Books

A list of books I have read and recommend

 

Hacking the Art of Exploitation 2nd Edition

Hacking the Art of Exploitation

 

This is a book that begins with an intro that gets your mind into the hacker spirit and then jumps straight into getting your hands dirty. If you read this book and do all the exercises you will learn the fundamentals of assembly code, C,  basic exploit writing, and shellcode. You will also get a dose of network programming and crypto. This book can be challenging to digest but leave you prepared to move on to more complex topics.

 

 

 

 

 

 

 

 

The Shellcoders Handbook 2nd Edition

The Shellcoders Handbook 2nd Edition

 

This book takes what you learned from Hacking the Art of Exploitation shown above and adds a few new elements. These 2 books complement each other nicely and I think reading this book second can help you keep growing your skills in exploit development. In this book you will learn more about fuzzing, ASLR bypass, and other types of overflow attacks. This will strengthen your overall vulnerability identification and exploit development abilities.

 

 

 

 

 

 

 

 

Web Application Hackers Handbook 2nd Edition

Web Application Hackers Handbook 2nd edition

 

If you want to get a much deeper understanding of web application technologies and testing this is the book for you. It goes in depth on many topics from XSS, SQLi, CRSF, client side attacks, attacking authentication, and using Burpe suite to manually test for vulnerabilities.

 

 

 

 

 

 

 

 

 

Metasploit – The Penetration Tester’s Guide

Metasploit - The Penetration Tester's Guide

 

This book starts from the fundamentals and goes all the way to developing your own modules in Metasploit the penetration testing framework. You can use these skills to identify vulnerabilities and conduct an organized penetration test. You really can’t lose with this book

 

 

 

 

 

 

 

 

 

Black Hat Python – Python Programming for Hackers and Pentesters

Black Hat Python

 

I’m a huge fan of this book. Scripting is a huge must for all penetration testers in my opinion and this book can take somebody with a decent set of Python skills and turn them into a truly versatile Offensive Python coder.

 

 

 

 

 

 

 

 

 

 

Violent Python

Violent Python

 

This book starts out a little more fundamental and works you into coding full fledged port scanners, zip file crackers, and AV evasion techniques. I recommend reading this book before Black Hat Python to build up the skills you need for more advanced scripts.

 

 

 

 

 

 

 

 

 

Social Engineering – The Art of Human Hacking

The Art of Human Hacking

 

Social Engineering is a must have in you repertoire of techniques to gain access to networks and as they say the human is the weakest link in the chain. This book takes your through an extensive range of methods to explore the element of hacking the human.