Recommended Reading for Starting Cybersecurity
This page lists books that I have found to be highly relevant and useful for learning topics within computer security, digital forensics, incident response, malware analysis, and reverse engineering, and other related topics. These books range from introductory texts to advanced research works. While some of these books may seem dated, the information contained is still very useful to people learning today, and much of the information is essential to becoming proficient in the information security realm.
Please note that, in order to avoid ranking individual books, each category is listed in alphabetical order and each book is listed in alphabetical order within its category.
If you notice any errors with this page or have books that you think should be listed then please contact me. I will only list books that I have personally read and for which I am willing to vouch.
Application Security - Native
Title | Comments | Technical Level |
---|---|---|
The Art of Software Security Assessment | The Bible of source code auditing | Intermediate-Advanced. Ability to read C/C++ required to get full value. |
Secure Coding in C and C++ | Arguably the best text for writing secure low-level code | Accessible to all that can read/write C and C++ |
Application Security - Web
Title | Comments | Technical Level |
---|---|---|
The Browser Hacker's Handbook | Written by the authors of BeEF. A detailed look into many web security topics | Covers basic through advanced topics |
The Database Hacker's Handbook | The most detailed book available for attacking databases | Covers basic through advanced topics |
The Tangled Web | A detailed look at the foundations of web protocols followed by a thorough examination of their weakness. Highly, highly recommended | Accessible to all. The beginning chapters cover background needed for later advanced topics |
The Web Application Hacker's Handbook | Covers a wide range of web security issues | Intermediate |
Cryptography
Title | Comments | Technical Level |
---|---|---|
Cryptography Engineering | The (updated) standard for learning cryptography | Ranges from background and introduction to deep algorithms and security considerations |
Introduction to Modern Cryptography | A well-done, formal look at cryptography. Used in many graduate level computer science programs | Advanced - full understanding requires deep mathematical knowledge |
Database Forensics
Title | Comments | Technical Level |
---|---|---|
Microsoft SQL Server Internals | Examination of MSSQL akin to the OS-level examination of Windows Internals | Intermediate - learn database basics before reading |
SQL Server Forensic Analysis | A deep look at forensic analysis of MSSQL Systems | Intermediate - learn database basics before reading |
Digital Forensics and Incident Response
Title | Comments | Technical Level |
---|---|---|
File System Forensic Analysis | The definitive resource for file system forensics | Intermediate-Advanced |
Forensic Discovery | A foundational text of computer forensics by two of the earliest pioneers | Intermediate |
Real Digital Forensics | A concise introduction to forensic processes | Beginner-Intermediate |
Windows Forensic Analysis, Second Edition | This book, along with the 4th edition, are the best books available for Windows disk forensics | Ranges from basic concepts to advanced analysis |
Windows Forensic Analysis, Fourth Edition | This book, along with the 2nd edition, are the best books available for Windows disk forensics | Ranges from basic concepts to advanced analysis |
Exploitation / Penetration Testing
Title | Comments | Technical Level |
---|---|---|
A Guide to Kernel Exploitation | Advanced exploitation of a range of operating systems | Advanced |
Android Hacker's Handbook | A deep dive into exploitation of Android systems | Intermediate |
The Hacker Playbook | A step-by-step guide to breaking into modern networks with a wide array of techniques and tools | Access to All |
Hacking: The Art of Exploitation, 1st Edition | A foundational work of low-level exploitation | Intermediate |
iOS Hacker's Handbook | A deep dive into exploitation of iOS devices | Intermediate-Advanced |
The Mac Hacker's Handbook | A deep dive into exploitation of Mac systems | Intermediate-Advanced |
Rtfm: Red Team Field Manual | A concise, well written guide that should be in every penetration tester's travel bag | Accessible to all people with a pen test background |
The Shellcoder's Handbook | Crafting shellcode and exploits | Intermediate-Advanced |
Linux Usage
Title | Comments | Technical Level |
---|---|---|
Linux in a Nutshell | The best text to learn how to use Linux | Beginner-Intermediate |
Running Linux | Another great text from which to learn Linux | Beginner-Intermediate |
Malware Development and Analysis
Note: Many of these books contain information related to Reverse Engineering
Title | Comments | Technical Level |
---|---|---|
The Art of Computer Virus Research and Defense | A deep look at many facets of malware analysis | Intermediate |
Malware Analyst's Cookbook | A "recipe" approach to many topics in malware analysis | Intermediate-Advanced |
Malware Forensics | A well done introduction to malware analysis | Beginner |
Practical Malware Analysis | A very approachable book to many topics in malware analysis | Intermediate |
Rootkits: Subverting the Windows Kernel | A study of many rootkit techniques still in use today | Intermediate-Advanced |
The Rootkit Arsenal | An 800 page epic of rootkit development and analysis | Intermediate-Advanced |
Memory Forensics
Title | Comments | Technical Level |
---|---|---|
The Art of Memory Forensics | A 900 page exploration of memory forensics across the major operating systems. NOTE: I am a co-author of this book | Ranges from introductory material to advanced analysis |
What Makes It Page? | A deep look into the Windows memory manager | Intermediate-Advanced |
Network Forensics
Title | Comments | Technical Level |
---|---|---|
The Practice of Network Security Monitoring | Beyond just packet analysis to how to integrate network forensics into a real world environment | Intermediate |
Practical Packet Analysis | An excellent resource for learning to identify and analyze network traffic | Beginner-Intermediate |
Wireshark (R) 101 | A deep exploration of Wireshark | Beginner-Intermediate |
Networking
Title | Comments | Technical Level/th> |
---|---|---|
CCNA Cisco Certified Network Associate Study Guide | A primer on real world networking and networks | Intermediate |
CompTIA Network+ All-In-One Exam Guide | An essential book for those looking to learn networking | Beginner |
TCP/IP Illustrated | The Bible of networking protocols. A must read | Intermediate |
Operating Systems Internals - Android
Title | Comments | Technical Level |
---|---|---|
Android Security Internals | A deep look at Android from both the operating system internals and security perspective. | Intermediate |
Operating Systems Internals - General
Title | Comments | Technical Level |
---|---|---|
Intel Architecture Manuals | Very well done documentation on the hardware architecture. Free to download | Intermediate-Advanced |
Modern Operating Systems | The classic book from Tanenbaum | Intermediate-Advanced |
Operating System Concepts | "The dinosaur book" of OS internals. | Intermediate-Advanced |
Operating Systems Internals - Linux
Title | Comments | Technical Level |
---|---|---|
Linux Device Drivers, 3rd Edition | Best resource to learn Linux's driver architecture | Intermediate-Advanced |
Linux Kernel Development, 3rd Edition | Rob Love on programming in the Linux kernel | Intermediate-Advanced |
The Linux Programming Interface | Excellent book on programming the Linux environment | Intermediate-Advanced |
Understanding the Linux Kernel, Third Edition | The equivalent of Windows Internals for Linux | Intermediate-Advanced |
Operating Systems Internals - Mac
Title | Comments | Technical Level |
---|---|---|
Mac OS X Internals: A Systems Approach | Windows Internals for Mac | Intermediate-Advanced |
Mac OS X and iOS Internals | Read this after reading Mac OS X Internals | Intermediate-Advanced |
Operating Systems Internals - Windows
Title | Comments | Skill Level |
---|---|---|
Windows Internals | Read this book if you want to understand Windows | Intermediate-Advanced |
Windows System Programming (4th Edition) | A step-by-step guide through the Windows API | Intermediate |
Programming - Concepts and Algorithms
Title | Comments | Technical Level |
---|---|---|
Compilers: Principles, Techniques, and Tools | The famous dragon book on compilers | Advanced - Don't read until you have a solid understanding of programming and runtime environments |
Design Patterns | Required reading for any serious programmer | Intermediate |
Linkers and Loaders | Required reading for understanding program linking and runtime loading | Intermediate |
Programming - Language Specific
Note: The reason there are few books here is due to languages having amazing learning resources online
Title | Comments | Technical Level |
---|---|---|
Advanced Programming in the UNIX(R) Environment | Deep exploration of programming related to Linux, Mac, and BSD | Beginner-Intermediate |
Black Hat Python | Great book using Python for offensive security purposes | Beginner-Intermediate |
The C Programming Language, 2nd Edition | "K and R" - required if you want to be proficient with C | Intermediate-Advanced |
Violent Python | Learn Python programming and directly apply it to forensics and security | Basic to advanced topics |
Reverse Engineering
Title | Comments | Technical Level |
---|---|---|
Assembly Language Step-by-step | The best resource to learn assembly. Later books focused on "high level" assembly as opposed to actual instructions | Intermediate-Advanced |
Hacker Disassembling Uncovered | A great resource for advanced topics in reverse engineering | Intermediate-Advanced |
Hacking the Xbox | A well written and fun book from which to learn reversing | Intermediate |
The IDA Pro Book | The best resource to learn IDA | Intermediate |
Reversing: Secrets of Reverse Engineering | One of my favorite books. A chapter is dedicated to reversing a Windows API back to C so perfectly that compiling it matches the hash of the Windows DLL | Intermediate-Advanced |
Practical Reverse Engineering | Reversing across Intel and ARM | Intermediate |
Tradecraft - Digital
Title | Comments | Technical Level |
---|---|---|
Silence on the Wire | lcamtuf's exploration of vulnerabilities and attacks that most people would never think of. Strongly recommended | Beginner-Advanced |
Tradecraft - Traditional
Note: I originally found several of these books from The Grugq's list
Title | Comments | Technical Level |
---|---|---|
Agent Storm | Real life story of a European convert who joined Al Qaeda while working for the CIA | Accessible to all |
The Art of Intelligence | Tradecraft and real-world analysis from Henry Crumpton | Beginner-Intermediate |
Black Banners | Deep coverage of FBI tradecraft while investing the USS Cole bombings, 9/11, and other events in the Middle East | Accessible to all |
Chinese Intelligence Operations | A well-written, deep study of Chinese intelligence services | Advanced |
The Main Enemy | An incredibly detailed history of the CIA vs the KGB during the Cold War | Accessible to All |
Nine Lives: My time as the West's top spy inside al-Qaeda Hardcover | The story of an Al-Qaeda member who became Britain's most important spy in the Middle East | Accessible to All |
See No Evil | Tradecraft and lessons from a former CIA analyst in the Middle East | Intermediate |
Spy Handler: Memoir of a KGB Officer | Written by the KGB officer whom handled Robert Hanssen and Aldrich Ames. A great text to learn real world tactics and techniques | Beginner-Intermediate |
Terrorism and Counterintelligence: How Terrorist Groups Elude Detection | A deep examination of modern terrorist groups and counterintelligence use | Intermediate |
Thwarting Enemies at Home and Abroad: How to Be a Counterintelligence Officer | Read this first - a textbook on how to be a counter intel officer along with terms, techniques, and tactics | Beginner - make this your first book |