hacker, you will have business clients. So my book can also teach you more about the corporate side of cybersecurity. 8 Steps will be published in a few monthst, but you can pre-order it now. Each of my 8 Steps covers a component of how to improve a business’ cybersecurity, from hiring the right team, to cybersecurity frameworks and incident response, to all kinds of security testing (including pentesting), to building redundancy and resilience in a corporate computer network in the cloud and o.
Bonus:
RTFM (A Cheatsheet )
So there’s a lot of good stuff for hackers to read.
Comments
Post a Comment