Hackers Handbook Series and Penetration Testing Books


§ The Art of Exploitation by Jon Erickson, 2008
§ Metasploit: The Penetration Tester’s Guide by David Kennedy and others, 2011
§ Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014
§ Rtfm: Red Team Field Manual by Ben Clark, 2014
§ The Hacker Playbook by Peter Kim, 2014
§ The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013
§ Professional Penetration Testing by Thomas Wilhelm, 2013
§ Advanced Penetration Testing for Highly-Secured Environments by Lee Allen,2012
§ Violent Python by TJ O’Connor, 2012
§ Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton, Adam Greene, Pedram Amini, 2007
§ Black Hat Python: Python Programming for Hackers and Pentesters, 2014
§ Penetration Testing: Procedures & Methodologies (EC-Council Press),2010

Hackers Handbook Series

§ The Shellcoders Handbook by Chris Anley and others, 2007
§ The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011
§ iOS Hackers Handbook by Charlie Miller and others, 2012
§ Android Hackers Handbook by Joshua J. Drake and others, 2014
§ The Browser Hackers Handbook by Wade Alcorn and others, 2014
§ The Mobile Application Hackers Handbook by Dominic Chell and others, 2015

Network Analysis Books

§ Nmap Network Scanning by Gordon Fyodor Lyon, 2009
§ Practical Packet Analysis by Chris Sanders, 2011
§ Wireshark Network Analysis by by Laura Chappell, Gerald Combs, 2012

Reverse Engineering Books

§ Reverse Engineering for Beginners by Dennis Yurichev (free!)
§ The IDA Pro Book by Chris Eagle, 2011
§ Practical Reverse Engineering by Bruce Dang and others, 2014
§ Reverse Engineering for Beginners

Malware Analysis Books

§ Practical Malware Analysis by Michael Sikorski, Andrew Honig, 2012
§ The Art of Memory Forensics by Michael Hale Ligh and others, 2014
§ Malware Analyst’s Cookbook and DVD by Michael Hale Ligh and others, 2010

Windows Books

§ Windows Internals by Mark Russinovich, David Solomon, Alex Ionescu

Social Engineering Books

§ The Art of Deception by Kevin D. Mitnick, William L. Simon, 2002
§ The Art of Intrusion by Kevin D. Mitnick, William L. Simon, 2005
§ Ghost in the Wires by Kevin D. Mitnick, William L. Simon, 2011
§ No Tech Hacking by Johnny Long, Jack Wiles, 2008
§ Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010
§ Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014
§ Social Engineering in IT Security: Tools, Tactics, and Techniques by Sharon Conheady, 2014

Lock Picking Books

§ Practical Lock Picking by Deviant Ollam, 2012
§ Keys to the Kingdom by Deviant Ollam, 2012
§ CIA Lock Picking Field Operative Training Manual
§ Lock Picking: Detail Overkill by Solomon
§ Eddie the Wire books

Vulnerability Databases

§ NVD – US National Vulnerability Database
§ CERT – US Computer Emergency Readiness Team
§ OSVDB – Open Sourced Vulnerability Database
§ Bugtraq – Symantec SecurityFocus
§ Exploit-DB – Offensive Security Exploit Database
§ Fulldisclosure – Full Disclosure Mailing List
§ MS Bulletin – Microsoft Security Bulletin
§ MS Advisory – Microsoft Security Advisories
§ Inj3ct0r – Inj3ct0r Exploit Database
§ Packet Storm – Packet Storm Global Security Resource
§ SecuriTeam – Securiteam Vulnerability Information
§ CXSecurity – CSSecurity Bugtraq List
§ Vulnerability Laboratory – Vulnerability Research Laboratory
§ ZDI – Zero Day Initiative